Tetrate Service Bridge API (1.5.x)

Download OpenAPI specification:Download

URL: https://www.tetrate.io/tetrate-service-bridge/

Tetrate Service Bridge API.

OAuth

OIDC

Callback endpoint for OAuth2 Authorization Code grant flows as part of the OIDC spec.

query Parameters

code	string OAuth2 Authorization Code. When present this indicates the user authorized the request. TSB will use this code to acquire a token from the OIDC token endpoint and complete the login flow.
error	string OAuth2 Error Code. When present this indicates that either the authorization request has an error, the OIDC provider encountered an error or the user failed to log in. When set TSB will display information to the user indicating what went wrong. Standard error codes can be found found here. https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2.1 https://openid.net/specs/openid-connect-core-1_0.html#AuthError
state required	string The state parameter sent to the OIDC provider on the authorization request.
errorDescription	string Optional error description sent by the OIDC provider when an error occurs.
errorUri	string Optional error URI of a web page that includes additional information about the error.

Responses

Response samples

200
default

Content type

application/json

{ }

Login endpoint to start an OIDC Authentication flow.

query Parameters

redirectUri

string

URl where the user will be redirected when the authentication flow completes.

Responses

Response samples

200
default

Content type

application/json

{ }

Applications

List all existing applications for the given tenant.

path Parameters

organization required	string Organization name.
tenant required	string Tenant name.

Responses

Response samples

200
default

Content type

application/json

{"applications": [{"fqn": "string",
"displayName": "string",
"etag": "string",
"description": "string",
"workspace": "string",
"namespaceSelector": {"names": ["string"
]
},
"gatewayGroup": "string",
"services": ["string"
],
"configResources": [{"fqn": "string",
"expectedEtag": "string",
"exclusivelyOwned": true
}
]
}
]
}

Creates a new Application in TSB.

path Parameters

organization required	string Organization name.
tenant required	string Tenant name.

Request Body schema: application/json

required	object (v2Application) An Application represents a set of logical groupings of services that are related to each other and expose a set of APIs that implement a complete set of business logic.
name required	string The short name for the resource to be created.

Responses

Request samples

Payload

Content type

application/json

{"application": {"displayName": "string",
"etag": "string",
"description": "string",
"workspace": "string",
"namespaceSelector": {"names": ["string"
]
},
"gatewayGroup": "string",
"services": ["string"
]
},
"name": "string"
}

Response samples

200
default

Content type

application/json

{"fqn": "string",
"displayName": "string",
"etag": "string",
"description": "string",
"workspace": "string",
"namespaceSelector": {"names": ["string"
]
},
"gatewayGroup": "string",
"services": ["string"
],
"configResources": [{"fqn": "string",
"expectedEtag": "string",
"exclusivelyOwned": true
}
]
}

Get the details of an existing application.

path Parameters

organization required	string Organization name.
tenant required	string Tenant name.
application required	string Application name.

Responses

Response samples

200
default

Content type

application/json

{"fqn": "string",
"displayName": "string",
"etag": "string",
"description": "string",
"workspace": "string",
"namespaceSelector": {"names": ["string"
]
},
"gatewayGroup": "string",
"services": ["string"
],
"configResources": [{"fqn": "string",
"expectedEtag": "string",
"exclusivelyOwned": true
}
]
}

Modify an existing application.

path Parameters

organization required	string Organization name.
tenant required	string Tenant name.
application required	string Application name.

Request Body schema: application/json

description	string (A description of the resource. $hide_from_yaml)
displayName	string (User friendly name for the resource. $hide_from_yaml)
etag	string (The etag for the resource. This field is automatically computed and must be sent on every update to the resource to prevent concurrent modifications. $hide_from_yaml)
gatewayGroup	string Optional FQN of the Gateway Group to be used by the application. If configured, this gateway group will be used by the application. If no namespaces are configured and no existing gateway group is set, a new gateway group claiming all namespaces in the workspace (`/`) will be created by default. All Ingress Gateway resources created for the APIs attached to the application will be created in the application's gateway group.
	object (`NamespaceSelector` selects a set of namespaces across one or more clusters in a tenant. Namespace selectors can be used at Workspace level to carve out a chunk of resources under a tenant into an isolated configuration domain. They can be used in a Traffic, Security, or a Gateway group to further scope the set of namespaces that will belong to a specific configuration group. Names in namespaces selector must be in the form `cluster/namespace` where: - cluster must be a cluster name or an `` to mean all clusters - namespace must be a namespace name, an `` to mean all namespaces or a prefix like `ns-*` to mean all those namespaces starting by `ns-`)
services	Array of strings Optional list of services that are part of the application. This is a list of FQNs of services in the service registry. If omitted, the application is assumed to own all the services in the workspace. Note that a service can only be part of one application. If any of the services in the list is already in use by an existing application, application creation/modification will fail. If the list of services is not explicitly set and any service in the workspace is already in use by by another application, application creation/modification will fail.
workspace required	string FQN of the workspace this application is part of. The application will configure IngressGateways for the attached APIs in the different namespaces exposed by this workspace.

Responses

Request samples

Payload

Content type

application/json

{"description": "string",
"displayName": "string",
"etag": "string",
"gatewayGroup": "string",
"namespaceSelector": {"names": ["string"
]
},
"services": ["string"
],
"workspace": "string"
}

Response samples

200
default

Content type

application/json

{"fqn": "string",
"displayName": "string",
"etag": "string",
"description": "string",
"workspace": "string",
"namespaceSelector": {"names": ["string"
]
},
"gatewayGroup": "string",
"services": ["string"
],
"configResources": [{"fqn": "string",
"expectedEtag": "string",
"exclusivelyOwned": true
}
]
}

Delete an existing Application. Note that deleting resources in TSB is a recursive operation. Deleting a application will delete all API objects that exist in it.

path Parameters

organization required	string Organization name.
tenant required	string Tenant name.
application required	string Application name.

Responses

Response samples

200
default

Content type

application/json

{ }

List all APIs attached to the given application.

path Parameters

organization required	string Organization name.
tenant required	string Tenant name.
application required	string Application name.

Responses

Response samples

200
default

Content type

application/json

{"apis": [{"fqn": "string",
"displayName": "string",
"etag": "string",
"description": "string",
"openapi": "string",
"workloadSelector": {"namespace": "string",
"labels": {"property1": "string",
"property2": "string"
}
},
"servers": [{"name": "string",
"port": 0,
"hostname": "string",
"tls": {"mode": "DISABLED",
"secretName": "string",
"files": {"serverCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
}
},
"xxxOldAuthentication": {"jwt": {"issuer": "string",
"audiences": ["string"
],
"jwksUri": "string",
"jwks": "string"
}
},
"authentication": {"jwt": {"issuer": "string",
"audiences": ["string"
],
"jwksUri": "string",
"jwks": "string"
}
},
"xxxOldAuthorization": {"external": {"uri": "string",
"includeRequestHeaders": ["string"
]
},
"local": {"rules": [{"name": "string",
"from": [null
],
"to": [null
]
}
]
}
},
"authorization": {"external": {"uri": "string",
"includeRequestHeaders": ["string"
],
"tls": {"mode": "DISABLED",
"files": {"clientCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
},
"subjectAltNames": ["string"
]
}
},
"local": {"rules": [{"name": "string",
"from": [null
],
"to": [null
]
}
]
}
},
"routing": {"corsPolicy": {"allowOrigin": ["string"
],
"allowMethods": ["string"
],
"allowHeaders": ["string"
],
"exposeHeaders": ["string"
],
"maxAge": "string",
"allowCredentials": true
},
"rules": [{"match": [{"uri": null,
"headers": { }
}
],
"modify": {"rewrite": {"uri": null,
"authority": null
},
"headers": {"request": null,
"response": null
}
},
"route": {"host": "string",
"port": 0
},
"redirect": {"uri": "string",
"authority": "string",
"redirectCode": 0,
"port": 0,
"scheme": "string"
}
}
]
},
"rateLimiting": {"settings": {"rules": [{"dimensions": [null
],
"limit": {"requestsPerUnit": null,
"unit": null
}
}
],
"failClosed": true,
"timeout": "string"
},
"externalService": {"domain": "string",
"failClosed": true,
"rateLimitServerUri": "string",
"rules": [{"dimensions": [null
]
}
],
"timeout": "string",
"tls": {"mode": "DISABLED",
"files": {"clientCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
},
"subjectAltNames": ["string"
]
}
}
}
}
],
"endpoints": [{"path": "string",
"methods": ["string"
],
"hostnames": ["string"
],
"service": "string"
}
],
"configResources": [{"fqn": "string",
"expectedEtag": "string",
"exclusivelyOwned": true
}
]
}
]
}

Attach a new API to the given application.

path Parameters

organization required	string Organization name.
tenant required	string Tenant name.
application required	string Application name.

Request Body schema: application/json

required	object (v2API) An API configuring a set of servers and endpoints that expose the Application business logic.
name required	string The short name for the resource to be created.

Responses

Request samples

Payload

Content type

application/json

{"api": {"displayName": "string",
"etag": "string",
"description": "string",
"openapi": "string",
"workloadSelector": {"namespace": "string",
"labels": {"property1": "string",
"property2": "string"
}
}
},
"name": "string"
}

Response samples

200
default

Content type

application/json

{"fqn": "string",
"displayName": "string",
"etag": "string",
"description": "string",
"openapi": "string",
"workloadSelector": {"namespace": "string",
"labels": {"property1": "string",
"property2": "string"
}
},
"servers": [{"name": "string",
"port": 0,
"hostname": "string",
"tls": {"mode": "DISABLED",
"secretName": "string",
"files": {"serverCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
}
},
"xxxOldAuthentication": {"jwt": {"issuer": "string",
"audiences": ["string"
],
"jwksUri": "string",
"jwks": "string"
}
},
"authentication": {"jwt": {"issuer": "string",
"audiences": ["string"
],
"jwksUri": "string",
"jwks": "string"
}
},
"xxxOldAuthorization": {"external": {"uri": "string",
"includeRequestHeaders": ["string"
]
},
"local": {"rules": [{"name": "string",
"from": [{"jwt": {"iss": null,
"sub": null,
"other": { }
}
}
],
"to": [{"paths": [null
],
"methods": [null
]
}
]
}
]
}
},
"authorization": {"external": {"uri": "string",
"includeRequestHeaders": ["string"
],
"tls": {"mode": "DISABLED",
"files": {"clientCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
},
"subjectAltNames": ["string"
]
}
},
"local": {"rules": [{"name": "string",
"from": [{"jwt": {"iss": null,
"sub": null,
"other": { }
}
}
],
"to": [{"paths": [null
],
"methods": [null
]
}
]
}
]
}
},
"routing": {"corsPolicy": {"allowOrigin": ["string"
],
"allowMethods": ["string"
],
"allowHeaders": ["string"
],
"exposeHeaders": ["string"
],
"maxAge": "string",
"allowCredentials": true
},
"rules": [{"match": [{"uri": {"exact": "string",
"prefix": "string",
"regex": "string"
},
"headers": {"property1": {"exact": null,
"prefix": null,
"regex": null
},
"property2": {"exact": null,
"prefix": null,
"regex": null
}
}
}
],
"modify": {"rewrite": {"uri": "string",
"authority": "string"
},
"headers": {"request": {"set": {"property1": null,
"property2": null
},
"add": {"property1": null,
"property2": null
},
"remove": [null
]
},
"response": {"set": {"property1": null,
"property2": null
},
"add": {"property1": null,
"property2": null
},
"remove": [null
]
}
}
},
"route": {"host": "string",
"port": 0
},
"redirect": {"uri": "string",
"authority": "string",
"redirectCode": 0,
"port": 0,
"scheme": "string"
}
}
]
},
"rateLimiting": {"settings": {"rules": [{"dimensions": [{"remoteAddress": {"value": null
},
"header": {"name": null,
"value": null
}
}
],
"limit": {"requestsPerUnit": 0,
"unit": "UNKNOWN"
}
}
],
"failClosed": true,
"timeout": "string"
},
"externalService": {"domain": "string",
"failClosed": true,
"rateLimitServerUri": "string",
"rules": [{"dimensions": [{"sourceCluster": { },
"destinationCluster": { },
"remoteAddress": { },
"requestHeaders": {"headerName": null,
"descriptorKey": null
},
"headerValueMatch": {"headers": { },
"descriptorValue": null
}
}
]
}
],
"timeout": "string",
"tls": {"mode": "DISABLED",
"files": {"clientCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
},
"subjectAltNames": ["string"
]
}
}
}
}
],
"endpoints": [{"path": "string",
"methods": ["string"
],
"hostnames": ["string"
],
"service": "string"
}
],
"configResources": [{"fqn": "string",
"expectedEtag": "string",
"exclusivelyOwned": true
}
]
}

Get the details of an API.

path Parameters

organization required	string Organization name.
tenant required	string Tenant name.
application required	string Application name.
api required	string Api name.

Responses

Response samples

200
default

Content type

application/json

{"fqn": "string",
"displayName": "string",
"etag": "string",
"description": "string",
"openapi": "string",
"workloadSelector": {"namespace": "string",
"labels": {"property1": "string",
"property2": "string"
}
},
"servers": [{"name": "string",
"port": 0,
"hostname": "string",
"tls": {"mode": "DISABLED",
"secretName": "string",
"files": {"serverCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
}
},
"xxxOldAuthentication": {"jwt": {"issuer": "string",
"audiences": ["string"
],
"jwksUri": "string",
"jwks": "string"
}
},
"authentication": {"jwt": {"issuer": "string",
"audiences": ["string"
],
"jwksUri": "string",
"jwks": "string"
}
},
"xxxOldAuthorization": {"external": {"uri": "string",
"includeRequestHeaders": ["string"
]
},
"local": {"rules": [{"name": "string",
"from": [{"jwt": {"iss": null,
"sub": null,
"other": { }
}
}
],
"to": [{"paths": [null
],
"methods": [null
]
}
]
}
]
}
},
"authorization": {"external": {"uri": "string",
"includeRequestHeaders": ["string"
],
"tls": {"mode": "DISABLED",
"files": {"clientCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
},
"subjectAltNames": ["string"
]
}
},
"local": {"rules": [{"name": "string",
"from": [{"jwt": {"iss": null,
"sub": null,
"other": { }
}
}
],
"to": [{"paths": [null
],
"methods": [null
]
}
]
}
]
}
},
"routing": {"corsPolicy": {"allowOrigin": ["string"
],
"allowMethods": ["string"
],
"allowHeaders": ["string"
],
"exposeHeaders": ["string"
],
"maxAge": "string",
"allowCredentials": true
},
"rules": [{"match": [{"uri": {"exact": "string",
"prefix": "string",
"regex": "string"
},
"headers": {"property1": {"exact": null,
"prefix": null,
"regex": null
},
"property2": {"exact": null,
"prefix": null,
"regex": null
}
}
}
],
"modify": {"rewrite": {"uri": "string",
"authority": "string"
},
"headers": {"request": {"set": {"property1": null,
"property2": null
},
"add": {"property1": null,
"property2": null
},
"remove": [null
]
},
"response": {"set": {"property1": null,
"property2": null
},
"add": {"property1": null,
"property2": null
},
"remove": [null
]
}
}
},
"route": {"host": "string",
"port": 0
},
"redirect": {"uri": "string",
"authority": "string",
"redirectCode": 0,
"port": 0,
"scheme": "string"
}
}
]
},
"rateLimiting": {"settings": {"rules": [{"dimensions": [{"remoteAddress": {"value": null
},
"header": {"name": null,
"value": null
}
}
],
"limit": {"requestsPerUnit": 0,
"unit": "UNKNOWN"
}
}
],
"failClosed": true,
"timeout": "string"
},
"externalService": {"domain": "string",
"failClosed": true,
"rateLimitServerUri": "string",
"rules": [{"dimensions": [{"sourceCluster": { },
"destinationCluster": { },
"remoteAddress": { },
"requestHeaders": {"headerName": null,
"descriptorKey": null
},
"headerValueMatch": {"headers": { },
"descriptorValue": null
}
}
]
}
],
"timeout": "string",
"tls": {"mode": "DISABLED",
"files": {"clientCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
},
"subjectAltNames": ["string"
]
}
}
}
}
],
"endpoints": [{"path": "string",
"methods": ["string"
],
"hostnames": ["string"
],
"service": "string"
}
],
"configResources": [{"fqn": "string",
"expectedEtag": "string",
"exclusivelyOwned": true
}
]
}

Delete an existing API.

path Parameters

organization required	string Organization name.
tenant required	string Tenant name.
application required	string Application name.
api required	string Api name.

Responses

Response samples

200
default

Content type

application/json

{ }

Gateway

List all gateway groups that exist in the workspace.

path Parameters

organization required	string Organization name.
tenant required	string Tenant name.
workspace required	string Workspace name.

Responses

Response samples

200
default

Content type

application/json

{"groups": [{"fqn": "string",
"displayName": "string",
"etag": "string",
"description": "string",
"namespaceSelector": {"names": ["string"
]
},
"configMode": "BRIDGED"
}
]
}

Create a new gateway group in the given workspace.

Groups will by default configure all the namespaces owned by their workspace, unless explicitly configured. If a specific set of namespaces is set for the group, it must be a subset of the namespaces defined by its workspace.

path Parameters

organization required	string Organization name.
tenant required	string Tenant name.
workspace required	string Workspace name.

Request Body schema: application/json

required	object (v2Group) A gateway group manages the gateways in a group of namespaces owned by the parent workspace.
name required	string The short name for the resource to be created.

Responses

Request samples

Payload

Content type

application/json

{"group": {"displayName": "string",
"etag": "string",
"description": "string",
"namespaceSelector": {"names": ["string"
]
},
"configMode": "BRIDGED"
},
"name": "string"
}

Response samples

200
default

Content type

application/json

{"fqn": "string",
"displayName": "string",
"etag": "string",
"description": "string",
"namespaceSelector": {"names": ["string"
]
},
"configMode": "BRIDGED"
}

Get the details of the given gateway group.

path Parameters

organization required	string Organization name.
tenant required	string Tenant name.
workspace required	string Workspace name.
gatewaygroup required	string Gatewaygroup name.

Responses

Response samples

200
default

Content type

application/json

{"fqn": "string",
"displayName": "string",
"etag": "string",
"description": "string",
"namespaceSelector": {"names": ["string"
]
},
"configMode": "BRIDGED"
}

update the given gateway group.

path Parameters

organization required	string Organization name.
tenant required	string Tenant name.
workspace required	string Workspace name.
gatewaygroup required	string Gatewaygroup name.

Request Body schema: application/json

configMode	string (v2ConfigMode) Default: "BRIDGED" Enum: "BRIDGED" "DIRECT" The configuration mode used by a traffic, security or a gateway group. BRIDGED: Indicates that the configurations to be added to the group will use macro APIs that automatically generate Istio APIs under the hood. DIRECT: Indicates that the configurations to be added to the group will directly use Istio APIs.
description	string (A description of the resource. $hide_from_yaml)
displayName	string (User friendly name for the resource. $hide_from_yaml)
etag	string (The etag for the resource. This field is automatically computed and must be sent on every update to the resource to prevent concurrent modifications. $hide_from_yaml)
required	object (`NamespaceSelector` selects a set of namespaces across one or more clusters in a tenant. Namespace selectors can be used at Workspace level to carve out a chunk of resources under a tenant into an isolated configuration domain. They can be used in a Traffic, Security, or a Gateway group to further scope the set of namespaces that will belong to a specific configuration group. Names in namespaces selector must be in the form `cluster/namespace` where: - cluster must be a cluster name or an `` to mean all clusters - namespace must be a namespace name, an `` to mean all namespaces or a prefix like `ns-*` to mean all those namespaces starting by `ns-`)

Responses

Request samples

Payload

Content type

application/json

{"configMode": "BRIDGED",
"description": "string",
"displayName": "string",
"etag": "string",
"namespaceSelector": {"names": ["string"
]
}
}

Response samples

200
default

Content type

application/json

{"fqn": "string",
"displayName": "string",
"etag": "string",
"description": "string",
"namespaceSelector": {"names": ["string"
]
},
"configMode": "BRIDGED"
}

Delete the given gateway group. Note that deleting resources in TSB is a recursive operation. Deleting a gateway group will delete all configuration objects that exist in it.

path Parameters

organization required	string Organization name.
tenant required	string Tenant name.
workspace required	string Workspace name.
gatewaygroup required	string Gatewaygroup name.

Responses

Response samples

200
default

Content type

application/json

{ }

List all Egress Gateway objects in the gateway group.

path Parameters

organization required	string Organization name.
tenant required	string Tenant name.
workspace required	string Workspace name.
gatewaygroup required	string Gatewaygroup name.

Responses

Response samples

200
default

Content type

application/json

{"egressGateways": [{"fqn": "string",
"displayName": "string",
"etag": "string",
"description": "string",
"workloadSelector": {"namespace": "string",
"labels": {"property1": "string",
"property2": "string"
}
},
"authorization": [{"from": {"mode": "UNSET",
"serviceAccounts": ["string"
],
"http": {"external": {"uri": "string",
"includeRequestHeaders": ["string"
],
"tls": {"mode": "DISABLED",
"files": {"clientCertificate": null,
"privateKey": null,
"caCertificates": null
},
"subjectAltNames": [null
]
}
},
"local": {"rules": [{"name": null,
"from": [ ],
"to": [ ]
}
]
}
},
"rules": {"allow": [{"from": {"fqn": null
},
"to": {"fqn": null
}
}
],
"denyAll": true,
"deny": [{"from": {"fqn": null
},
"to": {"fqn": null
}
}
]
}
},
"to": ["string"
]
}
]
}
]
}

Create an Egress Gateway object in the gateway group.

path Parameters

organization required	string Organization name.
tenant required	string Tenant name.
workspace required	string Workspace name.
gatewaygroup required	string Gatewaygroup name.

Request Body schema: application/json

required	object (v2EgressGateway) `EgressGateway` configures a workload to act as an egress gateway in the mesh.
name required	string The short name for the resource to be created.

Responses

Request samples

Payload

Content type

application/json

{"egressGateway": {"displayName": "string",
"etag": "string",
"description": "string",
"workloadSelector": {"namespace": "string",
"labels": {"property1": "string",
"property2": "string"
}
},
"authorization": [{"from": {"mode": "UNSET",
"serviceAccounts": ["string"
],
"http": {"external": {"uri": "string",
"includeRequestHeaders": ["string"
],
"tls": {"mode": "DISABLED",
"files": {"clientCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
},
"subjectAltNames": ["string"
]
}
},
"local": {"rules": [{"name": "string",
"from": [null
],
"to": [null
]
}
]
}
},
"rules": {"allow": [{"from": {"fqn": "string"
},
"to": {"fqn": "string"
}
}
],
"denyAll": true,
"deny": [{"from": {"fqn": "string"
},
"to": {"fqn": "string"
}
}
]
}
},
"to": ["string"
]
}
]
},
"name": "string"
}

Response samples

200
default

Content type

application/json

{"fqn": "string",
"displayName": "string",
"etag": "string",
"description": "string",
"workloadSelector": {"namespace": "string",
"labels": {"property1": "string",
"property2": "string"
}
},
"authorization": [{"from": {"mode": "UNSET",
"serviceAccounts": ["string"
],
"http": {"external": {"uri": "string",
"includeRequestHeaders": ["string"
],
"tls": {"mode": "DISABLED",
"files": {"clientCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
},
"subjectAltNames": ["string"
]
}
},
"local": {"rules": [{"name": "string",
"from": [{"jwt": null
}
],
"to": [{"paths": [ ],
"methods": [ ]
}
]
}
]
}
},
"rules": {"allow": [{"from": {"fqn": "string"
},
"to": {"fqn": "string"
}
}
],
"denyAll": true,
"deny": [{"from": {"fqn": "string"
},
"to": {"fqn": "string"
}
}
]
}
},
"to": ["string"
]
}
]
}

Get the details of the given Egress Gateway object.

path Parameters

organization required	string Organization name.
tenant required	string Tenant name.
workspace required	string Workspace name.
gatewaygroup required	string Gatewaygroup name.
egressgateway required	string Egressgateway name.

Responses

Response samples

200
default

Content type

application/json

{"fqn": "string",
"displayName": "string",
"etag": "string",
"description": "string",
"workloadSelector": {"namespace": "string",
"labels": {"property1": "string",
"property2": "string"
}
},
"authorization": [{"from": {"mode": "UNSET",
"serviceAccounts": ["string"
],
"http": {"external": {"uri": "string",
"includeRequestHeaders": ["string"
],
"tls": {"mode": "DISABLED",
"files": {"clientCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
},
"subjectAltNames": ["string"
]
}
},
"local": {"rules": [{"name": "string",
"from": [{"jwt": null
}
],
"to": [{"paths": [ ],
"methods": [ ]
}
]
}
]
}
},
"rules": {"allow": [{"from": {"fqn": "string"
},
"to": {"fqn": "string"
}
}
],
"denyAll": true,
"deny": [{"from": {"fqn": "string"
},
"to": {"fqn": "string"
}
}
]
}
},
"to": ["string"
]
}
]
}

Modify the given Egress Gateway object.

path Parameters

organization required	string Organization name.
tenant required	string Tenant name.
workspace required	string Workspace name.
gatewaygroup required	string Gatewaygroup name.
egressgateway required	string Egressgateway name.

Request Body schema: application/json

	Array of objects (EgressAuthorization is used to dictate which service accounts can access a set of external hosts) The description of which service accounts can access which hosts. If the list of authorization rules is empty, this egress gateway will deny all traffic.
description	string (A description of the resource. $hide_from_yaml)
displayName	string (User friendly name for the resource. $hide_from_yaml)
etag	string (The etag for the resource. This field is automatically computed and must be sent on every update to the resource to prevent concurrent modifications. $hide_from_yaml)
required	object (v2WorkloadSelector) `WorkloadSelector` selects one or more workloads in a namespace. `WorkloadSelector` can be used in TrafficSetting, SecuritySetting, and Gateway APIs in `BRIDGED` mode to scope the configuration to a specific set of workloads.

Responses

Request samples

Payload

Content type

application/json

{"authorization": [{"from": {"mode": "UNSET",
"serviceAccounts": ["string"
],
"http": {"external": {"uri": "string",
"includeRequestHeaders": ["string"
],
"tls": {"mode": "DISABLED",
"files": {"clientCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
},
"subjectAltNames": ["string"
]
}
},
"local": {"rules": [{"name": "string",
"from": [{"jwt": null
}
],
"to": [{"paths": [ ],
"methods": [ ]
}
]
}
]
}
},
"rules": {"allow": [{"from": {"fqn": "string"
},
"to": {"fqn": "string"
}
}
],
"denyAll": true,
"deny": [{"from": {"fqn": "string"
},
"to": {"fqn": "string"
}
}
]
}
},
"to": ["string"
]
}
],
"description": "string",
"displayName": "string",
"etag": "string",
"workloadSelector": {"namespace": "string",
"labels": {"property1": "string",
"property2": "string"
}
}
}

Response samples

200
default

Content type

application/json

{"fqn": "string",
"displayName": "string",
"etag": "string",
"description": "string",
"workloadSelector": {"namespace": "string",
"labels": {"property1": "string",
"property2": "string"
}
},
"authorization": [{"from": {"mode": "UNSET",
"serviceAccounts": ["string"
],
"http": {"external": {"uri": "string",
"includeRequestHeaders": ["string"
],
"tls": {"mode": "DISABLED",
"files": {"clientCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
},
"subjectAltNames": ["string"
]
}
},
"local": {"rules": [{"name": "string",
"from": [{"jwt": null
}
],
"to": [{"paths": [ ],
"methods": [ ]
}
]
}
]
}
},
"rules": {"allow": [{"from": {"fqn": "string"
},
"to": {"fqn": "string"
}
}
],
"denyAll": true,
"deny": [{"from": {"fqn": "string"
},
"to": {"fqn": "string"
}
}
]
}
},
"to": ["string"
]
}
]
}

Delete the given Egress Gateway object.

path Parameters

organization required	string Organization name.
tenant required	string Tenant name.
workspace required	string Workspace name.
gatewaygroup required	string Gatewaygroup name.
egressgateway required	string Egressgateway name.

Responses

Response samples

200
default

Content type

application/json

{ }

List all Ingress Gateway objects in the gateway group.

path Parameters

organization required	string Organization name.
tenant required	string Tenant name.
workspace required	string Workspace name.
gatewaygroup required	string Gatewaygroup name.

Responses

Response samples

200
default

Content type

application/json

{"ingressGateways": [{"fqn": "string",
"displayName": "string",
"etag": "string",
"description": "string",
"workloadSelector": {"namespace": "string",
"labels": {"property1": "string",
"property2": "string"
}
},
"http": [{"name": "string",
"port": 0,
"hostname": "string",
"tls": {"mode": "DISABLED",
"secretName": "string",
"files": {"serverCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
}
},
"xxxOldAuthentication": {"jwt": {"issuer": "string",
"audiences": ["string"
],
"jwksUri": "string",
"jwks": "string"
}
},
"authentication": {"jwt": {"issuer": "string",
"audiences": ["string"
],
"jwksUri": "string",
"jwks": "string"
}
},
"xxxOldAuthorization": {"external": {"uri": "string",
"includeRequestHeaders": ["string"
]
},
"local": {"rules": [{"name": "string",
"from": [null
],
"to": [null
]
}
]
}
},
"authorization": {"external": {"uri": "string",
"includeRequestHeaders": ["string"
],
"tls": {"mode": "DISABLED",
"files": {"clientCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
},
"subjectAltNames": ["string"
]
}
},
"local": {"rules": [{"name": "string",
"from": [null
],
"to": [null
]
}
]
}
},
"routing": {"corsPolicy": {"allowOrigin": ["string"
],
"allowMethods": ["string"
],
"allowHeaders": ["string"
],
"exposeHeaders": ["string"
],
"maxAge": "string",
"allowCredentials": true
},
"rules": [{"match": [{"uri": null,
"headers": { }
}
],
"modify": {"rewrite": {"uri": null,
"authority": null
},
"headers": {"request": null,
"response": null
}
},
"route": {"host": "string",
"port": 0
},
"redirect": {"uri": "string",
"authority": "string",
"redirectCode": 0,
"port": 0,
"scheme": "string"
}
}
]
},
"rateLimiting": {"settings": {"rules": [{"dimensions": [null
],
"limit": {"requestsPerUnit": null,
"unit": null
}
}
],
"failClosed": true,
"timeout": "string"
},
"externalService": {"domain": "string",
"failClosed": true,
"rateLimitServerUri": "string",
"rules": [{"dimensions": [null
]
}
],
"timeout": "string",
"tls": {"mode": "DISABLED",
"files": {"clientCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
},
"subjectAltNames": ["string"
]
}
}
}
}
],
"tlsPassthrough": [{"name": "string",
"port": 0,
"hostname": "string",
"route": {"host": "string",
"port": 0
}
}
],
"tcp": [{"name": "string",
"port": 0,
"hostname": "string",
"tls": {"mode": "DISABLED",
"secretName": "string",
"files": {"serverCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
}
},
"route": {"host": "string",
"port": 0
}
}
]
}
]
}

Create an Ingress Gateway object in the gateway group.

path Parameters

organization required	string Organization name.
tenant required	string Tenant name.
workspace required	string Workspace name.
gatewaygroup required	string Gatewaygroup name.

Request Body schema: application/json

required	object (v2IngressGateway) `IngressGateway` configures a workload to act as an ingress gateway into the mesh.
name required	string The short name for the resource to be created.

Responses

Request samples

Payload

Content type

application/json

{"ingressGateway": {"displayName": "string",
"etag": "string",
"description": "string",
"workloadSelector": {"namespace": "string",
"labels": {"property1": "string",
"property2": "string"
}
},
"http": [{"name": "string",
"port": 0,
"hostname": "string",
"tls": {"mode": "DISABLED",
"secretName": "string",
"files": {"serverCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
}
},
"xxxOldAuthentication": {"jwt": {"issuer": "string",
"audiences": ["string"
],
"jwksUri": "string",
"jwks": "string"
}
},
"authentication": {"jwt": {"issuer": "string",
"audiences": ["string"
],
"jwksUri": "string",
"jwks": "string"
}
},
"xxxOldAuthorization": {"external": {"uri": "string",
"includeRequestHeaders": ["string"
]
},
"local": {"rules": [{"name": "string",
"from": [{"jwt": null
}
],
"to": [{"paths": [ ],
"methods": [ ]
}
]
}
]
}
},
"authorization": {"external": {"uri": "string",
"includeRequestHeaders": ["string"
],
"tls": {"mode": "DISABLED",
"files": {"clientCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
},
"subjectAltNames": ["string"
]
}
},
"local": {"rules": [{"name": "string",
"from": [{"jwt": null
}
],
"to": [{"paths": [ ],
"methods": [ ]
}
]
}
]
}
},
"routing": {"corsPolicy": {"allowOrigin": ["string"
],
"allowMethods": ["string"
],
"allowHeaders": ["string"
],
"exposeHeaders": ["string"
],
"maxAge": "string",
"allowCredentials": true
},
"rules": [{"match": [{"uri": {"exact": null,
"prefix": null,
"regex": null
},
"headers": {"property1": null,
"property2": null
}
}
],
"modify": {"rewrite": {"uri": "string",
"authority": "string"
},
"headers": {"request": {"set": { },
"add": { },
"remove": [ ]
},
"response": {"set": { },
"add": { },
"remove": [ ]
}
}
},
"route": {"host": "string",
"port": 0
},
"redirect": {"uri": "string",
"authority": "string",
"redirectCode": 0,
"port": 0,
"scheme": "string"
}
}
]
},
"rateLimiting": {"settings": {"rules": [{"dimensions": [{"remoteAddress": null,
"header": null
}
],
"limit": {"requestsPerUnit": 0,
"unit": "UNKNOWN"
}
}
],
"failClosed": true,
"timeout": "string"
},
"externalService": {"domain": "string",
"failClosed": true,
"rateLimitServerUri": "string",
"rules": [{"dimensions": [{"sourceCluster": null,
"destinationCluster": null,
"remoteAddress": null,
"requestHeaders": null,
"headerValueMatch": null
}
]
}
],
"timeout": "string",
"tls": {"mode": "DISABLED",
"files": {"clientCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
},
"subjectAltNames": ["string"
]
}
}
}
}
],
"tlsPassthrough": [{"name": "string",
"port": 0,
"hostname": "string",
"route": {"host": "string",
"port": 0
}
}
],
"tcp": [{"name": "string",
"port": 0,
"hostname": "string",
"tls": {"mode": "DISABLED",
"secretName": "string",
"files": {"serverCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
}
},
"route": {"host": "string",
"port": 0
}
}
]
},
"name": "string"
}

Response samples

200
default

Content type

application/json

{"fqn": "string",
"displayName": "string",
"etag": "string",
"description": "string",
"workloadSelector": {"namespace": "string",
"labels": {"property1": "string",
"property2": "string"
}
},
"http": [{"name": "string",
"port": 0,
"hostname": "string",
"tls": {"mode": "DISABLED",
"secretName": "string",
"files": {"serverCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
}
},
"xxxOldAuthentication": {"jwt": {"issuer": "string",
"audiences": ["string"
],
"jwksUri": "string",
"jwks": "string"
}
},
"authentication": {"jwt": {"issuer": "string",
"audiences": ["string"
],
"jwksUri": "string",
"jwks": "string"
}
},
"xxxOldAuthorization": {"external": {"uri": "string",
"includeRequestHeaders": ["string"
]
},
"local": {"rules": [{"name": "string",
"from": [{"jwt": {"iss": null,
"sub": null,
"other": { }
}
}
],
"to": [{"paths": [null
],
"methods": [null
]
}
]
}
]
}
},
"authorization": {"external": {"uri": "string",
"includeRequestHeaders": ["string"
],
"tls": {"mode": "DISABLED",
"files": {"clientCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
},
"subjectAltNames": ["string"
]
}
},
"local": {"rules": [{"name": "string",
"from": [{"jwt": {"iss": null,
"sub": null,
"other": { }
}
}
],
"to": [{"paths": [null
],
"methods": [null
]
}
]
}
]
}
},
"routing": {"corsPolicy": {"allowOrigin": ["string"
],
"allowMethods": ["string"
],
"allowHeaders": ["string"
],
"exposeHeaders": ["string"
],
"maxAge": "string",
"allowCredentials": true
},
"rules": [{"match": [{"uri": {"exact": "string",
"prefix": "string",
"regex": "string"
},
"headers": {"property1": {"exact": null,
"prefix": null,
"regex": null
},
"property2": {"exact": null,
"prefix": null,
"regex": null
}
}
}
],
"modify": {"rewrite": {"uri": "string",
"authority": "string"
},
"headers": {"request": {"set": {"property1": null,
"property2": null
},
"add": {"property1": null,
"property2": null
},
"remove": [null
]
},
"response": {"set": {"property1": null,
"property2": null
},
"add": {"property1": null,
"property2": null
},
"remove": [null
]
}
}
},
"route": {"host": "string",
"port": 0
},
"redirect": {"uri": "string",
"authority": "string",
"redirectCode": 0,
"port": 0,
"scheme": "string"
}
}
]
},
"rateLimiting": {"settings": {"rules": [{"dimensions": [{"remoteAddress": {"value": null
},
"header": {"name": null,
"value": null
}
}
],
"limit": {"requestsPerUnit": 0,
"unit": "UNKNOWN"
}
}
],
"failClosed": true,
"timeout": "string"
},
"externalService": {"domain": "string",
"failClosed": true,
"rateLimitServerUri": "string",
"rules": [{"dimensions": [{"sourceCluster": { },
"destinationCluster": { },
"remoteAddress": { },
"requestHeaders": {"headerName": null,
"descriptorKey": null
},
"headerValueMatch": {"headers": { },
"descriptorValue": null
}
}
]
}
],
"timeout": "string",
"tls": {"mode": "DISABLED",
"files": {"clientCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
},
"subjectAltNames": ["string"
]
}
}
}
}
],
"tlsPassthrough": [{"name": "string",
"port": 0,
"hostname": "string",
"route": {"host": "string",
"port": 0
}
}
],
"tcp": [{"name": "string",
"port": 0,
"hostname": "string",
"tls": {"mode": "DISABLED",
"secretName": "string",
"files": {"serverCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
}
},
"route": {"host": "string",
"port": 0
}
}
]
}

Get the details of the given Ingress Gateway object.

path Parameters

organization required	string Organization name.
tenant required	string Tenant name.
workspace required	string Workspace name.
gatewaygroup required	string Gatewaygroup name.
ingressgateway required	string Ingressgateway name.

Responses

Response samples

200
default

Content type

application/json

{"fqn": "string",
"displayName": "string",
"etag": "string",
"description": "string",
"workloadSelector": {"namespace": "string",
"labels": {"property1": "string",
"property2": "string"
}
},
"http": [{"name": "string",
"port": 0,
"hostname": "string",
"tls": {"mode": "DISABLED",
"secretName": "string",
"files": {"serverCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
}
},
"xxxOldAuthentication": {"jwt": {"issuer": "string",
"audiences": ["string"
],
"jwksUri": "string",
"jwks": "string"
}
},
"authentication": {"jwt": {"issuer": "string",
"audiences": ["string"
],
"jwksUri": "string",
"jwks": "string"
}
},
"xxxOldAuthorization": {"external": {"uri": "string",
"includeRequestHeaders": ["string"
]
},
"local": {"rules": [{"name": "string",
"from": [{"jwt": {"iss": null,
"sub": null,
"other": { }
}
}
],
"to": [{"paths": [null
],
"methods": [null
]
}
]
}
]
}
},
"authorization": {"external": {"uri": "string",
"includeRequestHeaders": ["string"
],
"tls": {"mode": "DISABLED",
"files": {"clientCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
},
"subjectAltNames": ["string"
]
}
},
"local": {"rules": [{"name": "string",
"from": [{"jwt": {"iss": null,
"sub": null,
"other": { }
}
}
],
"to": [{"paths": [null
],
"methods": [null
]
}
]
}
]
}
},
"routing": {"corsPolicy": {"allowOrigin": ["string"
],
"allowMethods": ["string"
],
"allowHeaders": ["string"
],
"exposeHeaders": ["string"
],
"maxAge": "string",
"allowCredentials": true
},
"rules": [{"match": [{"uri": {"exact": "string",
"prefix": "string",
"regex": "string"
},
"headers": {"property1": {"exact": null,
"prefix": null,
"regex": null
},
"property2": {"exact": null,
"prefix": null,
"regex": null
}
}
}
],
"modify": {"rewrite": {"uri": "string",
"authority": "string"
},
"headers": {"request": {"set": {"property1": null,
"property2": null
},
"add": {"property1": null,
"property2": null
},
"remove": [null
]
},
"response": {"set": {"property1": null,
"property2": null
},
"add": {"property1": null,
"property2": null
},
"remove": [null
]
}
}
},
"route": {"host": "string",
"port": 0
},
"redirect": {"uri": "string",
"authority": "string",
"redirectCode": 0,
"port": 0,
"scheme": "string"
}
}
]
},
"rateLimiting": {"settings": {"rules": [{"dimensions": [{"remoteAddress": {"value": null
},
"header": {"name": null,
"value": null
}
}
],
"limit": {"requestsPerUnit": 0,
"unit": "UNKNOWN"
}
}
],
"failClosed": true,
"timeout": "string"
},
"externalService": {"domain": "string",
"failClosed": true,
"rateLimitServerUri": "string",
"rules": [{"dimensions": [{"sourceCluster": { },
"destinationCluster": { },
"remoteAddress": { },
"requestHeaders": {"headerName": null,
"descriptorKey": null
},
"headerValueMatch": {"headers": { },
"descriptorValue": null
}
}
]
}
],
"timeout": "string",
"tls": {"mode": "DISABLED",
"files": {"clientCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
},
"subjectAltNames": ["string"
]
}
}
}
}
],
"tlsPassthrough": [{"name": "string",
"port": 0,
"hostname": "string",
"route": {"host": "string",
"port": 0
}
}
],
"tcp": [{"name": "string",
"port": 0,
"hostname": "string",
"tls": {"mode": "DISABLED",
"secretName": "string",
"files": {"serverCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
}
},
"route": {"host": "string",
"port": 0
}
}
]
}

Modify the given Ingress Gateway object.

path Parameters

organization required	string Organization name.
tenant required	string Tenant name.
workspace required	string Workspace name.
gatewaygroup required	string Gatewaygroup name.
ingressgateway required	string Ingressgateway name.

Request Body schema: application/json

description	string (A description of the resource. $hide_from_yaml)
displayName	string (User friendly name for the resource. $hide_from_yaml)
etag	string (The etag for the resource. This field is automatically computed and must be sent on every update to the resource to prevent concurrent modifications. $hide_from_yaml)
	Array of objects (v2HttpServer) One or more HTTP or HTTPS servers exposed by the gateway. The server exposes configuration for TLS termination, request authentication/authorization, HTTP routing, etc.
	Array of objects (One or more non-HTTP and non-passthrough servers which use TCP based protocols. This server also exposes configuration for terminating TLS)
	Array of objects (v2TLSPassthroughServer) One or more TLS servers exposed by the gateway. The server does not terminate TLS and exposes config for SNI based routing.
required	object (v2WorkloadSelector) `WorkloadSelector` selects one or more workloads in a namespace. `WorkloadSelector` can be used in TrafficSetting, SecuritySetting, and Gateway APIs in `BRIDGED` mode to scope the configuration to a specific set of workloads.

Responses

Request samples

Payload

Content type

application/json

{"description": "string",
"displayName": "string",
"etag": "string",
"http": [{"name": "string",
"port": 0,
"hostname": "string",
"tls": {"mode": "DISABLED",
"secretName": "string",
"files": {"serverCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
}
},
"xxxOldAuthentication": {"jwt": {"issuer": "string",
"audiences": ["string"
],
"jwksUri": "string",
"jwks": "string"
}
},
"authentication": {"jwt": {"issuer": "string",
"audiences": ["string"
],
"jwksUri": "string",
"jwks": "string"
}
},
"xxxOldAuthorization": {"external": {"uri": "string",
"includeRequestHeaders": ["string"
]
},
"local": {"rules": [{"name": "string",
"from": [{"jwt": {"iss": null,
"sub": null,
"other": { }
}
}
],
"to": [{"paths": [null
],
"methods": [null
]
}
]
}
]
}
},
"authorization": {"external": {"uri": "string",
"includeRequestHeaders": ["string"
],
"tls": {"mode": "DISABLED",
"files": {"clientCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
},
"subjectAltNames": ["string"
]
}
},
"local": {"rules": [{"name": "string",
"from": [{"jwt": {"iss": null,
"sub": null,
"other": { }
}
}
],
"to": [{"paths": [null
],
"methods": [null
]
}
]
}
]
}
},
"routing": {"corsPolicy": {"allowOrigin": ["string"
],
"allowMethods": ["string"
],
"allowHeaders": ["string"
],
"exposeHeaders": ["string"
],
"maxAge": "string",
"allowCredentials": true
},
"rules": [{"match": [{"uri": {"exact": "string",
"prefix": "string",
"regex": "string"
},
"headers": {"property1": {"exact": null,
"prefix": null,
"regex": null
},
"property2": {"exact": null,
"prefix": null,
"regex": null
}
}
}
],
"modify": {"rewrite": {"uri": "string",
"authority": "string"
},
"headers": {"request": {"set": {"property1": null,
"property2": null
},
"add": {"property1": null,
"property2": null
},
"remove": [null
]
},
"response": {"set": {"property1": null,
"property2": null
},
"add": {"property1": null,
"property2": null
},
"remove": [null
]
}
}
},
"route": {"host": "string",
"port": 0
},
"redirect": {"uri": "string",
"authority": "string",
"redirectCode": 0,
"port": 0,
"scheme": "string"
}
}
]
},
"rateLimiting": {"settings": {"rules": [{"dimensions": [{"remoteAddress": {"value": null
},
"header": {"name": null,
"value": null
}
}
],
"limit": {"requestsPerUnit": 0,
"unit": "UNKNOWN"
}
}
],
"failClosed": true,
"timeout": "string"
},
"externalService": {"domain": "string",
"failClosed": true,
"rateLimitServerUri": "string",
"rules": [{"dimensions": [{"sourceCluster": { },
"destinationCluster": { },
"remoteAddress": { },
"requestHeaders": {"headerName": null,
"descriptorKey": null
},
"headerValueMatch": {"headers": { },
"descriptorValue": null
}
}
]
}
],
"timeout": "string",
"tls": {"mode": "DISABLED",
"files": {"clientCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
},
"subjectAltNames": ["string"
]
}
}
}
}
],
"tcp": [{"name": "string",
"port": 0,
"hostname": "string",
"tls": {"mode": "DISABLED",
"secretName": "string",
"files": {"serverCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
}
},
"route": {"host": "string",
"port": 0
}
}
],
"tlsPassthrough": [{"name": "string",
"port": 0,
"hostname": "string",
"route": {"host": "string",
"port": 0
}
}
],
"workloadSelector": {"namespace": "string",
"labels": {"property1": "string",
"property2": "string"
}
}
}

Response samples

200
default

Content type

application/json

{"fqn": "string",
"displayName": "string",
"etag": "string",
"description": "string",
"workloadSelector": {"namespace": "string",
"labels": {"property1": "string",
"property2": "string"
}
},
"http": [{"name": "string",
"port": 0,
"hostname": "string",
"tls": {"mode": "DISABLED",
"secretName": "string",
"files": {"serverCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
}
},
"xxxOldAuthentication": {"jwt": {"issuer": "string",
"audiences": ["string"
],
"jwksUri": "string",
"jwks": "string"
}
},
"authentication": {"jwt": {"issuer": "string",
"audiences": ["string"
],
"jwksUri": "string",
"jwks": "string"
}
},
"xxxOldAuthorization": {"external": {"uri": "string",
"includeRequestHeaders": ["string"
]
},
"local": {"rules": [{"name": "string",
"from": [{"jwt": {"iss": null,
"sub": null,
"other": { }
}
}
],
"to": [{"paths": [null
],
"methods": [null
]
}
]
}
]
}
},
"authorization": {"external": {"uri": "string",
"includeRequestHeaders": ["string"
],
"tls": {"mode": "DISABLED",
"files": {"clientCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
},
"subjectAltNames": ["string"
]
}
},
"local": {"rules": [{"name": "string",
"from": [{"jwt": {"iss": null,
"sub": null,
"other": { }
}
}
],
"to": [{"paths": [null
],
"methods": [null
]
}
]
}
]
}
},
"routing": {"corsPolicy": {"allowOrigin": ["string"
],
"allowMethods": ["string"
],
"allowHeaders": ["string"
],
"exposeHeaders": ["string"
],
"maxAge": "string",
"allowCredentials": true
},
"rules": [{"match": [{"uri": {"exact": "string",
"prefix": "string",
"regex": "string"
},
"headers": {"property1": {"exact": null,
"prefix": null,
"regex": null
},
"property2": {"exact": null,
"prefix": null,
"regex": null
}
}
}
],
"modify": {"rewrite": {"uri": "string",
"authority": "string"
},
"headers": {"request": {"set": {"property1": null,
"property2": null
},
"add": {"property1": null,
"property2": null
},
"remove": [null
]
},
"response": {"set": {"property1": null,
"property2": null
},
"add": {"property1": null,
"property2": null
},
"remove": [null
]
}
}
},
"route": {"host": "string",
"port": 0
},
"redirect": {"uri": "string",
"authority": "string",
"redirectCode": 0,
"port": 0,
"scheme": "string"
}
}
]
},
"rateLimiting": {"settings": {"rules": [{"dimensions": [{"remoteAddress": {"value": null
},
"header": {"name": null,
"value": null
}
}
],
"limit": {"requestsPerUnit": 0,
"unit": "UNKNOWN"
}
}
],
"failClosed": true,
"timeout": "string"
},
"externalService": {"domain": "string",
"failClosed": true,
"rateLimitServerUri": "string",
"rules": [{"dimensions": [{"sourceCluster": { },
"destinationCluster": { },
"remoteAddress": { },
"requestHeaders": {"headerName": null,
"descriptorKey": null
},
"headerValueMatch": {"headers": { },
"descriptorValue": null
}
}
]
}
],
"timeout": "string",
"tls": {"mode": "DISABLED",
"files": {"clientCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
},
"subjectAltNames": ["string"
]
}
}
}
}
],
"tlsPassthrough": [{"name": "string",
"port": 0,
"hostname": "string",
"route": {"host": "string",
"port": 0
}
}
],
"tcp": [{"name": "string",
"port": 0,
"hostname": "string",
"tls": {"mode": "DISABLED",
"secretName": "string",
"files": {"serverCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
}
},
"route": {"host": "string",
"port": 0
}
}
]
}

Delete the given Ingress Gateway object.

path Parameters

organization required	string Organization name.
tenant required	string Tenant name.
workspace required	string Workspace name.
gatewaygroup required	string Gatewaygroup name.
ingressgateway required	string Ingressgateway name.

Responses

Response samples

200
default

Content type

application/json

{ }

List all Tier1 Gateway objects that have been created in the gateway group.

path Parameters

organization required	string Organization name.
tenant required	string Tenant name.
workspace required	string Workspace name.
gatewaygroup required	string Gatewaygroup name.

Responses

Response samples

200
default

Content type

application/json

{"tier1Gateways": [{"fqn": "string",
"displayName": "string",
"etag": "string",
"description": "string",
"workloadSelector": {"namespace": "string",
"labels": {"property1": "string",
"property2": "string"
}
},
"externalServers": [{"name": "string",
"port": 0,
"hostname": "string",
"tls": {"mode": "DISABLED",
"secretName": "string",
"files": {"serverCertificate": "string",
"privateKey": "string",
"caCertificates": "string"
}
},
"clusters": [{"name": "string",
"labels": {"property1": "string",
"property2": "string"
},
"network": "string",
"weight": 0
}
],
"redirect": {"uri": "string",
"authority": "string",
"redirectCode": 0,
"port": 0,
"scheme": "string"
},
"authentication": {"jwt": {"issuer": "string",
"audiences": ["string"
],
"jwksUri": "string",
"jwks": "string"
}
},
"authorization": {"external": {"uri": "string",
"includeRequestHeaders": ["string"
],
"tls": {"mode": "DISABLED",