Download OpenAPI specification:Download
Tetrate Service Bridge API.
code | string OAuth2 Authorization Code. When present this indicates the user authorized the request. TSB will use this code to acquire a token from the OIDC token endpoint and complete the login flow. |
error | string OAuth2 Error Code. When present this indicates that either the authorization request has an error, the OIDC provider encountered an error or the user failed to log in. When set TSB will display information to the user indicating what went wrong. Standard error codes can be found found here. https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2.1 https://openid.net/specs/openid-connect-core-1_0.html#AuthError |
state required | string The state parameter sent to the OIDC provider on the authorization request. |
errorDescription | string Optional error description sent by the OIDC provider when an error occurs. |
errorUri | string Optional error URI of a web page that includes additional information about the error. |
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
{- "applications": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "workspace": "string",
- "namespaceSelector": {
- "names": [
- "string"
]
}, - "gatewayGroup": "string",
- "services": [
- "string"
], - "configResources": [
- {
- "fqn": "string",
- "expectedEtag": "string",
- "exclusivelyOwned": true
}
]
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
required | object (v2Application) An Application represents a set of logical groupings of services that are related to each other and expose a set of APIs that implement a complete set of business logic. |
name required | string The short name for the resource to be created. |
{- "application": {
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "workspace": "string",
- "namespaceSelector": {
- "names": [
- "string"
]
}, - "gatewayGroup": "string",
- "services": [
- "string"
]
}, - "name": "string"
}
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "workspace": "string",
- "namespaceSelector": {
- "names": [
- "string"
]
}, - "gatewayGroup": "string",
- "services": [
- "string"
], - "configResources": [
- {
- "fqn": "string",
- "expectedEtag": "string",
- "exclusivelyOwned": true
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "workspace": "string",
- "namespaceSelector": {
- "names": [
- "string"
]
}, - "gatewayGroup": "string",
- "services": [
- "string"
], - "configResources": [
- {
- "fqn": "string",
- "expectedEtag": "string",
- "exclusivelyOwned": true
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
description | string (A description of the resource.
$hide_from_yaml) |
displayName | string (User friendly name for the resource.
$hide_from_yaml) |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
gatewayGroup | string Optional FQN of the Gateway Group to be used by the application.
If configured, this gateway group will be used by the application. If
no namespaces are configured and no existing gateway group is set, a new gateway group claiming all
namespaces in the workspace ( |
object (`NamespaceSelector` selects a set of namespaces across one or more
clusters in a tenant. Namespace selectors can be used at Workspace
level to carve out a chunk of resources under a tenant into an
isolated configuration domain. They can be used in a Traffic,
Security, or a Gateway group to further scope the set of namespaces
that will belong to a specific configuration group.
Names in namespaces selector must be in the form `cluster/namespace`
where:
- cluster must be a cluster name or an `*` to mean all clusters
- namespace must be a namespace name, an `*` to mean all namespaces
or a prefix like `ns-*` to mean all those namespaces starting
by `ns-`) | |
services | Array of strings Optional list of services that are part of the application. This is a list of FQNs of services in the service registry. If omitted, the application is assumed to own all the services in the workspace. Note that a service can only be part of one application. If any of the services in the list is already in use by an existing application, application creation/modification will fail. If the list of services is not explicitly set and any service in the workspace is already in use by by another application, application creation/modification will fail. |
workspace required | string FQN of the workspace this application is part of. The application will configure IngressGateways for the attached APIs in the different namespaces exposed by this workspace. |
{- "description": "string",
- "displayName": "string",
- "etag": "string",
- "gatewayGroup": "string",
- "namespaceSelector": {
- "names": [
- "string"
]
}, - "services": [
- "string"
], - "workspace": "string"
}
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "workspace": "string",
- "namespaceSelector": {
- "names": [
- "string"
]
}, - "gatewayGroup": "string",
- "services": [
- "string"
], - "configResources": [
- {
- "fqn": "string",
- "expectedEtag": "string",
- "exclusivelyOwned": true
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
{- "apis": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "openapi": "string",
- "workloadSelector": {
- "namespace": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}
}, - "servers": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}, - "xxxOldAuthentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "authentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "xxxOldAuthorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
]
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- null
], - "to": [
- null
]
}
]
}
}, - "authorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- null
], - "to": [
- null
]
}
]
}
}, - "routing": {
- "corsPolicy": {
- "allowOrigin": [
- "string"
], - "allowMethods": [
- "string"
], - "allowHeaders": [
- "string"
], - "exposeHeaders": [
- "string"
], - "maxAge": "string",
- "allowCredentials": true
}, - "rules": [
- {
- "match": [
- {
- "uri": null,
- "headers": { }
}
], - "modify": {
- "rewrite": {
- "uri": null,
- "authority": null
}, - "headers": {
- "request": null,
- "response": null
}
}, - "route": {
- "host": "string",
- "port": 0
}, - "redirect": {
- "uri": "string",
- "authority": "string",
- "redirectCode": 0,
- "port": 0,
- "scheme": "string"
}
}
]
}, - "rateLimiting": {
- "settings": {
- "rules": [
- {
- "dimensions": [
- null
], - "limit": {
- "requestsPerUnit": null,
- "unit": null
}
}
], - "failClosed": true,
- "timeout": "string"
}, - "externalService": {
- "domain": "string",
- "failClosed": true,
- "rateLimitServerUri": "string",
- "rules": [
- {
- "dimensions": [
- null
]
}
], - "timeout": "string",
- "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}
}
}
], - "endpoints": [
- {
- "path": "string",
- "methods": [
- "string"
], - "hostnames": [
- "string"
], - "service": "string"
}
], - "configResources": [
- {
- "fqn": "string",
- "expectedEtag": "string",
- "exclusivelyOwned": true
}
]
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
required | object (v2API) An API configuring a set of servers and endpoints that expose the Application business logic. |
name required | string The short name for the resource to be created. |
{- "api": {
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "openapi": "string",
- "workloadSelector": {
- "namespace": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}
}
}, - "name": "string"
}
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "openapi": "string",
- "workloadSelector": {
- "namespace": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}
}, - "servers": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}, - "xxxOldAuthentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "authentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "xxxOldAuthorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
]
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": {
- "iss": null,
- "sub": null,
- "other": { }
}
}
], - "to": [
- {
- "paths": [
- null
], - "methods": [
- null
]
}
]
}
]
}
}, - "authorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": {
- "iss": null,
- "sub": null,
- "other": { }
}
}
], - "to": [
- {
- "paths": [
- null
], - "methods": [
- null
]
}
]
}
]
}
}, - "routing": {
- "corsPolicy": {
- "allowOrigin": [
- "string"
], - "allowMethods": [
- "string"
], - "allowHeaders": [
- "string"
], - "exposeHeaders": [
- "string"
], - "maxAge": "string",
- "allowCredentials": true
}, - "rules": [
- {
- "match": [
- {
- "uri": {
- "exact": "string",
- "prefix": "string",
- "regex": "string"
}, - "headers": {
- "property1": {
- "exact": null,
- "prefix": null,
- "regex": null
}, - "property2": {
- "exact": null,
- "prefix": null,
- "regex": null
}
}
}
], - "modify": {
- "rewrite": {
- "uri": "string",
- "authority": "string"
}, - "headers": {
- "request": {
- "set": {
- "property1": null,
- "property2": null
}, - "add": {
- "property1": null,
- "property2": null
}, - "remove": [
- null
]
}, - "response": {
- "set": {
- "property1": null,
- "property2": null
}, - "add": {
- "property1": null,
- "property2": null
}, - "remove": [
- null
]
}
}
}, - "route": {
- "host": "string",
- "port": 0
}, - "redirect": {
- "uri": "string",
- "authority": "string",
- "redirectCode": 0,
- "port": 0,
- "scheme": "string"
}
}
]
}, - "rateLimiting": {
- "settings": {
- "rules": [
- {
- "dimensions": [
- {
- "remoteAddress": {
- "value": null
}, - "header": {
- "name": null,
- "value": null,
- "dontMatch": null
}
}
], - "limit": {
- "requestsPerUnit": 0,
- "unit": "UNKNOWN"
}
}
], - "failClosed": true,
- "timeout": "string"
}, - "externalService": {
- "domain": "string",
- "failClosed": true,
- "rateLimitServerUri": "string",
- "rules": [
- {
- "dimensions": [
- {
- "sourceCluster": { },
- "destinationCluster": { },
- "remoteAddress": { },
- "requestHeaders": {
- "headerName": null,
- "descriptorKey": null
}, - "headerValueMatch": {
- "headers": { },
- "descriptorValue": null,
- "dontMatch": null
}
}
]
}
], - "timeout": "string",
- "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}
}
}
], - "endpoints": [
- {
- "path": "string",
- "methods": [
- "string"
], - "hostnames": [
- "string"
], - "service": "string"
}
], - "configResources": [
- {
- "fqn": "string",
- "expectedEtag": "string",
- "exclusivelyOwned": true
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
api required | string Api name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "openapi": "string",
- "workloadSelector": {
- "namespace": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}
}, - "servers": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}, - "xxxOldAuthentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "authentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "xxxOldAuthorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
]
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": {
- "iss": null,
- "sub": null,
- "other": { }
}
}
], - "to": [
- {
- "paths": [
- null
], - "methods": [
- null
]
}
]
}
]
}
}, - "authorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": {
- "iss": null,
- "sub": null,
- "other": { }
}
}
], - "to": [
- {
- "paths": [
- null
], - "methods": [
- null
]
}
]
}
]
}
}, - "routing": {
- "corsPolicy": {
- "allowOrigin": [
- "string"
], - "allowMethods": [
- "string"
], - "allowHeaders": [
- "string"
], - "exposeHeaders": [
- "string"
], - "maxAge": "string",
- "allowCredentials": true
}, - "rules": [
- {
- "match": [
- {
- "uri": {
- "exact": "string",
- "prefix": "string",
- "regex": "string"
}, - "headers": {
- "property1": {
- "exact": null,
- "prefix": null,
- "regex": null
}, - "property2": {
- "exact": null,
- "prefix": null,
- "regex": null
}
}
}
], - "modify": {
- "rewrite": {
- "uri": "string",
- "authority": "string"
}, - "headers": {
- "request": {
- "set": {
- "property1": null,
- "property2": null
}, - "add": {
- "property1": null,
- "property2": null
}, - "remove": [
- null
]
}, - "response": {
- "set": {
- "property1": null,
- "property2": null
}, - "add": {
- "property1": null,
- "property2": null
}, - "remove": [
- null
]
}
}
}, - "route": {
- "host": "string",
- "port": 0
}, - "redirect": {
- "uri": "string",
- "authority": "string",
- "redirectCode": 0,
- "port": 0,
- "scheme": "string"
}
}
]
}, - "rateLimiting": {
- "settings": {
- "rules": [
- {
- "dimensions": [
- {
- "remoteAddress": {
- "value": null
}, - "header": {
- "name": null,
- "value": null,
- "dontMatch": null
}
}
], - "limit": {
- "requestsPerUnit": 0,
- "unit": "UNKNOWN"
}
}
], - "failClosed": true,
- "timeout": "string"
}, - "externalService": {
- "domain": "string",
- "failClosed": true,
- "rateLimitServerUri": "string",
- "rules": [
- {
- "dimensions": [
- {
- "sourceCluster": { },
- "destinationCluster": { },
- "remoteAddress": { },
- "requestHeaders": {
- "headerName": null,
- "descriptorKey": null
}, - "headerValueMatch": {
- "headers": { },
- "descriptorValue": null,
- "dontMatch": null
}
}
]
}
], - "timeout": "string",
- "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}
}
}
], - "endpoints": [
- {
- "path": "string",
- "methods": [
- "string"
], - "hostnames": [
- "string"
], - "service": "string"
}
], - "configResources": [
- {
- "fqn": "string",
- "expectedEtag": "string",
- "exclusivelyOwned": true
}
]
}
organization required | string Organization name. |
{- "extensions": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "allowedIn": [
- "string"
], - "image": "string",
- "source": "string",
- "phase": "UNSPECIFIED_PHASE",
- "priority": 0,
- "config": { },
- "imagePullPolicy": "UNSPECIFIED_POLICY",
- "imagePullSecret": "string",
- "vmConfig": {
- "env": [
- {
- "name": "string",
- "valueFrom": "INLINE",
- "value": "string"
}
]
}
}
]
}
organization required | string Organization name. |
name required | string The short name for the resource to be created. |
required | object (v2WasmExtension) |
{- "name": "string",
- "wasmExtension": {
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "allowedIn": [
- "string"
], - "image": "string",
- "source": "string",
- "phase": "UNSPECIFIED_PHASE",
- "priority": 0,
- "config": { },
- "imagePullPolicy": "UNSPECIFIED_POLICY",
- "imagePullSecret": "string",
- "vmConfig": {
- "env": [
- {
- "name": "string",
- "valueFrom": "INLINE",
- "value": "string"
}
]
}
}
}
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "allowedIn": [
- "string"
], - "image": "string",
- "source": "string",
- "phase": "UNSPECIFIED_PHASE",
- "priority": 0,
- "config": { },
- "imagePullPolicy": "UNSPECIFIED_POLICY",
- "imagePullSecret": "string",
- "vmConfig": {
- "env": [
- {
- "name": "string",
- "valueFrom": "INLINE",
- "value": "string"
}
]
}
}
organization required | string Organization name. |
extension required | string Extension name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "allowedIn": [
- "string"
], - "image": "string",
- "source": "string",
- "phase": "UNSPECIFIED_PHASE",
- "priority": 0,
- "config": { },
- "imagePullPolicy": "UNSPECIFIED_POLICY",
- "imagePullSecret": "string",
- "vmConfig": {
- "env": [
- {
- "name": "string",
- "valueFrom": "INLINE",
- "value": "string"
}
]
}
}
organization required | string Organization name. |
extension required | string Extension name. |
allowedIn | Array of strings List of fqns where this extension is allowed to run. If it is empty, the extension can be used across the entire organization. Currently only Tenant resources are considered. |
config | object Configuration parameters sent to the WASM plugin execution The configuration can be overwritten when instantiating the extensions in IngressGateways or Security groups. The config is serialized using proto3 JSON marshaling and passed to proxy_on_configure when the host environment starts the plugin. |
description | string (A description of the extension.
$hide_from_yaml) |
displayName | string (User friendly name for the extension.
$hide_from_yaml) |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
image required | string Repository and tag of the OCI image containing the WASM extension. |
imagePullPolicy | string (WasmExtensionPullPolicy) Default: "UNSPECIFIED_POLICY" Enum: "UNSPECIFIED_POLICY" "IfNotPresent" "Always" The pull behaviour to be applied when fetching a WASM module, mirroring K8s behaviour.
|
imagePullSecret | string Credentials to use for OCI image pulling.
Name of a K8s Secret in the same namespace as the |
phase | string (Plugin phases following Istio definition: https://istio.io/latest/docs/reference/config/proxy_extensions/wasm-plugin/#PluginPhase) Default: "UNSPECIFIED_PHASE" Enum: "UNSPECIFIED_PHASE" "AUTHN" "AUTHZ" "STATS"
|
priority | integer <int32> Determines the ordering of WasmExtensions in the same phase. When multiple WasmExtensions are applied to the same workload in the same phase, they will be applied by priority, in descending order. If no priority is assigned it will use the default 0 value. In case of several extensions having the same priority in the same phase, the fqn will be used to sort them. |
source | string (Source to find the code for the WASM extension) |
object (v2VmConfig) Configuration for a Wasm VM. more details can be found here. |
{- "allowedIn": [
- "string"
], - "config": { },
- "description": "string",
- "displayName": "string",
- "etag": "string",
- "image": "string",
- "imagePullPolicy": "UNSPECIFIED_POLICY",
- "imagePullSecret": "string",
- "phase": "UNSPECIFIED_PHASE",
- "priority": 0,
- "source": "string",
- "vmConfig": {
- "env": [
- {
- "name": "string",
- "valueFrom": "INLINE",
- "value": "string"
}
]
}
}
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "allowedIn": [
- "string"
], - "image": "string",
- "source": "string",
- "phase": "UNSPECIFIED_PHASE",
- "priority": 0,
- "config": { },
- "imagePullPolicy": "UNSPECIFIED_POLICY",
- "imagePullSecret": "string",
- "vmConfig": {
- "env": [
- {
- "name": "string",
- "valueFrom": "INLINE",
- "value": "string"
}
]
}
}
organization required | string Organization name. |
extension required | string Extension name. |
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
{- "groups": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "namespaceSelector": {
- "names": [
- "string"
]
}, - "configMode": "BRIDGED"
}
]
}
Groups will by default configure all the namespaces owned by their workspace, unless explicitly configured. If a specific set of namespaces is set for the group, it must be a subset of the namespaces defined by its workspace.
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
required | object (v2Group) A gateway group manages the gateways in a group of namespaces owned by the parent workspace. |
name required | string The short name for the resource to be created. |
{- "group": {
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "namespaceSelector": {
- "names": [
- "string"
]
}, - "configMode": "BRIDGED"
}, - "name": "string"
}
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "namespaceSelector": {
- "names": [
- "string"
]
}, - "configMode": "BRIDGED"
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "namespaceSelector": {
- "names": [
- "string"
]
}, - "configMode": "BRIDGED"
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
configMode | string (v2ConfigMode) Default: "BRIDGED" Enum: "BRIDGED" "DIRECT" The configuration mode used by a traffic, security or a gateway group.
|
description | string (A description of the resource.
$hide_from_yaml) |
displayName | string (User friendly name for the resource.
$hide_from_yaml) |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
required | object (`NamespaceSelector` selects a set of namespaces across one or more
clusters in a tenant. Namespace selectors can be used at Workspace
level to carve out a chunk of resources under a tenant into an
isolated configuration domain. They can be used in a Traffic,
Security, or a Gateway group to further scope the set of namespaces
that will belong to a specific configuration group.
Names in namespaces selector must be in the form `cluster/namespace`
where:
- cluster must be a cluster name or an `*` to mean all clusters
- namespace must be a namespace name, an `*` to mean all namespaces
or a prefix like `ns-*` to mean all those namespaces starting
by `ns-`) |
{- "configMode": "BRIDGED",
- "description": "string",
- "displayName": "string",
- "etag": "string",
- "namespaceSelector": {
- "names": [
- "string"
]
}
}
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "namespaceSelector": {
- "names": [
- "string"
]
}, - "configMode": "BRIDGED"
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
{- "egressGateways": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "workloadSelector": {
- "namespace": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}
}, - "authorization": [
- {
- "from": {
- "mode": "UNSET",
- "serviceAccounts": [
- "string"
], - "http": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": null,
- "privateKey": null,
- "caCertificates": null
}, - "subjectAltNames": [
- null
]
}
}, - "local": {
- "rules": [
- {
- "name": null,
- "from": [ ],
- "to": [ ]
}
]
}
}, - "rules": {
- "allow": [
- {
- "from": {
- "fqn": null
}, - "to": {
- "fqn": null
}
}
], - "denyAll": true,
- "deny": [
- {
- "from": {
- "fqn": null
}, - "to": {
- "fqn": null
}
}
]
}
}, - "to": [
- "string"
]
}
], - "extension": [
- {
- "fqn": "string",
- "config": { }
}
]
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
required | object (v2EgressGateway)
--> |
name required | string The short name for the resource to be created. |
{- "egressGateway": {
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "workloadSelector": {
- "namespace": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}
}, - "authorization": [
- {
- "from": {
- "mode": "UNSET",
- "serviceAccounts": [
- "string"
], - "http": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- null
], - "to": [
- null
]
}
]
}
}, - "rules": {
- "allow": [
- {
- "from": {
- "fqn": "string"
}, - "to": {
- "fqn": "string"
}
}
], - "denyAll": true,
- "deny": [
- {
- "from": {
- "fqn": "string"
}, - "to": {
- "fqn": "string"
}
}
]
}
}, - "to": [
- "string"
]
}
], - "extension": [
- {
- "fqn": "string",
- "config": { }
}
]
}, - "name": "string"
}
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "workloadSelector": {
- "namespace": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}
}, - "authorization": [
- {
- "from": {
- "mode": "UNSET",
- "serviceAccounts": [
- "string"
], - "http": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": null
}
], - "to": [
- {
- "paths": [ ],
- "methods": [ ]
}
]
}
]
}
}, - "rules": {
- "allow": [
- {
- "from": {
- "fqn": "string"
}, - "to": {
- "fqn": "string"
}
}
], - "denyAll": true,
- "deny": [
- {
- "from": {
- "fqn": "string"
}, - "to": {
- "fqn": "string"
}
}
]
}
}, - "to": [
- "string"
]
}
], - "extension": [
- {
- "fqn": "string",
- "config": { }
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
egressgateway required | string Egressgateway name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "workloadSelector": {
- "namespace": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}
}, - "authorization": [
- {
- "from": {
- "mode": "UNSET",
- "serviceAccounts": [
- "string"
], - "http": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": null
}
], - "to": [
- {
- "paths": [ ],
- "methods": [ ]
}
]
}
]
}
}, - "rules": {
- "allow": [
- {
- "from": {
- "fqn": "string"
}, - "to": {
- "fqn": "string"
}
}
], - "denyAll": true,
- "deny": [
- {
- "from": {
- "fqn": "string"
}, - "to": {
- "fqn": "string"
}
}
]
}
}, - "to": [
- "string"
]
}
], - "extension": [
- {
- "fqn": "string",
- "config": { }
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
egressgateway required | string Egressgateway name. |
Array of objects (EgressAuthorization is used to dictate which service accounts can access a set of external hosts) The description of which service accounts can access which hosts. If the list of authorization rules is empty, this egress gateway will deny all traffic. | |
description | string (A description of the resource.
$hide_from_yaml) |
displayName | string (User friendly name for the resource.
$hide_from_yaml) |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
Array of objects (v2WasmExtensionAttachment) Extensions specifies all the WasmExtensions assigned to this EgressGateway with the specific configuration for each extension. This custom configuration will override the one configured globally to the extension. Each extension has a global configuration including enablement and priority that will condition the execution of the assigned extensions. | |
required | object (v2WorkloadSelector)
|
{- "authorization": [
- {
- "from": {
- "mode": "UNSET",
- "serviceAccounts": [
- "string"
], - "http": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": null
}
], - "to": [
- {
- "paths": [ ],
- "methods": [ ]
}
]
}
]
}
}, - "rules": {
- "allow": [
- {
- "from": {
- "fqn": "string"
}, - "to": {
- "fqn": "string"
}
}
], - "denyAll": true,
- "deny": [
- {
- "from": {
- "fqn": "string"
}, - "to": {
- "fqn": "string"
}
}
]
}
}, - "to": [
- "string"
]
}
], - "description": "string",
- "displayName": "string",
- "etag": "string",
- "extension": [
- {
- "fqn": "string",
- "config": { }
}
], - "workloadSelector": {
- "namespace": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}
}
}
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "workloadSelector": {
- "namespace": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}
}, - "authorization": [
- {
- "from": {
- "mode": "UNSET",
- "serviceAccounts": [
- "string"
], - "http": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": null
}
], - "to": [
- {
- "paths": [ ],
- "methods": [ ]
}
]
}
]
}
}, - "rules": {
- "allow": [
- {
- "from": {
- "fqn": "string"
}, - "to": {
- "fqn": "string"
}
}
], - "denyAll": true,
- "deny": [
- {
- "from": {
- "fqn": "string"
}, - "to": {
- "fqn": "string"
}
}
]
}
}, - "to": [
- "string"
]
}
], - "extension": [
- {
- "fqn": "string",
- "config": { }
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
egressgateway required | string Egressgateway name. |
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
{- "ingressGateways": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "workloadSelector": {
- "namespace": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}
}, - "http": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}, - "xxxOldAuthentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "authentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "xxxOldAuthorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
]
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- null
], - "to": [
- null
]
}
]
}
}, - "authorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- null
], - "to": [
- null
]
}
]
}
}, - "routing": {
- "corsPolicy": {
- "allowOrigin": [
- "string"
], - "allowMethods": [
- "string"
], - "allowHeaders": [
- "string"
], - "exposeHeaders": [
- "string"
], - "maxAge": "string",
- "allowCredentials": true
}, - "rules": [
- {
- "match": [
- {
- "uri": null,
- "headers": { }
}
], - "modify": {
- "rewrite": {
- "uri": null,
- "authority": null
}, - "headers": {
- "request": null,
- "response": null
}
}, - "route": {
- "host": "string",
- "port": 0
}, - "redirect": {
- "uri": "string",
- "authority": "string",
- "redirectCode": 0,
- "port": 0,
- "scheme": "string"
}
}
]
}, - "rateLimiting": {
- "settings": {
- "rules": [
- {
- "dimensions": [
- null
], - "limit": {
- "requestsPerUnit": null,
- "unit": null
}
}
], - "failClosed": true,
- "timeout": "string"
}, - "externalService": {
- "domain": "string",
- "failClosed": true,
- "rateLimitServerUri": "string",
- "rules": [
- {
- "dimensions": [
- null
]
}
], - "timeout": "string",
- "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}
}
}
], - "tlsPassthrough": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "route": {
- "host": "string",
- "port": 0
}
}
], - "tcp": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}, - "route": {
- "host": "string",
- "port": 0
}
}
], - "extension": [
- {
- "fqn": "string",
- "config": { }
}
], - "waf": {
- "rules": [
- "string"
]
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
required | object (v2IngressGateway)
|
name required | string The short name for the resource to be created. |
{- "ingressGateway": {
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "workloadSelector": {
- "namespace": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}
}, - "http": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}, - "xxxOldAuthentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "authentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "xxxOldAuthorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
]
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": null
}
], - "to": [
- {
- "paths": [ ],
- "methods": [ ]
}
]
}
]
}
}, - "authorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": null
}
], - "to": [
- {
- "paths": [ ],
- "methods": [ ]
}
]
}
]
}
}, - "routing": {
- "corsPolicy": {
- "allowOrigin": [
- "string"
], - "allowMethods": [
- "string"
], - "allowHeaders": [
- "string"
], - "exposeHeaders": [
- "string"
], - "maxAge": "string",
- "allowCredentials": true
}, - "rules": [
- {
- "match": [
- {
- "uri": {
- "exact": null,
- "prefix": null,
- "regex": null
}, - "headers": {
- "property1": null,
- "property2": null
}
}
], - "modify": {
- "rewrite": {
- "uri": "string",
- "authority": "string"
}, - "headers": {
- "request": {
- "set": { },
- "add": { },
- "remove": [ ]
}, - "response": {
- "set": { },
- "add": { },
- "remove": [ ]
}
}
}, - "route": {
- "host": "string",
- "port": 0
}, - "redirect": {
- "uri": "string",
- "authority": "string",
- "redirectCode": 0,
- "port": 0,
- "scheme": "string"
}
}
]
}, - "rateLimiting": {
- "settings": {
- "rules": [
- {
- "dimensions": [
- {
- "remoteAddress": null,
- "header": null
}
], - "limit": {
- "requestsPerUnit": 0,
- "unit": "UNKNOWN"
}
}
], - "failClosed": true,
- "timeout": "string"
}, - "externalService": {
- "domain": "string",
- "failClosed": true,
- "rateLimitServerUri": "string",
- "rules": [
- {
- "dimensions": [
- {
- "sourceCluster": null,
- "destinationCluster": null,
- "remoteAddress": null,
- "requestHeaders": null,
- "headerValueMatch": null
}
]
}
], - "timeout": "string",
- "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}
}
}
], - "tlsPassthrough": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "route": {
- "host": "string",
- "port": 0
}
}
], - "tcp": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}, - "route": {
- "host": "string",
- "port": 0
}
}
], - "extension": [
- {
- "fqn": "string",
- "config": { }
}
], - "waf": {
- "rules": [
- "string"
]
}
}, - "name": "string"
}
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "workloadSelector": {
- "namespace": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}
}, - "http": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}, - "xxxOldAuthentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "authentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "xxxOldAuthorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
]
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": {
- "iss": null,
- "sub": null,
- "other": { }
}
}
], - "to": [
- {
- "paths": [
- null
], - "methods": [
- null
]
}
]
}
]
}
}, - "authorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": {
- "iss": null,
- "sub": null,
- "other": { }
}
}
], - "to": [
- {
- "paths": [
- null
], - "methods": [
- null
]
}
]
}
]
}
}, - "routing": {
- "corsPolicy": {
- "allowOrigin": [
- "string"
], - "allowMethods": [
- "string"
], - "allowHeaders": [
- "string"
], - "exposeHeaders": [
- "string"
], - "maxAge": "string",
- "allowCredentials": true
}, - "rules": [
- {
- "match": [
- {
- "uri": {
- "exact": "string",
- "prefix": "string",
- "regex": "string"
}, - "headers": {
- "property1": {
- "exact": null,
- "prefix": null,
- "regex": null
}, - "property2": {
- "exact": null,
- "prefix": null,
- "regex": null
}
}
}
], - "modify": {
- "rewrite": {
- "uri": "string",
- "authority": "string"
}, - "headers": {
- "request": {
- "set": {
- "property1": null,
- "property2": null
}, - "add": {
- "property1": null,
- "property2": null
}, - "remove": [
- null
]
}, - "response": {
- "set": {
- "property1": null,
- "property2": null
}, - "add": {
- "property1": null,
- "property2": null
}, - "remove": [
- null
]
}
}
}, - "route": {
- "host": "string",
- "port": 0
}, - "redirect": {
- "uri": "string",
- "authority": "string",
- "redirectCode": 0,
- "port": 0,
- "scheme": "string"
}
}
]
}, - "rateLimiting": {
- "settings": {
- "rules": [
- {
- "dimensions": [
- {
- "remoteAddress": {
- "value": null
}, - "header": {
- "name": null,
- "value": null,
- "dontMatch": null
}
}
], - "limit": {
- "requestsPerUnit": 0,
- "unit": "UNKNOWN"
}
}
], - "failClosed": true,
- "timeout": "string"
}, - "externalService": {
- "domain": "string",
- "failClosed": true,
- "rateLimitServerUri": "string",
- "rules": [
- {
- "dimensions": [
- {
- "sourceCluster": { },
- "destinationCluster": { },
- "remoteAddress": { },
- "requestHeaders": {
- "headerName": null,
- "descriptorKey": null
}, - "headerValueMatch": {
- "headers": { },
- "descriptorValue": null,
- "dontMatch": null
}
}
]
}
], - "timeout": "string",
- "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}
}
}
], - "tlsPassthrough": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "route": {
- "host": "string",
- "port": 0
}
}
], - "tcp": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}, - "route": {
- "host": "string",
- "port": 0
}
}
], - "extension": [
- {
- "fqn": "string",
- "config": { }
}
], - "waf": {
- "rules": [
- "string"
]
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
ingressgateway required | string Ingressgateway name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "workloadSelector": {
- "namespace": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}
}, - "http": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}, - "xxxOldAuthentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "authentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "xxxOldAuthorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
]
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": {
- "iss": null,
- "sub": null,
- "other": { }
}
}
], - "to": [
- {
- "paths": [
- null
], - "methods": [
- null
]
}
]
}
]
}
}, - "authorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": {
- "iss": null,
- "sub": null,
- "other": { }
}
}
], - "to": [
- {
- "paths": [
- null
], - "methods": [
- null
]
}
]
}
]
}
}, - "routing": {
- "corsPolicy": {
- "allowOrigin": [
- "string"
], - "allowMethods": [
- "string"
], - "allowHeaders": [
- "string"
], - "exposeHeaders": [
- "string"
], - "maxAge": "string",
- "allowCredentials": true
}, - "rules": [
- {
- "match": [
- {
- "uri": {
- "exact": "string",
- "prefix": "string",
- "regex": "string"
}, - "headers": {
- "property1": {
- "exact": null,
- "prefix": null,
- "regex": null
}, - "property2": {
- "exact": null,
- "prefix": null,
- "regex": null
}
}
}
], - "modify": {
- "rewrite": {
- "uri": "string",
- "authority": "string"
}, - "headers": {
- "request": {
- "set": {
- "property1": null,
- "property2": null
}, - "add": {
- "property1": null,
- "property2": null
}, - "remove": [
- null
]
}, - "response": {
- "set": {
- "property1": null,
- "property2": null
}, - "add": {
- "property1": null,
- "property2": null
}, - "remove": [
- null
]
}
}
}, - "route": {
- "host": "string",
- "port": 0
}, - "redirect": {
- "uri": "string",
- "authority": "string",
- "redirectCode": 0,
- "port": 0,
- "scheme": "string"
}
}
]
}, - "rateLimiting": {
- "settings": {
- "rules": [
- {
- "dimensions": [
- {
- "remoteAddress": {
- "value": null
}, - "header": {
- "name": null,
- "value": null,
- "dontMatch": null
}
}
], - "limit": {
- "requestsPerUnit": 0,
- "unit": "UNKNOWN"
}
}
], - "failClosed": true,
- "timeout": "string"
}, - "externalService": {
- "domain": "string",
- "failClosed": true,
- "rateLimitServerUri": "string",
- "rules": [
- {
- "dimensions": [
- {
- "sourceCluster": { },
- "destinationCluster": { },
- "remoteAddress": { },
- "requestHeaders": {
- "headerName": null,
- "descriptorKey": null
}, - "headerValueMatch": {
- "headers": { },
- "descriptorValue": null,
- "dontMatch": null
}
}
]
}
], - "timeout": "string",
- "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}
}
}
], - "tlsPassthrough": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "route": {
- "host": "string",
- "port": 0
}
}
], - "tcp": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}, - "route": {
- "host": "string",
- "port": 0
}
}
], - "extension": [
- {
- "fqn": "string",
- "config": { }
}
], - "waf": {
- "rules": [
- "string"
]
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
ingressgateway required | string Ingressgateway name. |
description | string (A description of the resource.
$hide_from_yaml) |
displayName | string (User friendly name for the resource.
$hide_from_yaml) |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
Array of objects (v2WasmExtensionAttachment) Extensions specifies all the WasmExtensions assigned to this IngressGateway with the specific configuration for each extension. This custom configuration will override the one configured globally to the extension. Each extension has a global configuration including enablement and priority that will condition the execution of the assigned extensions. | |
Array of objects (v2HttpServer) One or more HTTP or HTTPS servers exposed by the gateway. The server exposes configuration for TLS termination, request authentication/authorization, HTTP routing, etc. | |
Array of objects (One or more non-HTTP and non-passthrough servers which use TCP
based protocols. This server also exposes configuration for terminating TLS) | |
Array of objects (v2TLSPassthroughServer) One or more TLS servers exposed by the gateway. The server does not terminate TLS and exposes config for SNI based routing. | |
object (WAFSettings configure WAF based on seclang
See https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-%28v3.x%29#Configuration_Directives) | |
required | object (v2WorkloadSelector)
|
{- "description": "string",
- "displayName": "string",
- "etag": "string",
- "extension": [
- {
- "fqn": "string",
- "config": { }
}
], - "http": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}, - "xxxOldAuthentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "authentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "xxxOldAuthorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
]
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": {
- "iss": null,
- "sub": null,
- "other": { }
}
}
], - "to": [
- {
- "paths": [
- null
], - "methods": [
- null
]
}
]
}
]
}
}, - "authorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": {
- "iss": null,
- "sub": null,
- "other": { }
}
}
], - "to": [
- {
- "paths": [
- null
], - "methods": [
- null
]
}
]
}
]
}
}, - "routing": {
- "corsPolicy": {
- "allowOrigin": [
- "string"
], - "allowMethods": [
- "string"
], - "allowHeaders": [
- "string"
], - "exposeHeaders": [
- "string"
], - "maxAge": "string",
- "allowCredentials": true
}, - "rules": [
- {
- "match": [
- {
- "uri": {
- "exact": "string",
- "prefix": "string",
- "regex": "string"
}, - "headers": {
- "property1": {
- "exact": null,
- "prefix": null,
- "regex": null
}, - "property2": {
- "exact": null,
- "prefix": null,
- "regex": null
}
}
}
], - "modify": {
- "rewrite": {
- "uri": "string",
- "authority": "string"
}, - "headers": {
- "request": {
- "set": {
- "property1": null,
- "property2": null
}, - "add": {
- "property1": null,
- "property2": null
}, - "remove": [
- null
]
}, - "response": {
- "set": {
- "property1": null,
- "property2": null
}, - "add": {
- "property1": null,
- "property2": null
}, - "remove": [
- null
]
}
}
}, - "route": {
- "host": "string",
- "port": 0
}, - "redirect": {
- "uri": "string",
- "authority": "string",
- "redirectCode": 0,
- "port": 0,
- "scheme": "string"
}
}
]
}, - "rateLimiting": {
- "settings": {
- "rules": [
- {
- "dimensions": [
- {
- "remoteAddress": {
- "value": null
}, - "header": {
- "name": null,
- "value": null,
- "dontMatch": null
}
}
], - "limit": {
- "requestsPerUnit": 0,
- "unit": "UNKNOWN"
}
}
], - "failClosed": true,
- "timeout": "string"
}, - "externalService": {
- "domain": "string",
- "failClosed": true,
- "rateLimitServerUri": "string",
- "rules": [
- {
- "dimensions": [
- {
- "sourceCluster": { },
- "destinationCluster": { },
- "remoteAddress": { },
- "requestHeaders": {
- "headerName": null,
- "descriptorKey": null
}, - "headerValueMatch": {
- "headers": { },
- "descriptorValue": null,
- "dontMatch": null
}
}
]
}
], - "timeout": "string",
- "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}
}
}
], - "tcp": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}, - "route": {
- "host": "string",
- "port": 0
}
}
], - "tlsPassthrough": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "route": {
- "host": "string",
- "port": 0
}
}
], - "waf": {
- "rules": [
- "string"
]
}, - "workloadSelector": {
- "namespace": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}
}
}
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "workloadSelector": {
- "namespace": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}
}, - "http": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}, - "xxxOldAuthentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "authentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "xxxOldAuthorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
]
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": {
- "iss": null,
- "sub": null,
- "other": { }
}
}
], - "to": [
- {
- "paths": [
- null
], - "methods": [
- null
]
}
]
}
]
}
}, - "authorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": {
- "iss": null,
- "sub": null,
- "other": { }
}
}
], - "to": [
- {
- "paths": [
- null
], - "methods": [
- null
]
}
]
}
]
}
}, - "routing": {
- "corsPolicy": {
- "allowOrigin": [
- "string"
], - "allowMethods": [
- "string"
], - "allowHeaders": [
- "string"
], - "exposeHeaders": [
- "string"
], - "maxAge": "string",
- "allowCredentials": true
}, - "rules": [
- {
- "match": [
- {
- "uri": {
- "exact": "string",
- "prefix": "string",
- "regex": "string"
}, - "headers": {
- "property1": {
- "exact": null,
- "prefix": null,
- "regex": null
}, - "property2": {
- "exact": null,
- "prefix": null,
- "regex": null
}
}
}
], - "modify": {
- "rewrite": {
- "uri": "string",
- "authority": "string"
}, - "headers": {
- "request": {
- "set": {
- "property1": null,
- "property2": null
}, - "add": {
- "property1": null,
- "property2": null
}, - "remove": [
- null
]
}, - "response": {
- "set": {
- "property1": null,
- "property2": null
}, - "add": {
- "property1": null,
- "property2": null
}, - "remove": [
- null
]
}
}
}, - "route": {
- "host": "string",
- "port": 0
}, - "redirect": {
- "uri": "string",
- "authority": "string",
- "redirectCode": 0,
- "port": 0,
- "scheme": "string"
}
}
]
}, - "rateLimiting": {
- "settings": {
- "rules": [
- {
- "dimensions": [
- {
- "remoteAddress": {
- "value": null
}, - "header": {
- "name": null,
- "value": null,
- "dontMatch": null
}
}
], - "limit": {
- "requestsPerUnit": 0,
- "unit": "UNKNOWN"
}
}
], - "failClosed": true,
- "timeout": "string"
}, - "externalService": {
- "domain": "string",
- "failClosed": true,
- "rateLimitServerUri": "string",
- "rules": [
- {
- "dimensions": [
- {
- "sourceCluster": { },
- "destinationCluster": { },
- "remoteAddress": { },
- "requestHeaders": {
- "headerName": null,
- "descriptorKey": null
}, - "headerValueMatch": {
- "headers": { },
- "descriptorValue": null,
- "dontMatch": null
}
}
]
}
], - "timeout": "string",
- "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}
}
}
], - "tlsPassthrough": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "route": {
- "host": "string",
- "port": 0
}
}
], - "tcp": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}, - "route": {
- "host": "string",
- "port": 0
}
}
], - "extension": [
- {
- "fqn": "string",
- "config": { }
}
], - "waf": {
- "rules": [
- "string"
]
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
ingressgateway required | string Ingressgateway name. |
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
{- "tier1Gateways": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "workloadSelector": {
- "namespace": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}
}, - "externalServers": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}, - "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
], - "redirect": {
- "uri": "string",
- "authority": "string",
- "redirectCode": 0,
- "port": 0,
- "scheme": "string"
}, - "authentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "authorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- null
], - "to": [
- null
]
}
]
}
}, - "rateLimiting": {
- "settings": {
- "rules": [
- {
- "dimensions": [
- null
], - "limit": {
- "requestsPerUnit": null,
- "unit": null
}
}
], - "failClosed": true,
- "timeout": "string"
}, - "externalService": {
- "domain": "string",
- "failClosed": true,
- "rateLimitServerUri": "string",
- "rules": [
- {
- "dimensions": [
- null
]
}
], - "timeout": "string",
- "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}
}
}
], - "internalServers": [
- {
- "name": "string",
- "hostname": "string",
- "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
], - "authentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "authorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- null
], - "to": [
- null
]
}
]
}
}
}
], - "passthroughServers": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
]
}
], - "tcpExternalServers": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
], - "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}
}
], - "tcpInternalServers": [
- {
- "name": "string",
- "hostname": "string",
- "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
]
}
], - "extension": [
- {
- "fqn": "string",
- "config": { }
}
], - "waf": {
- "rules": [
- "string"
]
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
name required | string The short name for the resource to be created. |
required | object (v2Tier1Gateway)
|
{- "name": "string",
- "tier1Gateway": {
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "workloadSelector": {
- "namespace": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}
}, - "externalServers": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}, - "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
], - "redirect": {
- "uri": "string",
- "authority": "string",
- "redirectCode": 0,
- "port": 0,
- "scheme": "string"
}, - "authentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "authorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": null
}
], - "to": [
- {
- "paths": [ ],
- "methods": [ ]
}
]
}
]
}
}, - "rateLimiting": {
- "settings": {
- "rules": [
- {
- "dimensions": [
- {
- "remoteAddress": null,
- "header": null
}
], - "limit": {
- "requestsPerUnit": 0,
- "unit": "UNKNOWN"
}
}
], - "failClosed": true,
- "timeout": "string"
}, - "externalService": {
- "domain": "string",
- "failClosed": true,
- "rateLimitServerUri": "string",
- "rules": [
- {
- "dimensions": [
- {
- "sourceCluster": null,
- "destinationCluster": null,
- "remoteAddress": null,
- "requestHeaders": null,
- "headerValueMatch": null
}
]
}
], - "timeout": "string",
- "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}
}
}
], - "internalServers": [
- {
- "name": "string",
- "hostname": "string",
- "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
], - "authentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "authorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": null
}
], - "to": [
- {
- "paths": [ ],
- "methods": [ ]
}
]
}
]
}
}
}
], - "passthroughServers": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
]
}
], - "tcpExternalServers": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
], - "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}
}
], - "tcpInternalServers": [
- {
- "name": "string",
- "hostname": "string",
- "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
]
}
], - "extension": [
- {
- "fqn": "string",
- "config": { }
}
], - "waf": {
- "rules": [
- "string"
]
}
}
}
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "workloadSelector": {
- "namespace": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}
}, - "externalServers": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}, - "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
], - "redirect": {
- "uri": "string",
- "authority": "string",
- "redirectCode": 0,
- "port": 0,
- "scheme": "string"
}, - "authentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "authorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": {
- "iss": null,
- "sub": null,
- "other": { }
}
}
], - "to": [
- {
- "paths": [
- null
], - "methods": [
- null
]
}
]
}
]
}
}, - "rateLimiting": {
- "settings": {
- "rules": [
- {
- "dimensions": [
- {
- "remoteAddress": {
- "value": null
}, - "header": {
- "name": null,
- "value": null,
- "dontMatch": null
}
}
], - "limit": {
- "requestsPerUnit": 0,
- "unit": "UNKNOWN"
}
}
], - "failClosed": true,
- "timeout": "string"
}, - "externalService": {
- "domain": "string",
- "failClosed": true,
- "rateLimitServerUri": "string",
- "rules": [
- {
- "dimensions": [
- {
- "sourceCluster": { },
- "destinationCluster": { },
- "remoteAddress": { },
- "requestHeaders": {
- "headerName": null,
- "descriptorKey": null
}, - "headerValueMatch": {
- "headers": { },
- "descriptorValue": null,
- "dontMatch": null
}
}
]
}
], - "timeout": "string",
- "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}
}
}
], - "internalServers": [
- {
- "name": "string",
- "hostname": "string",
- "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
], - "authentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "authorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": {
- "iss": null,
- "sub": null,
- "other": { }
}
}
], - "to": [
- {
- "paths": [
- null
], - "methods": [
- null
]
}
]
}
]
}
}
}
], - "passthroughServers": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
]
}
], - "tcpExternalServers": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
], - "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}
}
], - "tcpInternalServers": [
- {
- "name": "string",
- "hostname": "string",
- "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
]
}
], - "extension": [
- {
- "fqn": "string",
- "config": { }
}
], - "waf": {
- "rules": [
- "string"
]
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
tier1gateway required | string Tier1gateway name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "workloadSelector": {
- "namespace": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}
}, - "externalServers": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}, - "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
], - "redirect": {
- "uri": "string",
- "authority": "string",
- "redirectCode": 0,
- "port": 0,
- "scheme": "string"
}, - "authentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "authorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": {
- "iss": null,
- "sub": null,
- "other": { }
}
}
], - "to": [
- {
- "paths": [
- null
], - "methods": [
- null
]
}
]
}
]
}
}, - "rateLimiting": {
- "settings": {
- "rules": [
- {
- "dimensions": [
- {
- "remoteAddress": {
- "value": null
}, - "header": {
- "name": null,
- "value": null,
- "dontMatch": null
}
}
], - "limit": {
- "requestsPerUnit": 0,
- "unit": "UNKNOWN"
}
}
], - "failClosed": true,
- "timeout": "string"
}, - "externalService": {
- "domain": "string",
- "failClosed": true,
- "rateLimitServerUri": "string",
- "rules": [
- {
- "dimensions": [
- {
- "sourceCluster": { },
- "destinationCluster": { },
- "remoteAddress": { },
- "requestHeaders": {
- "headerName": null,
- "descriptorKey": null
}, - "headerValueMatch": {
- "headers": { },
- "descriptorValue": null,
- "dontMatch": null
}
}
]
}
], - "timeout": "string",
- "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}
}
}
], - "internalServers": [
- {
- "name": "string",
- "hostname": "string",
- "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
], - "authentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "authorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": {
- "iss": null,
- "sub": null,
- "other": { }
}
}
], - "to": [
- {
- "paths": [
- null
], - "methods": [
- null
]
}
]
}
]
}
}
}
], - "passthroughServers": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
]
}
], - "tcpExternalServers": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
], - "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}
}
], - "tcpInternalServers": [
- {
- "name": "string",
- "hostname": "string",
- "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
]
}
], - "extension": [
- {
- "fqn": "string",
- "config": { }
}
], - "waf": {
- "rules": [
- "string"
]
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
tier1gateway required | string Tier1gateway name. |
description | string (A description of the resource.
$hide_from_yaml) |
displayName | string (User friendly name for the resource.
$hide_from_yaml) |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
Array of objects (v2WasmExtensionAttachment) Extensions specifies all the WasmExtensions assigned to this Tier1Gateway with the specific configuration for each extension. This custom configuration will override the one configured globally to the extension. Each extension has a global configuration including enablement and priority that will condition the execution of the assigned extensions. | |
Array of objects (v2Tier1ExternalServer) One or more servers exposed by the gateway externally. | |
Array of objects (v2Tier1InternalServer) One or more servers exposed by the gateway internally for cross cluster forwarding. | |
Array of objects (v2Tier1PassthroughServer) One or more tls passthrough servers exposed by the gateway externally. | |
Array of objects (v2Tier1TCPExternalServer) One or more tcp servers exposed by the gateway externally. | |
Array of objects (v2Tier1TCPInternalServer) One or more tcp servers exposed by the gateway for mesh internal traffic. | |
object (WAFSettings configure WAF based on seclang
See https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-%28v3.x%29#Configuration_Directives) | |
required | object (v2WorkloadSelector)
|
{- "description": "string",
- "displayName": "string",
- "etag": "string",
- "extension": [
- {
- "fqn": "string",
- "config": { }
}
], - "externalServers": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}, - "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
], - "redirect": {
- "uri": "string",
- "authority": "string",
- "redirectCode": 0,
- "port": 0,
- "scheme": "string"
}, - "authentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "authorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": {
- "iss": null,
- "sub": null,
- "other": { }
}
}
], - "to": [
- {
- "paths": [
- null
], - "methods": [
- null
]
}
]
}
]
}
}, - "rateLimiting": {
- "settings": {
- "rules": [
- {
- "dimensions": [
- {
- "remoteAddress": {
- "value": null
}, - "header": {
- "name": null,
- "value": null,
- "dontMatch": null
}
}
], - "limit": {
- "requestsPerUnit": 0,
- "unit": "UNKNOWN"
}
}
], - "failClosed": true,
- "timeout": "string"
}, - "externalService": {
- "domain": "string",
- "failClosed": true,
- "rateLimitServerUri": "string",
- "rules": [
- {
- "dimensions": [
- {
- "sourceCluster": { },
- "destinationCluster": { },
- "remoteAddress": { },
- "requestHeaders": {
- "headerName": null,
- "descriptorKey": null
}, - "headerValueMatch": {
- "headers": { },
- "descriptorValue": null,
- "dontMatch": null
}
}
]
}
], - "timeout": "string",
- "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}
}
}
], - "internalServers": [
- {
- "name": "string",
- "hostname": "string",
- "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
], - "authentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "authorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": {
- "iss": null,
- "sub": null,
- "other": { }
}
}
], - "to": [
- {
- "paths": [
- null
], - "methods": [
- null
]
}
]
}
]
}
}
}
], - "passthroughServers": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
]
}
], - "tcpExternalServers": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
], - "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}
}
], - "tcpInternalServers": [
- {
- "name": "string",
- "hostname": "string",
- "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
]
}
], - "waf": {
- "rules": [
- "string"
]
}, - "workloadSelector": {
- "namespace": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}
}
}
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "workloadSelector": {
- "namespace": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}
}, - "externalServers": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}, - "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
], - "redirect": {
- "uri": "string",
- "authority": "string",
- "redirectCode": 0,
- "port": 0,
- "scheme": "string"
}, - "authentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "authorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": {
- "iss": null,
- "sub": null,
- "other": { }
}
}
], - "to": [
- {
- "paths": [
- null
], - "methods": [
- null
]
}
]
}
]
}
}, - "rateLimiting": {
- "settings": {
- "rules": [
- {
- "dimensions": [
- {
- "remoteAddress": {
- "value": null
}, - "header": {
- "name": null,
- "value": null,
- "dontMatch": null
}
}
], - "limit": {
- "requestsPerUnit": 0,
- "unit": "UNKNOWN"
}
}
], - "failClosed": true,
- "timeout": "string"
}, - "externalService": {
- "domain": "string",
- "failClosed": true,
- "rateLimitServerUri": "string",
- "rules": [
- {
- "dimensions": [
- {
- "sourceCluster": { },
- "destinationCluster": { },
- "remoteAddress": { },
- "requestHeaders": {
- "headerName": null,
- "descriptorKey": null
}, - "headerValueMatch": {
- "headers": { },
- "descriptorValue": null,
- "dontMatch": null
}
}
]
}
], - "timeout": "string",
- "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}
}
}
], - "internalServers": [
- {
- "name": "string",
- "hostname": "string",
- "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
], - "authentication": {
- "jwt": {
- "issuer": "string",
- "audiences": [
- "string"
], - "jwksUri": "string",
- "jwks": "string"
}
}, - "authorization": {
- "external": {
- "uri": "string",
- "includeRequestHeaders": [
- "string"
], - "tls": {
- "mode": "DISABLED",
- "files": {
- "clientCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}, - "subjectAltNames": [
- "string"
]
}
}, - "local": {
- "rules": [
- {
- "name": "string",
- "from": [
- {
- "jwt": {
- "iss": null,
- "sub": null,
- "other": { }
}
}
], - "to": [
- {
- "paths": [
- null
], - "methods": [
- null
]
}
]
}
]
}
}
}
], - "passthroughServers": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
]
}
], - "tcpExternalServers": [
- {
- "name": "string",
- "port": 0,
- "hostname": "string",
- "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
], - "tls": {
- "mode": "DISABLED",
- "secretName": "string",
- "files": {
- "serverCertificate": "string",
- "privateKey": "string",
- "caCertificates": "string"
}
}
}
], - "tcpInternalServers": [
- {
- "name": "string",
- "hostname": "string",
- "clusters": [
- {
- "name": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "network": "string",
- "weight": 0
}
]
}
], - "extension": [
- {
- "fqn": "string",
- "config": { }
}
], - "waf": {
- "rules": [
- "string"
]
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
tier1gateway required | string Tier1gateway name. |
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
{- "groups": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "namespaceSelector": {
- "names": [
- "string"
]
}, - "configMode": "BRIDGED"
}
]
}
Groups will by default configure all the namespaces owned by their workspace, unless explicitly configured. If a specific set of namespaces is set for the group, it must be a subset of the namespaces defined by its workspace.
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
required | object (v2Group) A gateway group manages the gateways in a group of namespaces owned by the parent workspace. |
name required | string The short name for the resource to be created. |
{- "group": {
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "namespaceSelector": {
- "names": [
- "string"
]
}, - "configMode": "BRIDGED"
}, - "name": "string"
}
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "namespaceSelector": {
- "names": [
- "string"
]
}, - "configMode": "BRIDGED"
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "namespaceSelector": {
- "names": [
- "string"
]
}, - "configMode": "BRIDGED"
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
description | string (A description of the resource.
$hide_from_yaml) |
displayName | string (User friendly name for the resource.
$hide_from_yaml) |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
required | object (`NamespaceSelector` selects a set of namespaces across one or more
clusters in a tenant. Namespace selectors can be used at Workspace
level to carve out a chunk of resources under a tenant into an
isolated configuration domain. They can be used in a Traffic,
Security, or a Gateway group to further scope the set of namespaces
that will belong to a specific configuration group.
Names in namespaces selector must be in the form `cluster/namespace`
where:
- cluster must be a cluster name or an `*` to mean all clusters
- namespace must be a namespace name, an `*` to mean all namespaces
or a prefix like `ns-*` to mean all those namespaces starting
by `ns-`) |
{- "description": "string",
- "displayName": "string",
- "etag": "string",
- "namespaceSelector": {
- "names": [
- "string"
]
}
}
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "namespaceSelector": {
- "names": [
- "string"
]
}, - "configMode": "BRIDGED"
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
{ }
organization required | string Organization name. |
cluster required | string Cluster name. |
source required | string Source name. |
{- "metrics": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
]
}
organization required | string Organization name. |
cluster required | string Cluster name. |
source required | string Source name. |
metric required | string Metric name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
organization required | string Organization name. |
extension required | string Extension name. |
source required | string Source name. |
{- "metrics": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
]
}
organization required | string Organization name. |
extension required | string Extension name. |
source required | string Source name. |
metric required | string Metric name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
organization required | string Organization name. |
serviceaccount required | string Serviceaccount name. |
source required | string Source name. |
{- "metrics": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
]
}
organization required | string Organization name. |
serviceaccount required | string Serviceaccount name. |
source required | string Source name. |
metric required | string Metric name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
organization required | string Organization name. |
service required | string Service name. |
source required | string Source name. |
{- "metrics": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
]
}
organization required | string Organization name. |
service required | string Service name. |
source required | string Source name. |
metric required | string Metric name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
organization required | string Organization name. |
setting required | string Setting name. |
source required | string Source name. |
{- "metrics": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
]
}
organization required | string Organization name. |
setting required | string Setting name. |
source required | string Source name. |
metric required | string Metric name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
organization required | string Organization name. |
team required | string Team name. |
source required | string Source name. |
{- "metrics": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
]
}
organization required | string Organization name. |
team required | string Team name. |
source required | string Source name. |
metric required | string Metric name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
organization required | string Organization name. |
source required | string Source name. |
{- "metrics": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
]
}
organization required | string Organization name. |
source required | string Source name. |
metric required | string Metric name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
api required | string Api name. |
source required | string Source name. |
{- "metrics": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
api required | string Api name. |
source required | string Source name. |
metric required | string Metric name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
source required | string Source name. |
{- "metrics": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
source required | string Source name. |
metric required | string Metric name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
organization required | string Organization name. |
tenant required | string Tenant name. |
setting required | string Setting name. |
source required | string Source name. |
{- "metrics": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
setting required | string Setting name. |
source required | string Source name. |
metric required | string Metric name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
organization required | string Organization name. |
tenant required | string Tenant name. |
source required | string Source name. |
{- "metrics": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
source required | string Source name. |
metric required | string Metric name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
egressgateway required | string Egressgateway name. |
source required | string Source name. |
{- "metrics": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
egressgateway required | string Egressgateway name. |
source required | string Source name. |
metric required | string Metric name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
ingressgateway required | string Ingressgateway name. |
source required | string Source name. |
{- "metrics": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
ingressgateway required | string Ingressgateway name. |
source required | string Source name. |
metric required | string Metric name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
source required | string Source name. |
{- "metrics": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
source required | string Source name. |
metric required | string Metric name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
tier1gateway required | string Tier1gateway name. |
source required | string Source name. |
{- "metrics": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
tier1gateway required | string Tier1gateway name. |
source required | string Source name. |
metric required | string Metric name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
setting required | string Setting name. |
source required | string Source name. |
{- "metrics": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
setting required | string Setting name. |
source required | string Source name. |
metric required | string Metric name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
source required | string Source name. |
{- "metrics": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
source required | string Source name. |
metric required | string Metric name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
securitygroup required | string Securitygroup name. |
setting required | string Setting name. |
source required | string Source name. |
{- "metrics": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
securitygroup required | string Securitygroup name. |
setting required | string Setting name. |
source required | string Source name. |
metric required | string Metric name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
securitygroup required | string Securitygroup name. |
source required | string Source name. |
{- "metrics": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
securitygroup required | string Securitygroup name. |
source required | string Source name. |
metric required | string Metric name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
setting required | string Setting name. |
source required | string Source name. |
{- "metrics": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
setting required | string Setting name. |
source required | string Source name. |
metric required | string Metric name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
source required | string Source name. |
{- "metrics": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
source required | string Source name. |
metric required | string Metric name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
trafficgroup required | string Trafficgroup name. |
serviceroute required | string Serviceroute name. |
source required | string Source name. |
{- "metrics": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
trafficgroup required | string Trafficgroup name. |
serviceroute required | string Serviceroute name. |
source required | string Source name. |
metric required | string Metric name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
trafficgroup required | string Trafficgroup name. |
setting required | string Setting name. |
source required | string Source name. |
{- "metrics": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
trafficgroup required | string Trafficgroup name. |
setting required | string Setting name. |
source required | string Source name. |
metric required | string Metric name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
trafficgroup required | string Trafficgroup name. |
source required | string Source name. |
{- "metrics": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
trafficgroup required | string Trafficgroup name. |
source required | string Source name. |
metric required | string Metric name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
organization required | string Organization name. |
user required | string User name. |
source required | string Source name. |
{- "metrics": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
]
}
organization required | string Organization name. |
user required | string User name. |
source required | string Source name. |
metric required | string Metric name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "observedResource": "string",
- "measure": {
- "name": "string",
- "unit": "string"
}, - "type": {
- "name": "INVALID_METRIC_TYPE",
- "labels": [
- {
- "key": "string",
- "value": "string"
}
]
}, - "origin": "INVALID_METRIC_ORIGIN",
- "detectionPoint": "INVALID_METRIC_DETECTION_POINT"
}
organization required | string Organization name. |
cluster required | string Cluster name. |
scopeTypes | Array of strings Items Enum: "INVALID" "SERVICE" "INGRESS" "RELATION" The scope type that a telemetry source needs to match. Telemetry sources that matches any requested scope type will be returned.
|
belongTos | Array of strings Which resources the telemetry sources must belong to. Telemetry sources that belongs to any requested resource will be returned. |
existed.since | string <date-time> Moment in time since we retrieve Telemetry Sources. |
existed.until | string <date-time> Moment in time until we retrieve Telemetry Sources. |
{- "sources": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
]
}
organization required | string Organization name. |
cluster required | string Cluster name. |
source required | string Source name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
organization required | string Organization name. |
extension required | string Extension name. |
scopeTypes | Array of strings Items Enum: "INVALID" "SERVICE" "INGRESS" "RELATION" The scope type that a telemetry source needs to match. Telemetry sources that matches any requested scope type will be returned.
|
belongTos | Array of strings Which resources the telemetry sources must belong to. Telemetry sources that belongs to any requested resource will be returned. |
existed.since | string <date-time> Moment in time since we retrieve Telemetry Sources. |
existed.until | string <date-time> Moment in time until we retrieve Telemetry Sources. |
{- "sources": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
]
}
organization required | string Organization name. |
extension required | string Extension name. |
source required | string Source name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
organization required | string Organization name. |
serviceaccount required | string Serviceaccount name. |
scopeTypes | Array of strings Items Enum: "INVALID" "SERVICE" "INGRESS" "RELATION" The scope type that a telemetry source needs to match. Telemetry sources that matches any requested scope type will be returned.
|
belongTos | Array of strings Which resources the telemetry sources must belong to. Telemetry sources that belongs to any requested resource will be returned. |
existed.since | string <date-time> Moment in time since we retrieve Telemetry Sources. |
existed.until | string <date-time> Moment in time until we retrieve Telemetry Sources. |
{- "sources": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
]
}
organization required | string Organization name. |
serviceaccount required | string Serviceaccount name. |
source required | string Source name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
organization required | string Organization name. |
service required | string Service name. |
scopeTypes | Array of strings Items Enum: "INVALID" "SERVICE" "INGRESS" "RELATION" The scope type that a telemetry source needs to match. Telemetry sources that matches any requested scope type will be returned.
|
belongTos | Array of strings Which resources the telemetry sources must belong to. Telemetry sources that belongs to any requested resource will be returned. |
existed.since | string <date-time> Moment in time since we retrieve Telemetry Sources. |
existed.until | string <date-time> Moment in time until we retrieve Telemetry Sources. |
{- "sources": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
]
}
organization required | string Organization name. |
service required | string Service name. |
source required | string Source name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
organization required | string Organization name. |
setting required | string Setting name. |
scopeTypes | Array of strings Items Enum: "INVALID" "SERVICE" "INGRESS" "RELATION" The scope type that a telemetry source needs to match. Telemetry sources that matches any requested scope type will be returned.
|
belongTos | Array of strings Which resources the telemetry sources must belong to. Telemetry sources that belongs to any requested resource will be returned. |
existed.since | string <date-time> Moment in time since we retrieve Telemetry Sources. |
existed.until | string <date-time> Moment in time until we retrieve Telemetry Sources. |
{- "sources": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
]
}
organization required | string Organization name. |
setting required | string Setting name. |
source required | string Source name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
organization required | string Organization name. |
team required | string Team name. |
scopeTypes | Array of strings Items Enum: "INVALID" "SERVICE" "INGRESS" "RELATION" The scope type that a telemetry source needs to match. Telemetry sources that matches any requested scope type will be returned.
|
belongTos | Array of strings Which resources the telemetry sources must belong to. Telemetry sources that belongs to any requested resource will be returned. |
existed.since | string <date-time> Moment in time since we retrieve Telemetry Sources. |
existed.until | string <date-time> Moment in time until we retrieve Telemetry Sources. |
{- "sources": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
]
}
organization required | string Organization name. |
team required | string Team name. |
source required | string Source name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
organization required | string Organization name. |
scopeTypes | Array of strings Items Enum: "INVALID" "SERVICE" "INGRESS" "RELATION" The scope type that a telemetry source needs to match. Telemetry sources that matches any requested scope type will be returned.
|
belongTos | Array of strings Which resources the telemetry sources must belong to. Telemetry sources that belongs to any requested resource will be returned. |
existed.since | string <date-time> Moment in time since we retrieve Telemetry Sources. |
existed.until | string <date-time> Moment in time until we retrieve Telemetry Sources. |
{- "sources": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
]
}
organization required | string Organization name. |
source required | string Source name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
api required | string Api name. |
scopeTypes | Array of strings Items Enum: "INVALID" "SERVICE" "INGRESS" "RELATION" The scope type that a telemetry source needs to match. Telemetry sources that matches any requested scope type will be returned.
|
belongTos | Array of strings Which resources the telemetry sources must belong to. Telemetry sources that belongs to any requested resource will be returned. |
existed.since | string <date-time> Moment in time since we retrieve Telemetry Sources. |
existed.until | string <date-time> Moment in time until we retrieve Telemetry Sources. |
{- "sources": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
api required | string Api name. |
source required | string Source name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
scopeTypes | Array of strings Items Enum: "INVALID" "SERVICE" "INGRESS" "RELATION" The scope type that a telemetry source needs to match. Telemetry sources that matches any requested scope type will be returned.
|
belongTos | Array of strings Which resources the telemetry sources must belong to. Telemetry sources that belongs to any requested resource will be returned. |
existed.since | string <date-time> Moment in time since we retrieve Telemetry Sources. |
existed.until | string <date-time> Moment in time until we retrieve Telemetry Sources. |
{- "sources": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
source required | string Source name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
setting required | string Setting name. |
scopeTypes | Array of strings Items Enum: "INVALID" "SERVICE" "INGRESS" "RELATION" The scope type that a telemetry source needs to match. Telemetry sources that matches any requested scope type will be returned.
|
belongTos | Array of strings Which resources the telemetry sources must belong to. Telemetry sources that belongs to any requested resource will be returned. |
existed.since | string <date-time> Moment in time since we retrieve Telemetry Sources. |
existed.until | string <date-time> Moment in time until we retrieve Telemetry Sources. |
{- "sources": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
setting required | string Setting name. |
source required | string Source name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
scopeTypes | Array of strings Items Enum: "INVALID" "SERVICE" "INGRESS" "RELATION" The scope type that a telemetry source needs to match. Telemetry sources that matches any requested scope type will be returned.
|
belongTos | Array of strings Which resources the telemetry sources must belong to. Telemetry sources that belongs to any requested resource will be returned. |
existed.since | string <date-time> Moment in time since we retrieve Telemetry Sources. |
existed.until | string <date-time> Moment in time until we retrieve Telemetry Sources. |
{- "sources": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
source required | string Source name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
egressgateway required | string Egressgateway name. |
scopeTypes | Array of strings Items Enum: "INVALID" "SERVICE" "INGRESS" "RELATION" The scope type that a telemetry source needs to match. Telemetry sources that matches any requested scope type will be returned.
|
belongTos | Array of strings Which resources the telemetry sources must belong to. Telemetry sources that belongs to any requested resource will be returned. |
existed.since | string <date-time> Moment in time since we retrieve Telemetry Sources. |
existed.until | string <date-time> Moment in time until we retrieve Telemetry Sources. |
{- "sources": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
egressgateway required | string Egressgateway name. |
source required | string Source name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
ingressgateway required | string Ingressgateway name. |
scopeTypes | Array of strings Items Enum: "INVALID" "SERVICE" "INGRESS" "RELATION" The scope type that a telemetry source needs to match. Telemetry sources that matches any requested scope type will be returned.
|
belongTos | Array of strings Which resources the telemetry sources must belong to. Telemetry sources that belongs to any requested resource will be returned. |
existed.since | string <date-time> Moment in time since we retrieve Telemetry Sources. |
existed.until | string <date-time> Moment in time until we retrieve Telemetry Sources. |
{- "sources": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
ingressgateway required | string Ingressgateway name. |
source required | string Source name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
scopeTypes | Array of strings Items Enum: "INVALID" "SERVICE" "INGRESS" "RELATION" The scope type that a telemetry source needs to match. Telemetry sources that matches any requested scope type will be returned.
|
belongTos | Array of strings Which resources the telemetry sources must belong to. Telemetry sources that belongs to any requested resource will be returned. |
existed.since | string <date-time> Moment in time since we retrieve Telemetry Sources. |
existed.until | string <date-time> Moment in time until we retrieve Telemetry Sources. |
{- "sources": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
source required | string Source name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
tier1gateway required | string Tier1gateway name. |
scopeTypes | Array of strings Items Enum: "INVALID" "SERVICE" "INGRESS" "RELATION" The scope type that a telemetry source needs to match. Telemetry sources that matches any requested scope type will be returned.
|
belongTos | Array of strings Which resources the telemetry sources must belong to. Telemetry sources that belongs to any requested resource will be returned. |
existed.since | string <date-time> Moment in time since we retrieve Telemetry Sources. |
existed.until | string <date-time> Moment in time until we retrieve Telemetry Sources. |
{- "sources": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
tier1gateway required | string Tier1gateway name. |
source required | string Source name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
setting required | string Setting name. |
scopeTypes | Array of strings Items Enum: "INVALID" "SERVICE" "INGRESS" "RELATION" The scope type that a telemetry source needs to match. Telemetry sources that matches any requested scope type will be returned.
|
belongTos | Array of strings Which resources the telemetry sources must belong to. Telemetry sources that belongs to any requested resource will be returned. |
existed.since | string <date-time> Moment in time since we retrieve Telemetry Sources. |
existed.until | string <date-time> Moment in time until we retrieve Telemetry Sources. |
{- "sources": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
setting required | string Setting name. |
source required | string Source name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
scopeTypes | Array of strings Items Enum: "INVALID" "SERVICE" "INGRESS" "RELATION" The scope type that a telemetry source needs to match. Telemetry sources that matches any requested scope type will be returned.
|
belongTos | Array of strings Which resources the telemetry sources must belong to. Telemetry sources that belongs to any requested resource will be returned. |
existed.since | string <date-time> Moment in time since we retrieve Telemetry Sources. |
existed.until | string <date-time> Moment in time until we retrieve Telemetry Sources. |
{- "sources": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
source required | string Source name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
securitygroup required | string Securitygroup name. |
setting required | string Setting name. |
scopeTypes | Array of strings Items Enum: "INVALID" "SERVICE" "INGRESS" "RELATION" The scope type that a telemetry source needs to match. Telemetry sources that matches any requested scope type will be returned.
|
belongTos | Array of strings Which resources the telemetry sources must belong to. Telemetry sources that belongs to any requested resource will be returned. |
existed.since | string <date-time> Moment in time since we retrieve Telemetry Sources. |
existed.until | string <date-time> Moment in time until we retrieve Telemetry Sources. |
{- "sources": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
securitygroup required | string Securitygroup name. |
setting required | string Setting name. |
source required | string Source name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
securitygroup required | string Securitygroup name. |
scopeTypes | Array of strings Items Enum: "INVALID" "SERVICE" "INGRESS" "RELATION" The scope type that a telemetry source needs to match. Telemetry sources that matches any requested scope type will be returned.
|
belongTos | Array of strings Which resources the telemetry sources must belong to. Telemetry sources that belongs to any requested resource will be returned. |
existed.since | string <date-time> Moment in time since we retrieve Telemetry Sources. |
existed.until | string <date-time> Moment in time until we retrieve Telemetry Sources. |
{- "sources": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
securitygroup required | string Securitygroup name. |
source required | string Source name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
setting required | string Setting name. |
scopeTypes | Array of strings Items Enum: "INVALID" "SERVICE" "INGRESS" "RELATION" The scope type that a telemetry source needs to match. Telemetry sources that matches any requested scope type will be returned.
|
belongTos | Array of strings Which resources the telemetry sources must belong to. Telemetry sources that belongs to any requested resource will be returned. |
existed.since | string <date-time> Moment in time since we retrieve Telemetry Sources. |
existed.until | string <date-time> Moment in time until we retrieve Telemetry Sources. |
{- "sources": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
setting required | string Setting name. |
source required | string Source name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
scopeTypes | Array of strings Items Enum: "INVALID" "SERVICE" "INGRESS" "RELATION" The scope type that a telemetry source needs to match. Telemetry sources that matches any requested scope type will be returned.
|
belongTos | Array of strings Which resources the telemetry sources must belong to. Telemetry sources that belongs to any requested resource will be returned. |
existed.since | string <date-time> Moment in time since we retrieve Telemetry Sources. |
existed.until | string <date-time> Moment in time until we retrieve Telemetry Sources. |
{- "sources": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
source required | string Source name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
trafficgroup required | string Trafficgroup name. |
serviceroute required | string Serviceroute name. |
scopeTypes | Array of strings Items Enum: "INVALID" "SERVICE" "INGRESS" "RELATION" The scope type that a telemetry source needs to match. Telemetry sources that matches any requested scope type will be returned.
|
belongTos | Array of strings Which resources the telemetry sources must belong to. Telemetry sources that belongs to any requested resource will be returned. |
existed.since | string <date-time> Moment in time since we retrieve Telemetry Sources. |
existed.until | string <date-time> Moment in time until we retrieve Telemetry Sources. |
{- "sources": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
trafficgroup required | string Trafficgroup name. |
serviceroute required | string Serviceroute name. |
source required | string Source name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
trafficgroup required | string Trafficgroup name. |
setting required | string Setting name. |
scopeTypes | Array of strings Items Enum: "INVALID" "SERVICE" "INGRESS" "RELATION" The scope type that a telemetry source needs to match. Telemetry sources that matches any requested scope type will be returned.
|
belongTos | Array of strings Which resources the telemetry sources must belong to. Telemetry sources that belongs to any requested resource will be returned. |
existed.since | string <date-time> Moment in time since we retrieve Telemetry Sources. |
existed.until | string <date-time> Moment in time until we retrieve Telemetry Sources. |
{- "sources": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
trafficgroup required | string Trafficgroup name. |
setting required | string Setting name. |
source required | string Source name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
trafficgroup required | string Trafficgroup name. |
scopeTypes | Array of strings Items Enum: "INVALID" "SERVICE" "INGRESS" "RELATION" The scope type that a telemetry source needs to match. Telemetry sources that matches any requested scope type will be returned.
|
belongTos | Array of strings Which resources the telemetry sources must belong to. Telemetry sources that belongs to any requested resource will be returned. |
existed.since | string <date-time> Moment in time since we retrieve Telemetry Sources. |
existed.until | string <date-time> Moment in time until we retrieve Telemetry Sources. |
{- "sources": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
trafficgroup required | string Trafficgroup name. |
source required | string Source name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
organization required | string Organization name. |
user required | string User name. |
scopeTypes | Array of strings Items Enum: "INVALID" "SERVICE" "INGRESS" "RELATION" The scope type that a telemetry source needs to match. Telemetry sources that matches any requested scope type will be returned.
|
belongTos | Array of strings Which resources the telemetry sources must belong to. Telemetry sources that belongs to any requested resource will be returned. |
existed.since | string <date-time> Moment in time since we retrieve Telemetry Sources. |
existed.until | string <date-time> Moment in time until we retrieve Telemetry Sources. |
{- "sources": [
- {
- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
]
}
organization required | string Organization name. |
user required | string User name. |
source required | string Source name. |
{- "fqn": "string",
- "displayName": "string",
- "etag": "string",
- "description": "string",
- "belongsTo": "string",
- "metricSourceKey": "string",
- "type": "INVALID",
- "scope": {
- "serviceScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "instance": "string",
- "subset": "string",
- "service": "string",
- "namespace": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "ingressScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "hostname": "string",
- "ingressService": "string",
- "cluster": "string"
}, - "deployment": "string"
}
]
}, - "relationScopes": {
- "scopes": [
- {
- "type": "INVALID",
- "scope": {
- "serviceRelation": {
- "source": "string",
- "target": "string"
}
}
}
]
}
}
}
organization required | string Organization name. |
{- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
organization required | string Organization name. |
Array of objects (v2Access) Approved is a list of subjects that are approved to access the resource. | |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
object (v2Metadata) Metadata includes additional information about an ApprovalPolicy or Access entity and their respective resources that they apply to. | |
mode required | string (ApprovalPolicyMode) Default: "UNRESTRICTED" Enum: "UNRESTRICTED" "ALLOW_REQUESTED" "REQUIRE_APPROVAL"
|
Array of objects (v2Access) Requested is a list of subjects that are requested to access the resource but that have not yet been explicitly approved. The access mode of the policy will determine if the subjects in this list are given immediate access to the resource. |
{- "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "etag": "string",
- "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}, - "mode": "UNRESTRICTED",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
{ }
organization required | string Organization name. |
{ }
organization required | string Organization name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
includeDetails | boolean IncludeDetails indicates whether to include the details of the resources that are part of the policy. When set to true, the name and description of the resource are included in the response. |
includePermissions | boolean IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy. When set to true, the user level permissions are included in the response. |
types required | Array of strings Type is the type of the resources to query for policies. |
{- "includeDetails": true,
- "includePermissions": true,
- "types": [
- "string"
]
}
{- "policies": [
- {
- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
organization required | string Organization name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
cluster required | string Cluster name. |
{- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
organization required | string Organization name. |
cluster required | string Cluster name. |
Array of objects (v2Access) Approved is a list of subjects that are approved to access the resource. | |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
object (v2Metadata) Metadata includes additional information about an ApprovalPolicy or Access entity and their respective resources that they apply to. | |
mode required | string (ApprovalPolicyMode) Default: "UNRESTRICTED" Enum: "UNRESTRICTED" "ALLOW_REQUESTED" "REQUIRE_APPROVAL"
|
Array of objects (v2Access) Requested is a list of subjects that are requested to access the resource but that have not yet been explicitly approved. The access mode of the policy will determine if the subjects in this list are given immediate access to the resource. |
{- "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "etag": "string",
- "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}, - "mode": "UNRESTRICTED",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
{ }
organization required | string Organization name. |
cluster required | string Cluster name. |
{ }
organization required | string Organization name. |
cluster required | string Cluster name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
cluster required | string Cluster name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
cluster required | string Cluster name. |
includeDetails | boolean IncludeDetails indicates whether to include the details of the resources that are part of the policy. When set to true, the name and description of the resource are included in the response. |
includePermissions | boolean IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy. When set to true, the user level permissions are included in the response. |
types required | Array of strings Type is the type of the resources to query for policies. |
{- "includeDetails": true,
- "includePermissions": true,
- "types": [
- "string"
]
}
{- "policies": [
- {
- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
organization required | string Organization name. |
cluster required | string Cluster name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
cluster required | string Cluster name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
cluster required | string Cluster name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
extension required | string Extension name. |
{- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
organization required | string Organization name. |
extension required | string Extension name. |
Array of objects (v2Access) Approved is a list of subjects that are approved to access the resource. | |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
object (v2Metadata) Metadata includes additional information about an ApprovalPolicy or Access entity and their respective resources that they apply to. | |
mode required | string (ApprovalPolicyMode) Default: "UNRESTRICTED" Enum: "UNRESTRICTED" "ALLOW_REQUESTED" "REQUIRE_APPROVAL"
|
Array of objects (v2Access) Requested is a list of subjects that are requested to access the resource but that have not yet been explicitly approved. The access mode of the policy will determine if the subjects in this list are given immediate access to the resource. |
{- "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "etag": "string",
- "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}, - "mode": "UNRESTRICTED",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
{ }
organization required | string Organization name. |
extension required | string Extension name. |
{ }
organization required | string Organization name. |
extension required | string Extension name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
extension required | string Extension name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
extension required | string Extension name. |
includeDetails | boolean IncludeDetails indicates whether to include the details of the resources that are part of the policy. When set to true, the name and description of the resource are included in the response. |
includePermissions | boolean IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy. When set to true, the user level permissions are included in the response. |
types required | Array of strings Type is the type of the resources to query for policies. |
{- "includeDetails": true,
- "includePermissions": true,
- "types": [
- "string"
]
}
{- "policies": [
- {
- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
organization required | string Organization name. |
extension required | string Extension name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
extension required | string Extension name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
extension required | string Extension name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
serviceaccount required | string Serviceaccount name. |
{- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
organization required | string Organization name. |
serviceaccount required | string Serviceaccount name. |
Array of objects (v2Access) Approved is a list of subjects that are approved to access the resource. | |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
object (v2Metadata) Metadata includes additional information about an ApprovalPolicy or Access entity and their respective resources that they apply to. | |
mode required | string (ApprovalPolicyMode) Default: "UNRESTRICTED" Enum: "UNRESTRICTED" "ALLOW_REQUESTED" "REQUIRE_APPROVAL"
|
Array of objects (v2Access) Requested is a list of subjects that are requested to access the resource but that have not yet been explicitly approved. The access mode of the policy will determine if the subjects in this list are given immediate access to the resource. |
{- "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "etag": "string",
- "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}, - "mode": "UNRESTRICTED",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
{ }
organization required | string Organization name. |
serviceaccount required | string Serviceaccount name. |
{ }
organization required | string Organization name. |
serviceaccount required | string Serviceaccount name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
serviceaccount required | string Serviceaccount name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
serviceaccount required | string Serviceaccount name. |
includeDetails | boolean IncludeDetails indicates whether to include the details of the resources that are part of the policy. When set to true, the name and description of the resource are included in the response. |
includePermissions | boolean IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy. When set to true, the user level permissions are included in the response. |
types required | Array of strings Type is the type of the resources to query for policies. |
{- "includeDetails": true,
- "includePermissions": true,
- "types": [
- "string"
]
}
{- "policies": [
- {
- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
organization required | string Organization name. |
serviceaccount required | string Serviceaccount name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
serviceaccount required | string Serviceaccount name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
serviceaccount required | string Serviceaccount name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
service required | string Service name. |
{- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
organization required | string Organization name. |
service required | string Service name. |
Array of objects (v2Access) Approved is a list of subjects that are approved to access the resource. | |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
object (v2Metadata) Metadata includes additional information about an ApprovalPolicy or Access entity and their respective resources that they apply to. | |
mode required | string (ApprovalPolicyMode) Default: "UNRESTRICTED" Enum: "UNRESTRICTED" "ALLOW_REQUESTED" "REQUIRE_APPROVAL"
|
Array of objects (v2Access) Requested is a list of subjects that are requested to access the resource but that have not yet been explicitly approved. The access mode of the policy will determine if the subjects in this list are given immediate access to the resource. |
{- "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "etag": "string",
- "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}, - "mode": "UNRESTRICTED",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
{ }
organization required | string Organization name. |
service required | string Service name. |
{ }
organization required | string Organization name. |
service required | string Service name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
service required | string Service name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
service required | string Service name. |
includeDetails | boolean IncludeDetails indicates whether to include the details of the resources that are part of the policy. When set to true, the name and description of the resource are included in the response. |
includePermissions | boolean IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy. When set to true, the user level permissions are included in the response. |
types required | Array of strings Type is the type of the resources to query for policies. |
{- "includeDetails": true,
- "includePermissions": true,
- "types": [
- "string"
]
}
{- "policies": [
- {
- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
organization required | string Organization name. |
service required | string Service name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
service required | string Service name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
service required | string Service name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
setting required | string Setting name. |
{- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
organization required | string Organization name. |
setting required | string Setting name. |
Array of objects (v2Access) Approved is a list of subjects that are approved to access the resource. | |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
object (v2Metadata) Metadata includes additional information about an ApprovalPolicy or Access entity and their respective resources that they apply to. | |
mode required | string (ApprovalPolicyMode) Default: "UNRESTRICTED" Enum: "UNRESTRICTED" "ALLOW_REQUESTED" "REQUIRE_APPROVAL"
|
Array of objects (v2Access) Requested is a list of subjects that are requested to access the resource but that have not yet been explicitly approved. The access mode of the policy will determine if the subjects in this list are given immediate access to the resource. |
{- "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "etag": "string",
- "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}, - "mode": "UNRESTRICTED",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
{ }
organization required | string Organization name. |
setting required | string Setting name. |
{ }
organization required | string Organization name. |
setting required | string Setting name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
setting required | string Setting name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
setting required | string Setting name. |
includeDetails | boolean IncludeDetails indicates whether to include the details of the resources that are part of the policy. When set to true, the name and description of the resource are included in the response. |
includePermissions | boolean IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy. When set to true, the user level permissions are included in the response. |
types required | Array of strings Type is the type of the resources to query for policies. |
{- "includeDetails": true,
- "includePermissions": true,
- "types": [
- "string"
]
}
{- "policies": [
- {
- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
organization required | string Organization name. |
setting required | string Setting name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
setting required | string Setting name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
setting required | string Setting name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
team required | string Team name. |
{- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
organization required | string Organization name. |
team required | string Team name. |
Array of objects (v2Access) Approved is a list of subjects that are approved to access the resource. | |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
object (v2Metadata) Metadata includes additional information about an ApprovalPolicy or Access entity and their respective resources that they apply to. | |
mode required | string (ApprovalPolicyMode) Default: "UNRESTRICTED" Enum: "UNRESTRICTED" "ALLOW_REQUESTED" "REQUIRE_APPROVAL"
|
Array of objects (v2Access) Requested is a list of subjects that are requested to access the resource but that have not yet been explicitly approved. The access mode of the policy will determine if the subjects in this list are given immediate access to the resource. |
{- "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "etag": "string",
- "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}, - "mode": "UNRESTRICTED",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
{ }
organization required | string Organization name. |
team required | string Team name. |
{ }
organization required | string Organization name. |
team required | string Team name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
team required | string Team name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
team required | string Team name. |
includeDetails | boolean IncludeDetails indicates whether to include the details of the resources that are part of the policy. When set to true, the name and description of the resource are included in the response. |
includePermissions | boolean IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy. When set to true, the user level permissions are included in the response. |
types required | Array of strings Type is the type of the resources to query for policies. |
{- "includeDetails": true,
- "includePermissions": true,
- "types": [
- "string"
]
}
{- "policies": [
- {
- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
organization required | string Organization name. |
team required | string Team name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
team required | string Team name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
team required | string Team name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
api required | string Api name. |
{- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
api required | string Api name. |
Array of objects (v2Access) Approved is a list of subjects that are approved to access the resource. | |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
object (v2Metadata) Metadata includes additional information about an ApprovalPolicy or Access entity and their respective resources that they apply to. | |
mode required | string (ApprovalPolicyMode) Default: "UNRESTRICTED" Enum: "UNRESTRICTED" "ALLOW_REQUESTED" "REQUIRE_APPROVAL"
|
Array of objects (v2Access) Requested is a list of subjects that are requested to access the resource but that have not yet been explicitly approved. The access mode of the policy will determine if the subjects in this list are given immediate access to the resource. |
{- "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "etag": "string",
- "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}, - "mode": "UNRESTRICTED",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
api required | string Api name. |
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
api required | string Api name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
api required | string Api name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
api required | string Api name. |
includeDetails | boolean IncludeDetails indicates whether to include the details of the resources that are part of the policy. When set to true, the name and description of the resource are included in the response. |
includePermissions | boolean IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy. When set to true, the user level permissions are included in the response. |
types required | Array of strings Type is the type of the resources to query for policies. |
{- "includeDetails": true,
- "includePermissions": true,
- "types": [
- "string"
]
}
{- "policies": [
- {
- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
api required | string Api name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
api required | string Api name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
api required | string Api name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
{- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
Array of objects (v2Access) Approved is a list of subjects that are approved to access the resource. | |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
object (v2Metadata) Metadata includes additional information about an ApprovalPolicy or Access entity and their respective resources that they apply to. | |
mode required | string (ApprovalPolicyMode) Default: "UNRESTRICTED" Enum: "UNRESTRICTED" "ALLOW_REQUESTED" "REQUIRE_APPROVAL"
|
Array of objects (v2Access) Requested is a list of subjects that are requested to access the resource but that have not yet been explicitly approved. The access mode of the policy will determine if the subjects in this list are given immediate access to the resource. |
{- "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "etag": "string",
- "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}, - "mode": "UNRESTRICTED",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
includeDetails | boolean IncludeDetails indicates whether to include the details of the resources that are part of the policy. When set to true, the name and description of the resource are included in the response. |
includePermissions | boolean IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy. When set to true, the user level permissions are included in the response. |
types required | Array of strings Type is the type of the resources to query for policies. |
{- "includeDetails": true,
- "includePermissions": true,
- "types": [
- "string"
]
}
{- "policies": [
- {
- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
application required | string Application name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
{- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
Array of objects (v2Access) Approved is a list of subjects that are approved to access the resource. | |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
object (v2Metadata) Metadata includes additional information about an ApprovalPolicy or Access entity and their respective resources that they apply to. | |
mode required | string (ApprovalPolicyMode) Default: "UNRESTRICTED" Enum: "UNRESTRICTED" "ALLOW_REQUESTED" "REQUIRE_APPROVAL"
|
Array of objects (v2Access) Requested is a list of subjects that are requested to access the resource but that have not yet been explicitly approved. The access mode of the policy will determine if the subjects in this list are given immediate access to the resource. |
{- "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "etag": "string",
- "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}, - "mode": "UNRESTRICTED",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
includeDetails | boolean IncludeDetails indicates whether to include the details of the resources that are part of the policy. When set to true, the name and description of the resource are included in the response. |
includePermissions | boolean IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy. When set to true, the user level permissions are included in the response. |
types required | Array of strings Type is the type of the resources to query for policies. |
{- "includeDetails": true,
- "includePermissions": true,
- "types": [
- "string"
]
}
{- "policies": [
- {
- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
setting required | string Setting name. |
{- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
setting required | string Setting name. |
Array of objects (v2Access) Approved is a list of subjects that are approved to access the resource. | |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
object (v2Metadata) Metadata includes additional information about an ApprovalPolicy or Access entity and their respective resources that they apply to. | |
mode required | string (ApprovalPolicyMode) Default: "UNRESTRICTED" Enum: "UNRESTRICTED" "ALLOW_REQUESTED" "REQUIRE_APPROVAL"
|
Array of objects (v2Access) Requested is a list of subjects that are requested to access the resource but that have not yet been explicitly approved. The access mode of the policy will determine if the subjects in this list are given immediate access to the resource. |
{- "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "etag": "string",
- "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}, - "mode": "UNRESTRICTED",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
setting required | string Setting name. |
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
setting required | string Setting name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
setting required | string Setting name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
setting required | string Setting name. |
includeDetails | boolean IncludeDetails indicates whether to include the details of the resources that are part of the policy. When set to true, the name and description of the resource are included in the response. |
includePermissions | boolean IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy. When set to true, the user level permissions are included in the response. |
types required | Array of strings Type is the type of the resources to query for policies. |
{- "includeDetails": true,
- "includePermissions": true,
- "types": [
- "string"
]
}
{- "policies": [
- {
- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
setting required | string Setting name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
setting required | string Setting name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
setting required | string Setting name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
{- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
Array of objects (v2Access) Approved is a list of subjects that are approved to access the resource. | |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
object (v2Metadata) Metadata includes additional information about an ApprovalPolicy or Access entity and their respective resources that they apply to. | |
mode required | string (ApprovalPolicyMode) Default: "UNRESTRICTED" Enum: "UNRESTRICTED" "ALLOW_REQUESTED" "REQUIRE_APPROVAL"
|
Array of objects (v2Access) Requested is a list of subjects that are requested to access the resource but that have not yet been explicitly approved. The access mode of the policy will determine if the subjects in this list are given immediate access to the resource. |
{- "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "etag": "string",
- "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}, - "mode": "UNRESTRICTED",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
includeDetails | boolean IncludeDetails indicates whether to include the details of the resources that are part of the policy. When set to true, the name and description of the resource are included in the response. |
includePermissions | boolean IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy. When set to true, the user level permissions are included in the response. |
types required | Array of strings Type is the type of the resources to query for policies. |
{- "includeDetails": true,
- "includePermissions": true,
- "types": [
- "string"
]
}
{- "policies": [
- {
- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
{- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
Array of objects (v2Access) Approved is a list of subjects that are approved to access the resource. | |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
object (v2Metadata) Metadata includes additional information about an ApprovalPolicy or Access entity and their respective resources that they apply to. | |
mode required | string (ApprovalPolicyMode) Default: "UNRESTRICTED" Enum: "UNRESTRICTED" "ALLOW_REQUESTED" "REQUIRE_APPROVAL"
|
Array of objects (v2Access) Requested is a list of subjects that are requested to access the resource but that have not yet been explicitly approved. The access mode of the policy will determine if the subjects in this list are given immediate access to the resource. |
{- "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "etag": "string",
- "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}, - "mode": "UNRESTRICTED",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
includeDetails | boolean IncludeDetails indicates whether to include the details of the resources that are part of the policy. When set to true, the name and description of the resource are included in the response. |
includePermissions | boolean IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy. When set to true, the user level permissions are included in the response. |
types required | Array of strings Type is the type of the resources to query for policies. |
{- "includeDetails": true,
- "includePermissions": true,
- "types": [
- "string"
]
}
{- "policies": [
- {
- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
egressgateway required | string Egressgateway name. |
{- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
egressgateway required | string Egressgateway name. |
Array of objects (v2Access) Approved is a list of subjects that are approved to access the resource. | |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
object (v2Metadata) Metadata includes additional information about an ApprovalPolicy or Access entity and their respective resources that they apply to. | |
mode required | string (ApprovalPolicyMode) Default: "UNRESTRICTED" Enum: "UNRESTRICTED" "ALLOW_REQUESTED" "REQUIRE_APPROVAL"
|
Array of objects (v2Access) Requested is a list of subjects that are requested to access the resource but that have not yet been explicitly approved. The access mode of the policy will determine if the subjects in this list are given immediate access to the resource. |
{- "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "etag": "string",
- "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}, - "mode": "UNRESTRICTED",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
egressgateway required | string Egressgateway name. |
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
egressgateway required | string Egressgateway name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
egressgateway required | string Egressgateway name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
egressgateway required | string Egressgateway name. |
includeDetails | boolean IncludeDetails indicates whether to include the details of the resources that are part of the policy. When set to true, the name and description of the resource are included in the response. |
includePermissions | boolean IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy. When set to true, the user level permissions are included in the response. |
types required | Array of strings Type is the type of the resources to query for policies. |
{- "includeDetails": true,
- "includePermissions": true,
- "types": [
- "string"
]
}
{- "policies": [
- {
- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
egressgateway required | string Egressgateway name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
egressgateway required | string Egressgateway name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
egressgateway required | string Egressgateway name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
ingressgateway required | string Ingressgateway name. |
{- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
ingressgateway required | string Ingressgateway name. |
Array of objects (v2Access) Approved is a list of subjects that are approved to access the resource. | |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
object (v2Metadata) Metadata includes additional information about an ApprovalPolicy or Access entity and their respective resources that they apply to. | |
mode required | string (ApprovalPolicyMode) Default: "UNRESTRICTED" Enum: "UNRESTRICTED" "ALLOW_REQUESTED" "REQUIRE_APPROVAL"
|
Array of objects (v2Access) Requested is a list of subjects that are requested to access the resource but that have not yet been explicitly approved. The access mode of the policy will determine if the subjects in this list are given immediate access to the resource. |
{- "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "etag": "string",
- "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}, - "mode": "UNRESTRICTED",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
ingressgateway required | string Ingressgateway name. |
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
ingressgateway required | string Ingressgateway name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
ingressgateway required | string Ingressgateway name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
ingressgateway required | string Ingressgateway name. |
includeDetails | boolean IncludeDetails indicates whether to include the details of the resources that are part of the policy. When set to true, the name and description of the resource are included in the response. |
includePermissions | boolean IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy. When set to true, the user level permissions are included in the response. |
types required | Array of strings Type is the type of the resources to query for policies. |
{- "includeDetails": true,
- "includePermissions": true,
- "types": [
- "string"
]
}
{- "policies": [
- {
- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
ingressgateway required | string Ingressgateway name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
ingressgateway required | string Ingressgateway name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
ingressgateway required | string Ingressgateway name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
tier1gateway required | string Tier1gateway name. |
{- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
tier1gateway required | string Tier1gateway name. |
Array of objects (v2Access) Approved is a list of subjects that are approved to access the resource. | |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
object (v2Metadata) Metadata includes additional information about an ApprovalPolicy or Access entity and their respective resources that they apply to. | |
mode required | string (ApprovalPolicyMode) Default: "UNRESTRICTED" Enum: "UNRESTRICTED" "ALLOW_REQUESTED" "REQUIRE_APPROVAL"
|
Array of objects (v2Access) Requested is a list of subjects that are requested to access the resource but that have not yet been explicitly approved. The access mode of the policy will determine if the subjects in this list are given immediate access to the resource. |
{- "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "etag": "string",
- "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}, - "mode": "UNRESTRICTED",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
tier1gateway required | string Tier1gateway name. |
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
tier1gateway required | string Tier1gateway name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
tier1gateway required | string Tier1gateway name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
tier1gateway required | string Tier1gateway name. |
includeDetails | boolean IncludeDetails indicates whether to include the details of the resources that are part of the policy. When set to true, the name and description of the resource are included in the response. |
includePermissions | boolean IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy. When set to true, the user level permissions are included in the response. |
types required | Array of strings Type is the type of the resources to query for policies. |
{- "includeDetails": true,
- "includePermissions": true,
- "types": [
- "string"
]
}
{- "policies": [
- {
- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
tier1gateway required | string Tier1gateway name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
tier1gateway required | string Tier1gateway name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
gatewaygroup required | string Gatewaygroup name. |
tier1gateway required | string Tier1gateway name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
{- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
Array of objects (v2Access) Approved is a list of subjects that are approved to access the resource. | |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
object (v2Metadata) Metadata includes additional information about an ApprovalPolicy or Access entity and their respective resources that they apply to. | |
mode required | string (ApprovalPolicyMode) Default: "UNRESTRICTED" Enum: "UNRESTRICTED" "ALLOW_REQUESTED" "REQUIRE_APPROVAL"
|
Array of objects (v2Access) Requested is a list of subjects that are requested to access the resource but that have not yet been explicitly approved. The access mode of the policy will determine if the subjects in this list are given immediate access to the resource. |
{- "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "etag": "string",
- "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}, - "mode": "UNRESTRICTED",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
includeDetails | boolean IncludeDetails indicates whether to include the details of the resources that are part of the policy. When set to true, the name and description of the resource are included in the response. |
includePermissions | boolean IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy. When set to true, the user level permissions are included in the response. |
types required | Array of strings Type is the type of the resources to query for policies. |
{- "includeDetails": true,
- "includePermissions": true,
- "types": [
- "string"
]
}
{- "policies": [
- {
- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
setting required | string Setting name. |
{- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
setting required | string Setting name. |
Array of objects (v2Access) Approved is a list of subjects that are approved to access the resource. | |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
object (v2Metadata) Metadata includes additional information about an ApprovalPolicy or Access entity and their respective resources that they apply to. | |
mode required | string (ApprovalPolicyMode) Default: "UNRESTRICTED" Enum: "UNRESTRICTED" "ALLOW_REQUESTED" "REQUIRE_APPROVAL"
|
Array of objects (v2Access) Requested is a list of subjects that are requested to access the resource but that have not yet been explicitly approved. The access mode of the policy will determine if the subjects in this list are given immediate access to the resource. |
{- "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "etag": "string",
- "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}, - "mode": "UNRESTRICTED",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
setting required | string Setting name. |
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
setting required | string Setting name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
setting required | string Setting name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
setting required | string Setting name. |
includeDetails | boolean IncludeDetails indicates whether to include the details of the resources that are part of the policy. When set to true, the name and description of the resource are included in the response. |
includePermissions | boolean IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy. When set to true, the user level permissions are included in the response. |
types required | Array of strings Type is the type of the resources to query for policies. |
{- "includeDetails": true,
- "includePermissions": true,
- "types": [
- "string"
]
}
{- "policies": [
- {
- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
setting required | string Setting name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
setting required | string Setting name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
istiointernalgroup required | string Istiointernalgroup name. |
setting required | string Setting name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
securitygroup required | string Securitygroup name. |
{- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
securitygroup required | string Securitygroup name. |
Array of objects (v2Access) Approved is a list of subjects that are approved to access the resource. | |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
object (v2Metadata) Metadata includes additional information about an ApprovalPolicy or Access entity and their respective resources that they apply to. | |
mode required | string (ApprovalPolicyMode) Default: "UNRESTRICTED" Enum: "UNRESTRICTED" "ALLOW_REQUESTED" "REQUIRE_APPROVAL"
|
Array of objects (v2Access) Requested is a list of subjects that are requested to access the resource but that have not yet been explicitly approved. The access mode of the policy will determine if the subjects in this list are given immediate access to the resource. |
{- "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "etag": "string",
- "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}, - "mode": "UNRESTRICTED",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
securitygroup required | string Securitygroup name. |
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
securitygroup required | string Securitygroup name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
securitygroup required | string Securitygroup name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
securitygroup required | string Securitygroup name. |
includeDetails | boolean IncludeDetails indicates whether to include the details of the resources that are part of the policy. When set to true, the name and description of the resource are included in the response. |
includePermissions | boolean IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy. When set to true, the user level permissions are included in the response. |
types required | Array of strings Type is the type of the resources to query for policies. |
{- "includeDetails": true,
- "includePermissions": true,
- "types": [
- "string"
]
}
{- "policies": [
- {
- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
securitygroup required | string Securitygroup name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
securitygroup required | string Securitygroup name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
securitygroup required | string Securitygroup name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
securitygroup required | string Securitygroup name. |
setting required | string Setting name. |
{- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
securitygroup required | string Securitygroup name. |
setting required | string Setting name. |
Array of objects (v2Access) Approved is a list of subjects that are approved to access the resource. | |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
object (v2Metadata) Metadata includes additional information about an ApprovalPolicy or Access entity and their respective resources that they apply to. | |
mode required | string (ApprovalPolicyMode) Default: "UNRESTRICTED" Enum: "UNRESTRICTED" "ALLOW_REQUESTED" "REQUIRE_APPROVAL"
|
Array of objects (v2Access) Requested is a list of subjects that are requested to access the resource but that have not yet been explicitly approved. The access mode of the policy will determine if the subjects in this list are given immediate access to the resource. |
{- "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "etag": "string",
- "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}, - "mode": "UNRESTRICTED",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
securitygroup required | string Securitygroup name. |
setting required | string Setting name. |
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
securitygroup required | string Securitygroup name. |
setting required | string Setting name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
securitygroup required | string Securitygroup name. |
setting required | string Setting name. |
subject required | string Subject for which the access request is made. |
{- "subject": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
securitygroup required | string Securitygroup name. |
setting required | string Setting name. |
includeDetails | boolean IncludeDetails indicates whether to include the details of the resources that are part of the policy. When set to true, the name and description of the resource are included in the response. |
includePermissions | boolean IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy. When set to true, the user level permissions are included in the response. |
types required | Array of strings Type is the type of the resources to query for policies. |
{- "includeDetails": true,
- "includePermissions": true,
- "types": [
- "string"
]
}
{- "policies": [
- {
- "etag": "string",
- "mode": "UNRESTRICTED",
- "resource": "string",
- "requested": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "approved": [
- {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": null,
- "kinds": [ ]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}
]
}
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
securitygroup required | string Securitygroup name. |
setting required | string Setting name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Subject: "organizations/demo/tenants/demo/applications/caller", Permissions: []string{"GET"} } |
etag | string (The etag for the resource. This field is automatically computed and must be sent
on every update to the resource to prevent concurrent modifications.
$hide_from_yaml) |
{- "access": {
- "subject": "string",
- "permissions": [
- "string"
], - "metadata": {
- "details": {
- "name": "string",
- "description": "string"
}, - "rules": [
- {
- "types": [
- {
- "apiGroup": "string",
- "kinds": [
- "string"
]
}
], - "permissions": [
- "INVALID"
]
}
]
}
}, - "etag": "string"
}
{ }
organization required | string Organization name. |
tenant required | string Tenant name. |
workspace required | string Workspace name. |
securitygroup required | string Securitygroup name. |
setting required | string Setting name. |
required | object (v2Access) Access is an access request for a subject with a set of permission. Example: Access { Sub |