npm - @robinmordasiewicz/f5xc-terraform-mcp - Versions diffs - 2.3.0 → 2.4.3 - Mend

@robinmordasiewicz/f5xc-terraform-mcp 2.3.0 → 2.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (572) hide show

package/dist/docs/specifications/api/docs-cloud-f5-com.0201.public.ves.io.schema.secret_management_access.ves-swagger.json ADDED Viewed

@@ -0,0 +1 @@

+ {"openapi":"3.0.0","info":{"title":"F5 Distributed Cloud Services API for ves.io.schema.secret_management_access","description":"secret_management_access object is used to define configuration on how to connect to a secret management backend.\nIf secret backend is not F5XC Secret Management System, this objects needs to be configured to tell volterra security sidecar how to\nconnect to the secret management service.\n\nsecret_management_access contains the remote endpoint to connect to, tls_configuration\nand additional authorization information if required. Sensitive information within this\nobject (e.g. private_key, vault-token, etc.) needs to be of SecretType and must be either -\na) encrypted using blindfold method with appropriate policy such that relevant volterra services are able to\ndecrypt it, or\nb) Secret of type ClearSecretInfo.","version":""},"paths":{"/api/config/namespaces/{metadata.namespace}/secret_management_accesss":{"post":{"summary":"Create Secret Management Access","description":"Create secret_management_access creates a new object in storage backend for metadata.namespace.","operationId":"ves.io.schema.secret_management_access.API.Create","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/secret_management_accessCreateResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"metadata.namespace","description":"namespace\n\nx-example: \"staging\"\nThis defines the workspace within which each the configuration object is to be created.\nMust be a DNS_LABEL format. For a namespace object itself, namespace value will be \"\"","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/secret_management_accessCreateRequest"}}},"required":true},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-secret_management_access-api-create"},"x-ves-proto-rpc":"ves.io.schema.secret_management_access.API.Create"},"x-displayname":"Secret Management Access","x-ves-proto-service":"ves.io.schema.secret_management_access.API","x-ves-proto-service-type":"AUTO_CRUD_PUBLIC"},"/api/config/namespaces/{metadata.namespace}/secret_management_accesss/{metadata.name}":{"put":{"summary":"Replace Secret Management Access","description":"Replace secret_management_access replaces an existing object in storage backend for metadata.namespace.","operationId":"ves.io.schema.secret_management_access.API.Replace","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/secret_management_accessReplaceResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"metadata.namespace","description":"namespace\n\nx-example: \"staging\"\nThis defines the workspace within which each the configuration object is to be created.\nMust be a DNS_LABEL format. For a namespace object itself, namespace value will be \"\"","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"metadata.name","description":"name\n\nx-example: \"acmecorp-web\"\nThe configuration object to be replaced will be looked up by name","in":"path","required":true,"x-displayname":"Name","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/secret_management_accessReplaceRequest"}}},"required":true},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-secret_management_access-api-replace"},"x-ves-proto-rpc":"ves.io.schema.secret_management_access.API.Replace"},"x-displayname":"Secret Management Access","x-ves-proto-service":"ves.io.schema.secret_management_access.API","x-ves-proto-service-type":"AUTO_CRUD_PUBLIC"},"/api/config/namespaces/{namespace}/secret_management_accesss":{"get":{"summary":"List Secret Management Access","description":"List the set of secret_management_access in a namespace","operationId":"ves.io.schema.secret_management_access.API.List","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/secret_management_accessListResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"namespace\n\nx-example: \"ns1\"\nNamespace to scope the listing of secret_management_access","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"label_filter","description":"x-example: \"env in (staging, testing), tier in (web, db)\"\nA LabelSelectorType expression that every item in list response will satisfy","in":"query","required":false,"x-displayname":"Label Filter","schema":{"type":"string"}},{"name":"report_fields","description":"x-example: \"\"\nExtra fields to return along with summary fields","in":"query","required":false,"x-displayname":"Report Fields","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"name":"report_status_fields","description":"x-example: \"\"\nExtra status fields to return along with summary fields","in":"query","required":false,"x-displayname":"Report Status Fields","explode":true,"schema":{"type":"array","items":{"type":"string"}}}],"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-secret_management_access-api-list"},"x-ves-proto-rpc":"ves.io.schema.secret_management_access.API.List"},"x-displayname":"Secret Management Access","x-ves-proto-service":"ves.io.schema.secret_management_access.API","x-ves-proto-service-type":"AUTO_CRUD_PUBLIC"},"/api/config/namespaces/{namespace}/secret_management_accesss/{name}":{"get":{"summary":"Get Secret Management Access","description":"Get secret_management_access reads a given object from storage backend for metadata.namespace.","operationId":"ves.io.schema.secret_management_access.API.Get","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/secret_management_accessGetResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"namespace\n\nx-example: \"ns1\"\nThe namespace in which the configuration object is present","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"name","description":"name\n\nx-example: \"name\"\nThe name of the configuration object to be fetched","in":"path","required":true,"x-displayname":"Name","schema":{"type":"string"}},{"name":"response_format","description":"The format in which the configuration object is to be fetched. This could be for example\n - in GetSpec form for the contents of object\n - in CreateRequest form to create a new similar object\n - to ReplaceRequest form to replace changeable values\n\nDefault format of returned resource\nResponse should be in CreateRequest format\nResponse should be in ReplaceRequest format\nResponse should be in StatusObject(s) format\nResponse should be in format of GetSpecType\nResponse should have other objects referring to this object\nResponse should have deleted and disabled objects referrred by this object","in":"query","required":false,"x-displayname":"Broken Referred Objects","schema":{"type":"string","enum":["GET_RSP_FORMAT_DEFAULT","GET_RSP_FORMAT_FOR_CREATE","GET_RSP_FORMAT_FOR_REPLACE","GET_RSP_FORMAT_STATUS","GET_RSP_FORMAT_READ","GET_RSP_FORMAT_REFERRING_OBJECTS","GET_RSP_FORMAT_BROKEN_REFERENCES"],"default":"GET_RSP_FORMAT_DEFAULT"}}],"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-secret_management_access-api-get"},"x-ves-proto-rpc":"ves.io.schema.secret_management_access.API.Get"},"delete":{"summary":"Delete Secret Management Access","description":"Delete the specified secret_management_access","operationId":"ves.io.schema.secret_management_access.API.Delete","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"namespace\n\nx-example: \"ns1\"\nNamespace in which the configuration object is present","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"name","description":"name\n\nx-example: \"name\"\nName of the configuration object","in":"path","required":true,"x-displayname":"Name","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/secret_management_accessDeleteRequest"}}},"required":true},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-secret_management_access-api-delete"},"x-ves-proto-rpc":"ves.io.schema.secret_management_access.API.Delete"},"x-displayname":"Secret Management Access","x-ves-proto-service":"ves.io.schema.secret_management_access.API","x-ves-proto-service-type":"AUTO_CRUD_PUBLIC"}},"x-displayname":"Secret Management Access","x-ves-proto-package":"ves.io.schema.secret_management_access","components":{"schemas":{"ioschemaEmpty":{"type":"object","description":"This can be used for messages where no values are needed","title":"Empty","x-displayname":"Empty","x-ves-proto-message":"ves.io.schema.Empty"},"protobufAny":{"type":"object","description":"`Any` contains an arbitrary serialized protocol buffer message along with a\nURL that describes the type of the serialized message.\n\nProtobuf library provides support to pack/unpack Any values in the form\nof utility functions or additional generated methods of the Any type.\n\nExample 1: Pack and unpack a message in C++.\n\n Foo foo = ...;\n Any any;\n any.PackFrom(foo);\n ...\n if (any.UnpackTo(&foo)) {\n ...\n }\n\nExample 2: Pack and unpack a message in Java.\n\n Foo foo = ...;\n Any any = Any.pack(foo);\n ...\n if (any.is(Foo.class)) {\n foo = any.unpack(Foo.class);\n }\n\n Example 3: Pack and unpack a message in Python.\n\n foo = Foo(...)\n any = Any()\n any.Pack(foo)\n ...\n if any.Is(Foo.DESCRIPTOR):\n any.Unpack(foo)\n ...\n\n Example 4: Pack and unpack a message in Go\n\n foo := &pb.Foo{...}\n any, err := ptypes.MarshalAny(foo)\n ...\n foo := &pb.Foo{}\n if err := ptypes.UnmarshalAny(any, foo); err != nil {\n ...\n }\n\nThe pack methods provided by protobuf library will by default use\n'type.googleapis.com/full.type.name' as the type URL and the unpack\nmethods only use the fully qualified type name after the last '/'\nin the type URL, for example \"foo.bar.com/x/y.z\" will yield type\nname \"y.z\".\n\n\nJSON\n====\nThe JSON representation of an `Any` value uses the regular\nrepresentation of the deserialized, embedded message, with an\nadditional field `@type` which contains the type URL. Example:\n\n package google.profile;\n message Person {\n string first_name = 1;\n string last_name = 2;\n }\n\n {\n \"@type\": \"type.googleapis.com/google.profile.Person\",\n \"firstName\": <string>,\n \"lastName\": <string>\n }\n\nIf the embedded message type is well-known and has a custom JSON\nrepresentation, that representation will be embedded adding a field\n`value` which holds the custom JSON in addition to the `@type`\nfield. Example (for message [google.protobuf.Duration][]):\n\n {\n \"@type\": \"type.googleapis.com/google.protobuf.Duration\",\n \"value\": \"1.212s\"\n }","properties":{"type_url":{"type":"string","description":"A URL/resource name that uniquely identifies the type of the serialized\nprotocol buffer message. This string must contain at least\none \"/\" character. The last segment of the URL's path must represent\nthe fully qualified name of the type (as in\n`path/google.protobuf.Duration`). The name should be in a canonical form\n(e.g., leading \".\" is not accepted).\n\nIn practice, teams usually precompile into the binary all types that they\nexpect it to use in the context of Any. However, for URLs which use the\nscheme `http`, `https`, or no scheme, one can optionally set up a type\nserver that maps type URLs to message definitions as follows:\n\n* If no scheme is provided, `https` is assumed.\n* An HTTP GET on the URL must yield a [google.protobuf.Type][]\n value in binary format, or produce an error.\n* Applications are allowed to cache lookup results based on the\n URL, or have them precompiled into a binary to avoid any\n lookup. Therefore, binary compatibility needs to be preserved\n on changes to types. (Use versioned type names to manage\n breaking changes.)\n\nNote: this functionality is not currently available in the official\nprotobuf release, and it is not used for type URLs beginning with\ntype.googleapis.com.\n\nSchemes other than `http`, `https` (or the empty scheme) might be\nused with implementation specific semantics."},"value":{"type":"string","description":"Must be a valid serialized protocol buffer of the above specified type.","format":"byte"}}},"schemaAppRoleAuthInfoType":{"type":"object","description":"AppRoleAuthInfoType contains parameters for AppRole authentication in Hashicorp Vault","title":"AppRoleAuthInfoType","x-displayname":"Vault AppRole Authentication Parameters","x-ves-proto-message":"ves.io.schema.AppRoleAuthInfoType","properties":{"role_id":{"type":"string","description":" role-id to be used for authentication\n\nExample: ` \"value\"`","title":"role-id","x-displayname":"Role ID","x-ves-example":"value"},"secret_id":{"$ref":"#/components/schemas/schemaSecretType"}}},"schemaAuthnTypeBasicAuth":{"type":"object","description":"AuthnTypeBasicAuth is used for using basic_auth mode of HTTP authentication","title":"AuthnTypeBasicAuth","x-displayname":"BasicAuth Authentication Parameters","x-ves-proto-message":"ves.io.schema.AuthnTypeBasicAuth","properties":{"password":{"$ref":"#/components/schemas/schemaSecretType"},"username":{"type":"string","description":" The username to encode in Basic Auth scheme\n\nExample: ` \"value\"`","title":"username","x-displayname":"Username","x-ves-example":"value"}}},"schemaAuthnTypeHeaders":{"type":"object","description":"AuthnTypeHeaders is used for setting headers for authentication","title":"AuthnTypeHeaders","x-displayname":"Authentication Headers","x-ves-proto-message":"ves.io.schema.AuthnTypeHeaders","properties":{"headers":{"type":"object","description":" The set of authentication headers to pass in HTTP request\n\nValidation Rules:\n ves.io.schema.rules.map.keys.string.max_len: 256\n ves.io.schema.rules.map.keys.string.min_len: 1\n ves.io.schema.rules.map.max_pairs: 16\n","title":"headers","x-displayname":"Headers","x-ves-validation-rules":{"ves.io.schema.rules.map.keys.string.max_len":"256","ves.io.schema.rules.map.keys.string.min_len":"1","ves.io.schema.rules.map.max_pairs":"16"}}}},"schemaAuthnTypeQueryParams":{"type":"object","description":"AuthnTypeQueryParams is used for setting query_params for authentication","title":"AuthnTypeQueryParams","x-displayname":"Authentication QueryParams","x-ves-proto-message":"ves.io.schema.AuthnTypeQueryParams","properties":{"query_params":{"type":"object","description":" The set of authentication parameters to be passed as query parameters\n\nValidation Rules:\n ves.io.schema.rules.map.keys.string.max_len: 256\n ves.io.schema.rules.map.keys.string.min_len: 1\n ves.io.schema.rules.map.max_pairs: 16\n","title":"query_params","x-displayname":"Query Parameters","x-ves-validation-rules":{"ves.io.schema.rules.map.keys.string.max_len":"256","ves.io.schema.rules.map.keys.string.min_len":"1","ves.io.schema.rules.map.max_pairs":"16"}}}},"schemaBlindfoldSecretInfoType":{"type":"object","description":"BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management","title":"BlindfoldSecretInfoType","x-displayname":"Blindfold Secret","x-ves-displayorder":"3,1,2","x-ves-proto-message":"ves.io.schema.BlindfoldSecretInfoType","properties":{"decryption_provider":{"type":"string","description":" Name of the Secret Management Access object that contains information about the backend Secret Management service.\n\nExample: ` \"value\"`","title":"Decryption Provider","x-displayname":"Decryption Provider","x-ves-example":"value"},"location":{"type":"string","description":" Location is the uri_ref. It could be in url format for string:///\n Or it could be a path if the store provider is an http/https location\n\nExample: ` \"string:///U2VjcmV0SW5mb3JtYXRpb24=\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.string.uri_ref: true\n","title":"Location","x-displayname":"Location","x-ves-example":"string:///U2VjcmV0SW5mb3JtYXRpb24=","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.string.uri_ref":"true"}},"store_provider":{"type":"string","description":" Name of the Secret Management Access object that contains information about the store to get encrypted bytes\n This field needs to be provided only if the url scheme is not string:///\n\nExample: ` \"value\"`","title":"Store Provider","x-displayname":"Store Provider","x-ves-example":"value"}}},"schemaClearSecretInfoType":{"type":"object","description":"ClearSecretInfoType specifies information about the Secret that is not encrypted.","title":"ClearSecretInfoType","x-displayname":"In-Clear Secret","x-ves-displayorder":"2,1","x-ves-proto-message":"ves.io.schema.ClearSecretInfoType","properties":{"provider":{"type":"string","description":" Name of the Secret Management Access object that contains information about the store to get encrypted bytes\n This field needs to be provided only if the url scheme is not string:///\n\nExample: ` \"box-provider\"`","title":"Provider","x-displayname":"Provider","x-ves-example":"box-provider"},"url":{"type":"string","description":" URL of the secret. Currently supported URL schemes is string:///.\n For string:/// scheme, Secret needs to be encoded Base64 format.\n When asked for this secret, caller will get Secret bytes after Base64 decoding.\n\nExample: ` \"string:///U2VjcmV0SW5mb3JtYXRpb24=\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.string.max_bytes: 131072\n ves.io.schema.rules.string.uri_ref: true\n","title":"URL","maxLength":131072,"x-displayname":"URL","x-ves-example":"string:///U2VjcmV0SW5mb3JtYXRpb24=","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.string.max_bytes":"131072","ves.io.schema.rules.string.uri_ref":"true"}}}},"schemaConditionType":{"type":"object","description":"Conditions are used in the object status to describe the current state of the\nobject, e.g. Ready, Succeeded, etc.","title":"ConditionType","x-displayname":"Status Condition","x-ves-proto-message":"ves.io.schema.ConditionType","properties":{"hostname":{"type":"string","description":" Hostname of the instance of the site that sent the status","title":"hostname","x-displayname":"Hostname"},"last_update_time":{"type":"string","description":" Last time the condition was updated","title":"last_update_time","format":"date-time","x-displayname":"Last Updated"},"reason":{"type":"string","description":" x-reason: \"Insufficient memory in data plane\"\n A human readable string explaining the reason for reaching this condition\n\nExample: ` \"value\"`","title":"reason","x-displayname":"Reason","x-ves-example":"value"},"service_name":{"type":"string","description":" Name of the service that sent the status","title":"service name","x-displayname":"Service Name"},"status":{"type":"string","description":" Status of the condition\n \"Success\" Validtion has succeded. Requested operation was successful.\n \"Failed\" Validation has failed.\n \"Incomplete\" Validation of configuration has failed due to missing configuration.\n \"Installed\" Validation has passed and configuration has been installed in data path or K8s\n \"Down\" Configuration is operationally down. e.g. down interface\n \"Disabled\" Configuration is administratively disabled i.e. ObjectMetaType.Disable = true.\n \"NotApplicable\" Configuration is not applicable e.g. tenant service_policy_set(s) in system namespace are not applicable on REs\n\nExample: ` \"Failed\"`\n\nValidation Rules:\n ves.io.schema.rules.string.in: [\\\"Success\\\",\\\"Failed\\\",\\\"Incomplete\\\",\\\"Installed\\\",\\\"Down\\\",\\\"Disabled\\\",\\\"NotApplicable\\\"]\n","title":"status","x-displayname":"Status","x-ves-example":"Failed","x-ves-validation-rules":{"ves.io.schema.rules.string.in":"[\\\"Success\\\",\\\"Failed\\\",\\\"Incomplete\\\",\\\"Installed\\\",\\\"Down\\\",\\\"Disabled\\\",\\\"NotApplicable\\\"]"}},"type":{"type":"string","description":" Type of the condition\n \"Validation\" represents validation user given configuration object\n \"Operational\" represents operational status of a given configuration object\n\nExample: ` \"Operational\"`\n\nValidation Rules:\n ves.io.schema.rules.string.in: [\\\"Validation\\\",\\\"Operational\\\"]\n","title":"type","x-displayname":"Type","x-ves-example":"Operational","x-ves-validation-rules":{"ves.io.schema.rules.string.in":"[\\\"Validation\\\",\\\"Operational\\\"]"}}}},"schemaErrorCode":{"type":"string","description":"Union of all possible error-codes from system\n\n - EOK: No error\n - EPERMS: Permissions error\n - EBADINPUT: Input is not correct\n - ENOTFOUND: Not found\n - EEXISTS: Already exists\n - EUNKNOWN: Unknown/catchall error\n - ESERIALIZE: Error in serializing/de-serializing\n - EINTERNAL: Server error\n - EPARTIAL: Partial error","title":"ErrorCode","enum":["EOK","EPERMS","EBADINPUT","ENOTFOUND","EEXISTS","EUNKNOWN","ESERIALIZE","EINTERNAL","EPARTIAL"],"default":"EOK","x-displayname":"Error Code","x-ves-proto-enum":"ves.io.schema.ErrorCode"},"schemaErrorType":{"type":"object","description":"Information about a error in API operation","title":"ErrorType","x-displayname":"Error Type","x-ves-proto-message":"ves.io.schema.ErrorType","properties":{"code":{"$ref":"#/components/schemas/schemaErrorCode"},"error_obj":{"$ref":"#/components/schemas/protobufAny"},"message":{"type":"string","description":" A human readable string of the error\n\nExample: ` \"value\"`","title":"message","x-displayname":"Message","x-ves-example":"value"}}},"schemaHashAlgorithm":{"type":"string","description":"Specifies the Hash Algorithm to be used\n\nInvalid hash algorithm\nsha256 hash algorithm\nsha1 hash algorithm","title":"HashAlgoritm","enum":["INVALID_HASH_ALGORITHM","SHA256","SHA1"],"default":"INVALID_HASH_ALGORITHM","x-displayname":"Hash Algorithm","x-ves-proto-enum":"ves.io.schema.HashAlgorithm"},"schemaHashAlgorithms":{"type":"object","description":"Specifies the hash algorithms to be used","title":"HashAlgorithms","x-displayname":"Hash Algorithms","x-ves-proto-message":"ves.io.schema.HashAlgorithms","properties":{"hash_algorithms":{"type":"array","description":" Ordered list of hash algorithms to be used.\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.repeated.max_items: 4\n ves.io.schema.rules.repeated.min_items: 1\n ves.io.schema.rules.repeated.unique: true\n","title":"Hash Algorithms","minItems":1,"maxItems":4,"items":{"$ref":"#/components/schemas/schemaHashAlgorithm"},"x-displayname":"Hash Algorithms","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.repeated.max_items":"4","ves.io.schema.rules.repeated.min_items":"1","ves.io.schema.rules.repeated.unique":"true"}}}},"schemaHostAccessInfoType":{"type":"object","description":"HostAccessInfoType contains the information about how to connect to the remote host.","title":"HostAccessInfoType","x-displayname":"Host Access Information","x-ves-oneof-field-auth_params":"[\"rest_auth_info\",\"vault_auth_info\"]","x-ves-proto-message":"ves.io.schema.HostAccessInfoType","properties":{"rest_auth_info":{"$ref":"#/components/schemas/schemaRestAuthInfoType"},"scheme":{"$ref":"#/components/schemas/schemaURLSchemeType"},"server_endpoint":{"type":"string","description":" endpoint to connect to, in host:port format\n\nExample: ` \"webserver:443\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.string.max_len: 256\n ves.io.schema.rules.string.min_len: 1\n","title":"server_endpoint","minLength":1,"maxLength":256,"x-displayname":"Server Endpoint and Port","x-ves-example":"webserver:443","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.string.max_len":"256","ves.io.schema.rules.string.min_len":"1"}},"tls_config":{"$ref":"#/components/schemas/schemaUpstreamTlsParamsType"},"vault_auth_info":{"$ref":"#/components/schemas/schemaVaultAuthInfoType"}}},"schemaInitializerType":{"type":"object","description":"Initializer is information about an initializer that has not yet completed.","title":"InitializerType","x-displayname":"Initializer","x-ves-proto-message":"ves.io.schema.InitializerType","properties":{"name":{"type":"string","description":" name of the service that is responsible for initializing this object.","title":"name","x-displayname":"Name"}}},"schemaInitializersType":{"type":"object","description":"Initializers tracks the progress of initialization of a configuration object","title":"InitializersType","x-displayname":"Initializers","x-ves-proto-message":"ves.io.schema.InitializersType","properties":{"pending":{"type":"array","description":" Pending is a list of initializers that must execute in order before this object is initialized.\n When the last pending initializer is removed, and no failing result is set, the initializers\n struct will be set to nil and the object is considered as initialized and visible to all\n clients.","title":"pending","items":{"$ref":"#/components/schemas/schemaInitializerType"},"x-displayname":"Pending"},"result":{"$ref":"#/components/schemas/schemaStatusType"}}},"schemaNetworkRefType":{"type":"object","description":"This specifies a direct reference to a network configuration object","title":"NetworkRefType","x-displayname":"Network Reference","x-ves-proto-message":"ves.io.schema.NetworkRefType","properties":{"ref":{"type":"array","description":" A virtual network direct reference\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.repeated.max_items: 1\n","title":"ref","maxItems":1,"items":{"$ref":"#/components/schemas/schemaObjectRefType"},"x-displayname":"Reference","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.repeated.max_items":"1"}}}},"schemaNetworkSiteRefSelector":{"type":"object","description":"NetworkSiteRefSelector defines a union of reference to site or reference to virtual_network or reference to virtual_site\nIt is used to determine virtual network using following rules\n * Direct reference to virtual_network object\n * Site local network when refering to site object\n * All site local networks for sites selected by refering to virtual_site object","title":"NetworkSiteRefSelector","x-displayname":"Network or Site Reference","x-ves-oneof-field-ref_or_selector":"[\"site\",\"virtual_network\",\"virtual_site\"]","x-ves-proto-message":"ves.io.schema.NetworkSiteRefSelector","properties":{"site":{"$ref":"#/components/schemas/schemaSiteRefType"},"virtual_network":{"$ref":"#/components/schemas/schemaNetworkRefType"},"virtual_site":{"$ref":"#/components/schemas/schemaVSiteRefType"}}},"schemaObjectCreateMetaType":{"type":"object","description":"ObjectCreateMetaType is metadata that can be specified in Create request of an object.","title":"ObjectCreateMetaType","x-displayname":"Create Metadata","x-ves-proto-message":"ves.io.schema.ObjectCreateMetaType","properties":{"annotations":{"type":"object","description":" Annotations is an unstructured key value map stored with a resource that may be\n set by external tools to store and retrieve arbitrary metadata. They are not\n queryable and should be preserved when modifying objects.\n\nExample: ` \"value\"`\n\nValidation Rules:\n ves.io.schema.rules.map.keys.string.max_len: 64\n ves.io.schema.rules.map.keys.string.min_len: 1\n ves.io.schema.rules.map.values.string.max_len: 1024\n ves.io.schema.rules.map.values.string.min_len: 1\n","title":"annotations","x-displayname":"Annotation","x-ves-validation-rules":{"ves.io.schema.rules.map.keys.string.max_len":"64","ves.io.schema.rules.map.keys.string.min_len":"1","ves.io.schema.rules.map.values.string.max_len":"1024","ves.io.schema.rules.map.values.string.min_len":"1"}},"description":{"type":"string","description":" Human readable description for the object\n\nExample: ` \"Virtual Host for acmecorp website\"`\n\nValidation Rules:\n ves.io.schema.rules.string.max_bytes: 1200\n","title":"description","maxLength":1200,"x-displayname":"Description","x-ves-example":"Virtual Host for acmecorp website","x-ves-validation-rules":{"ves.io.schema.rules.string.max_bytes":"1200"}},"disable":{"type":"boolean","description":" A value of true will administratively disable the object\n\nExample: ` \"true\"`","title":"disable","format":"boolean","x-displayname":"Disable"},"labels":{"type":"object","description":" Map of string keys and values that can be used to organize and categorize\n (scope and select) objects as chosen by the user. Values specified here will be used\n by selector expression\n\nExample: ` \"value\"`","title":"labels","x-displayname":"Labels"},"name":{"type":"string","description":" This is the name of configuration object. It has to be unique within the namespace.\n It can only be specified during create API and cannot be changed during replace API.\n The value of name has to follow DNS-1035 format.\n\nExample: ` \"acmecorp-web\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n","title":"name","x-displayname":"Name","x-ves-example":"acmecorp-web","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true"}},"namespace":{"type":"string","description":" This defines the workspace within which each the configuration object is to be created.\n Must be a DNS_LABEL format. For a namespace object itself, namespace value will be \"\"\n\nExample: ` \"staging\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"staging"}}},"schemaObjectGetMetaType":{"type":"object","description":"ObjectGetMetaType is metadata that can be specified in Get/Create response of an object.","title":"ObjectGetMetaType","x-displayname":"Get Metadata","x-ves-proto-message":"ves.io.schema.ObjectGetMetaType","properties":{"annotations":{"type":"object","description":" Annotations is an unstructured key value map stored with a resource that may be\n set by external tools to store and retrieve arbitrary metadata. They are not\n queryable and should be preserved when modifying objects.\n\nExample: ` \"value\"`\n\nValidation Rules:\n ves.io.schema.rules.map.keys.string.max_len: 64\n ves.io.schema.rules.map.keys.string.min_len: 1\n ves.io.schema.rules.map.values.string.max_len: 1024\n ves.io.schema.rules.map.values.string.min_len: 1\n","title":"annotations","x-displayname":"Annotation","x-ves-example":"value","x-ves-validation-rules":{"ves.io.schema.rules.map.keys.string.max_len":"64","ves.io.schema.rules.map.keys.string.min_len":"1","ves.io.schema.rules.map.values.string.max_len":"1024","ves.io.schema.rules.map.values.string.min_len":"1"}},"description":{"type":"string","description":" Human readable description for the object\n\nExample: ` \"Virtual Host for acmecorp website\"`\n\nValidation Rules:\n ves.io.schema.rules.string.max_bytes: 1200\n","title":"description","maxLength":1200,"x-displayname":"Description","x-ves-example":"Virtual Host for acmecorp website","x-ves-validation-rules":{"ves.io.schema.rules.string.max_bytes":"1200"}},"disable":{"type":"boolean","description":" A value of true will administratively disable the object\n\nExample: ` \"true\"`","title":"disable","format":"boolean","x-displayname":"Disable","x-ves-example":"true"},"labels":{"type":"object","description":" Map of string keys and values that can be used to organize and categorize\n (scope and select) objects as chosen by the user. Values specified here will be used\n by selector expression\n\nExample: ` \"value\"`","title":"labels","x-displayname":"Labels","x-ves-example":"value"},"name":{"type":"string","description":" This is the name of configuration object. It has to be unique within the namespace.\n It can only be specified during create API and cannot be changed during replace API.\n The value of name has to follow DNS-1035 format.\n\nExample: ` \"acmecorp-web\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n","title":"name","x-displayname":"Name","x-ves-example":"acmecorp-web","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true"}},"namespace":{"type":"string","description":" This defines the workspace within which each the configuration object is to be created.\n Must be a DNS_LABEL format. For a namespace object itself, namespace value will be \"\"\n\nExample: ` \"staging\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"staging"}}},"schemaObjectRefType":{"type":"object","description":"This type establishes a 'direct reference' from one object(the referrer) to another(the referred).\nSuch a reference is in form of tenant/namespace/name for public API and Uid for private API\nThis type of reference is called direct because the relation is explicit and concrete (as opposed\nto selector reference which builds a group based on labels of selectee objects)","title":"ObjectRefType","x-displayname":"Object reference","x-ves-proto-message":"ves.io.schema.ObjectRefType","properties":{"kind":{"type":"string","description":" When a configuration object(e.g. virtual_host) refers to another(e.g route)\n then kind will hold the referred object's kind (e.g. \"route\")\n\nExample: ` \"virtual_site\"`","title":"kind","x-displayname":"Kind","x-ves-example":"virtual_site"},"name":{"type":"string","description":" When a configuration object(e.g. virtual_host) refers to another(e.g route)\n then name will hold the referred object's(e.g. route's) name.\n\nExample: ` \"contactus-route\"`","title":"name","x-displayname":"Name","x-ves-example":"contactus-route"},"namespace":{"type":"string","description":" When a configuration object(e.g. virtual_host) refers to another(e.g route)\n then namespace will hold the referred object's(e.g. route's) namespace.\n\nExample: ` \"ns1\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"ns1"},"tenant":{"type":"string","description":" When a configuration object(e.g. virtual_host) refers to another(e.g route)\n then tenant will hold the referred object's(e.g. route's) tenant.\n\nExample: ` \"acmecorp\"`","title":"tenant","x-displayname":"Tenant","x-ves-example":"acmecorp"},"uid":{"type":"string","description":" When a configuration object(e.g. virtual_host) refers to another(e.g route)\n then uid will hold the referred object's(e.g. route's) uid.\n\nExample: ` \"d15f1fad-4d37-48c0-8706-df1824d76d31\"`","title":"uid","x-displayname":"UID","x-ves-example":"d15f1fad-4d37-48c0-8706-df1824d76d31"}}},"schemaObjectReplaceMetaType":{"type":"object","description":"ObjectReplaceMetaType is metadata that can be specified in Replace request of an object.","title":"ObjectReplaceMetaType","x-displayname":"Replace Metadata","x-ves-proto-message":"ves.io.schema.ObjectReplaceMetaType","properties":{"annotations":{"type":"object","description":" Annotations is an unstructured key value map stored with a resource that may be\n set by external tools to store and retrieve arbitrary metadata. They are not\n queryable and should be preserved when modifying objects.\n\nExample: ` \"value\"`\n\nValidation Rules:\n ves.io.schema.rules.map.keys.string.max_len: 64\n ves.io.schema.rules.map.keys.string.min_len: 1\n ves.io.schema.rules.map.values.string.max_len: 1024\n ves.io.schema.rules.map.values.string.min_len: 1\n","title":"annotations","x-displayname":"Annotations","x-ves-example":"value","x-ves-validation-rules":{"ves.io.schema.rules.map.keys.string.max_len":"64","ves.io.schema.rules.map.keys.string.min_len":"1","ves.io.schema.rules.map.values.string.max_len":"1024","ves.io.schema.rules.map.values.string.min_len":"1"}},"description":{"type":"string","description":" Human readable description for the object\n\nExample: ` \"Virtual Host for acmecorp website\"`\n\nValidation Rules:\n ves.io.schema.rules.string.max_bytes: 1200\n","title":"description","maxLength":1200,"x-displayname":"Description","x-ves-example":"Virtual Host for acmecorp website","x-ves-validation-rules":{"ves.io.schema.rules.string.max_bytes":"1200"}},"disable":{"type":"boolean","description":" A value of true will administratively disable the object\n\nExample: ` \"true\"`","title":"disable","format":"boolean","x-displayname":"Disable"},"labels":{"type":"object","description":" Map of string keys and values that can be used to organize and categorize\n (scope and select) objects as chosen by the user. Values specified here will be used\n by selector expression\n\nExample: ` \"value\"`","title":"labels","x-displayname":"Labels","x-ves-example":"value"},"name":{"type":"string","description":" This is the name of configuration object. It has to be unique within the namespace.\n It can only be specified during create API and cannot be changed during replace API.\n The value of name has to follow DNS-1035 format.\n\nExample: ` \"acmecorp-web\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n","title":"name","x-displayname":"Name","x-ves-example":"acmecorp-web","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true"}},"namespace":{"type":"string","description":" This defines the workspace within which each the configuration object is to be created.\n Must be a DNS_LABEL format. For a namespace object itself, namespace value will be \"\"\n\nExample: ` \"staging\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"staging"}}},"schemaRestAuthInfoType":{"type":"object","description":"Authentication parameters for REST based hosts","title":"RestAuthInfoType","x-displayname":"Rest Authentication Parameters","x-ves-oneof-field-auth_params":"[\"basic_auth\",\"headers_auth\",\"query_params_auth\"]","x-ves-proto-message":"ves.io.schema.RestAuthInfoType","properties":{"basic_auth":{"$ref":"#/components/schemas/schemaAuthnTypeBasicAuth"},"headers_auth":{"$ref":"#/components/schemas/schemaAuthnTypeHeaders"},"query_params_auth":{"$ref":"#/components/schemas/schemaAuthnTypeQueryParams"}}},"schemaSecretEncodingType":{"type":"string","description":"x-displayName: \"Secret Encoding\"\nSecretEncodingType defines the encoding type of the secret before handled by the Secret Management Service.\n\n - EncodingNone: x-displayName: \"None\"\nNo Encoding\n - EncodingBase64: Base64\n\nx-displayName: \"Base64\"\nBase64 encoding","title":"SecretEncodingType","enum":["EncodingNone","EncodingBase64"],"default":"EncodingNone"},"schemaSecretType":{"type":"object","description":"SecretType is used in an object to indicate a sensitive/confidential field","title":"SecretType","x-displayname":"Secret","x-ves-oneof-field-secret_info_oneof":"[\"blindfold_secret_info\",\"clear_secret_info\"]","x-ves-proto-message":"ves.io.schema.SecretType","properties":{"blindfold_secret_info":{"$ref":"#/components/schemas/schemaBlindfoldSecretInfoType"},"clear_secret_info":{"$ref":"#/components/schemas/schemaClearSecretInfoType"}}},"schemaSiteRefType":{"type":"object","description":"This specifies a direct reference to a site configuration object","title":"SiteRefType","x-displayname":"Site Reference","x-ves-oneof-field-internet_vip_choice":"[\"disable_internet_vip\",\"enable_internet_vip\"]","x-ves-proto-message":"ves.io.schema.SiteRefType","properties":{"disable_internet_vip":{"$ref":"#/components/schemas/ioschemaEmpty"},"enable_internet_vip":{"$ref":"#/components/schemas/ioschemaEmpty"},"network_type":{"$ref":"#/components/schemas/schemaVirtualNetworkType"},"ref":{"type":"array","description":" A site direct reference\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.repeated.max_items: 1\n","title":"ref","maxItems":1,"items":{"$ref":"#/components/schemas/schemaObjectRefType"},"x-displayname":"Reference","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.repeated.max_items":"1"}}}},"schemaStatusMetaType":{"type":"object","description":"StatusMetaType is metadata that all status must have.","title":"StatusMetaType","x-displayname":"Metadata","x-ves-proto-message":"ves.io.schema.StatusMetaType","properties":{"creation_timestamp":{"type":"string","description":" creation_timestamp is when the status object was created. It is used to find/tie-break\n for latest status object from same origin","title":"creation_timestamp","format":"date-time","x-displayname":"Creation Timestamp"},"creator_class":{"type":"string","description":" Class of creator which created this StatusObject. This will be service's DNS FQDN.\n This will be set by the system based on client certificate information.\n\nExample: ` \"ver.re1.int.ves.io\"`","title":"creator_class","x-displayname":"Creator Class","x-ves-example":"ver.re1.int.ves.io"},"creator_id":{"type":"string","description":" ID of creator which created this StatusObject. This will be a concrete identifier for service (e.g.\n identifying the environment also). This will be set by the system based on client certificate\n information\n\nExample: ` \"ver-instance-1\"`","title":"creator_id","x-displayname":"Creator ID","x-ves-example":"ver-instance-1"},"publish":{"$ref":"#/components/schemas/schemaStatusPublishType"},"status_id":{"type":"string","description":" status_id is a field used by the generator to distinguish (if necessary) between two status\n objects for the same config object from the same site and same service and potentially same\n daemon(creator-id)","title":"status_id","x-displayname":"Status ID"},"uid":{"type":"string","description":" uid is the unique in time and space value for a StatusObject.\n\nExample: ` \"d15f1fad-4d37-48c0-8706-df1824d76d31\"`","title":"uid","x-displayname":"UID","x-ves-example":"d15f1fad-4d37-48c0-8706-df1824d76d31"},"vtrp_id":{"type":"string","description":" Origin of this status exchanged by VTRP.","title":"vtrp_id","x-displayname":"VTRP ID"},"vtrp_stale":{"type":"boolean","description":" Indicate whether mars deems this object to be stale via graceful restart timer information","title":"vtrp_stale","format":"boolean","x-displayname":"VTRP Stale"}}},"schemaStatusPublishType":{"type":"string","description":"StatusPublishType is all possible publish operations on a StatusObject\n\n - STATUS_DO_NOT_PUBLISH: Do Not Publish\n\nDo not propagate this status to user. This could be because status is only informational\n - STATUS_PUBLISH: Publish\n\nPropagate this status up to user as it might be actionable","title":"StatusPublishType","enum":["STATUS_DO_NOT_PUBLISH","STATUS_PUBLISH"],"default":"STATUS_DO_NOT_PUBLISH","x-displayname":"Status Publish Type","x-ves-proto-enum":"ves.io.schema.StatusPublishType"},"schemaStatusType":{"type":"object","description":"Status is a return value for calls that don't return other objects.","title":"StatusType","x-displayname":"Status","x-ves-proto-message":"ves.io.schema.StatusType","properties":{"code":{"type":"integer","description":" Suggested HTTP return code for this status, 0 if not set.\n\nExample: ` \"0\"`","title":"code","format":"int32","x-displayname":"Code","x-ves-example":"0"},"reason":{"type":"string","description":" A human-readable description of why this operation is in the\n \"Failure\" status. If this value is empty there\n is no information available.\n\nExample: ` \"value\"`","title":"reason","x-displayname":"Reason","x-ves-example":"value"},"status":{"type":"string","description":" Status of the operation.\n One of: \"Success\" or \"Failure\".\n\nExample: ` \"value\"`","title":"status","x-displayname":"Status","x-ves-example":"value"}}},"schemaSystemObjectGetMetaType":{"type":"object","description":"SystemObjectGetMetaType is metadata generated or populated by the system for all persisted objects and\ncannot be updated directly by users.","title":"SystemObjectGetMetaType","x-displayname":"System Metadata","x-ves-proto-message":"ves.io.schema.SystemObjectGetMetaType","properties":{"creation_timestamp":{"type":"string","description":" CreationTimestamp is a timestamp representing the server time when this object was\n created. It is not guaranteed to be set in happens-before order across separate operations.\n Clients may not set this value. It is represented in RFC3339 form and is in UTC.","title":"creation_timestamp","format":"date-time","x-displayname":"Creation Timestamp"},"creator_class":{"type":"string","description":" A value identifying the class of the user or service which created this configuration object.\n\nExample: ` \"value\"`","title":"creator_class","x-displayname":"Creator Class","x-ves-example":"prism"},"creator_id":{"type":"string","description":" A value identifying the exact user or service that created this configuration object\n\nExample: ` \"value\"`","title":"creator_id","x-displayname":"Creator ID","x-ves-example":"admin@acmecorp.com"},"deletion_timestamp":{"type":"string","description":" DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This\n field is set by the server when a graceful deletion is requested by the user, and is not\n directly settable by a client. The resource is expected to be deleted (no longer visible\n from resource lists, and not reachable by name) after the time in this field, once the\n finalizers list is empty. As long as the finalizers list contains items, deletion is blocked.\n Once the deletionTimestamp is set, this value may not be unset or be set further into the\n future, although it may be shortened or the resource may be deleted prior to this time.\n For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react\n by sending a graceful termination signal to the containers in the pod. After that 30 seconds,\n the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup,\n remove the pod from the API. In the presence of network partitions, this object may still\n exist after this timestamp, until an administrator or automated process can determine the\n resource is fully terminated.\n If not set, graceful deletion of the object has not been requested.\n\n Populated by the system when a graceful deletion is requested.\n Read-only.","title":"deletion_timestamp","format":"date-time","x-displayname":"Deletion Timestamp"},"finalizers":{"type":"array","description":" Must be empty before the object is deleted from the registry. Each entry\n is an identifier for the responsible component that will remove the entry\n from the list. If the deletionTimestamp of the object is non-nil, entries\n in this list can only be removed.\n\nExample: ` \"value\"`","title":"finalizers","items":{"type":"string"},"x-displayname":"Finalizers","x-ves-example":"value"},"initializers":{"$ref":"#/components/schemas/schemaInitializersType"},"labels":{"type":"object","description":" Map of string keys and values that can be used to organize and categorize\n (scope and select) objects as chosen by the operator or software. Values here can be interpreted\n by software(backend or frontend) to enable certain behavior e.g. things marked as soft-deleted(restorable).\n\nExample: ` \"'ves.io/soft-deleted''true'\"`","title":"labels","x-displayname":"Labels","x-ves-example":"'ves.io/soft-deleted': 'true'"},"modification_timestamp":{"type":"string","description":" ModificationTimestamp is a timestamp representing the server time when this object was\n last modified.","title":"modification_timestamp","format":"date-time","x-displayname":"Modification Timestamp"},"object_index":{"type":"integer","description":" Unique index for the object. Some objects need a unique integer index to be allocated\n for each object type. This field will be populated for all objects that need it and will\n be zero otherwise.\n\nExample: ` \"0\"`","title":"object_index","format":"int64","x-displayname":"Object Index","x-ves-example":"0"},"owner_view":{"$ref":"#/components/schemas/schemaViewRefType"},"tenant":{"type":"string","description":" Tenant to which this configuration object belongs to. The value for this is found from\n presented credentials.\n\nExample: ` \"acmecorp\"`","title":"tenant","x-displayname":"Tenant","x-ves-example":"acmecorp"},"uid":{"type":"string","description":" uid is the unique in time and space value for this object. It is generated by\n the server on successful creation of an object and is not allowed to change on Replace\n API. The value of is taken from uid field of ObjectMetaType, if provided.\n\nExample: ` \"d15f1fad-4d37-48c0-8706-df1824d76d31\"`","title":"uid","x-displayname":"UID","x-ves-example":"d15f1fad-4d37-48c0-8706-df1824d76d31"}}},"schemaTlsCertificateType":{"type":"object","description":"Handle to fetch certificate and key","title":"TlsCertificateType","x-displayname":"TLS Certificate","x-ves-oneof-field-ocsp_stapling_choice":"[\"custom_hash_algorithms\",\"disable_ocsp_stapling\",\"use_system_defaults\"]","x-ves-proto-message":"ves.io.schema.TlsCertificateType","properties":{"certificate_url":{"type":"string","description":" TLS certificate.\n Certificate or certificate chain in PEM format including the PEM headers.\n\nExample: ` \"value\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.string.certificate_url: true\n ves.io.schema.rules.string.max_bytes: 131072\n ves.io.schema.rules.string.min_bytes: 1\n","title":"certificate_url","minLength":1,"maxLength":131072,"x-displayname":"Certificate","x-ves-example":"value","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.string.certificate_url":"true","ves.io.schema.rules.string.max_bytes":"131072","ves.io.schema.rules.string.min_bytes":"1"}},"custom_hash_algorithms":{"$ref":"#/components/schemas/schemaHashAlgorithms"},"description":{"type":"string","description":" Description for the certificate\n\nExample: ` \"Certificate used in production environment\"`","title":"description","x-displayname":"Description","x-ves-example":"Certificate used in production environment"},"disable_ocsp_stapling":{"$ref":"#/components/schemas/ioschemaEmpty"},"private_key":{"$ref":"#/components/schemas/schemaSecretType"},"use_system_defaults":{"$ref":"#/components/schemas/ioschemaEmpty"}}},"schemaTlsParamsType":{"type":"object","description":"Information of different aspects for TLS authentication related to ciphers,\ncertificates and trust store","title":"TlsParamsType","x-displayname":"TLS Parameters","x-ves-displayorder":"4,7,1,2,3","x-ves-proto-message":"ves.io.schema.TlsParamsType","properties":{"cipher_suites":{"type":"array","description":" The following list specifies the supported cipher suite\n TLS_AES_128_GCM_SHA256\n TLS_AES_256_GCM_SHA384\n TLS_CHACHA20_POLY1305_SHA256\n TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256\n TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384\n TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256\n TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\n TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384\n TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256\n TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA\n TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA\n TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA\n TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA\n TLS_RSA_WITH_AES_128_CBC_SHA\n TLS_RSA_WITH_AES_128_GCM_SHA256\n TLS_RSA_WITH_AES_256_CBC_SHA\n TLS_RSA_WITH_AES_256_GCM_SHA384\n\n If not specified, the default list:\n TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256\n TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256\n TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\n TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256\n TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384\n TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384\n will be used.\n\nExample: ` \"TLS_AES_128_GCM_SHA256\"`\n\nValidation Rules:\n ves.io.schema.rules.repeated.items.string.in: [\\\"TLS_AES_128_GCM_SHA256\\\",\\\"TLS_AES_256_GCM_SHA384\\\",\\\"TLS_CHACHA20_POLY1305_SHA256\\\",\\\"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256\\\",\\\"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384\\\",\\\"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256\\\",\\\"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\\\",\\\"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384\\\",\\\"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256\\\",\\\"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA\\\",\\\"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA\\\",\\\"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA\\\",\\\"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA\\\",\\\"TLS_RSA_WITH_AES_128_CBC_SHA\\\",\\\"TLS_RSA_WITH_AES_128_GCM_SHA256\\\",\\\"TLS_RSA_WITH_AES_256_CBC_SHA\\\",\\\"TLS_RSA_WITH_AES_256_GCM_SHA384\\\"]\n ves.io.schema.rules.repeated.unique: true\n","title":"cipher_suites","items":{"type":"string"},"x-displayname":"Cipher Suites","x-ves-example":"TLS_AES_128_GCM_SHA256","x-ves-validation-rules":{"ves.io.schema.rules.repeated.items.string.in":"[\\\"TLS_AES_128_GCM_SHA256\\\",\\\"TLS_AES_256_GCM_SHA384\\\",\\\"TLS_CHACHA20_POLY1305_SHA256\\\",\\\"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256\\\",\\\"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384\\\",\\\"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256\\\",\\\"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\\\",\\\"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384\\\",\\\"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256\\\",\\\"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA\\\",\\\"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA\\\",\\\"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA\\\",\\\"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA\\\",\\\"TLS_RSA_WITH_AES_128_CBC_SHA\\\",\\\"TLS_RSA_WITH_AES_128_GCM_SHA256\\\",\\\"TLS_RSA_WITH_AES_256_CBC_SHA\\\",\\\"TLS_RSA_WITH_AES_256_GCM_SHA384\\\"]","ves.io.schema.rules.repeated.unique":"true"}},"maximum_protocol_version":{"$ref":"#/components/schemas/schemaTlsProtocol"},"minimum_protocol_version":{"$ref":"#/components/schemas/schemaTlsProtocol"},"tls_certificates":{"type":"array","description":" Set of TLS certificates","title":"tls_certificates","items":{"$ref":"#/components/schemas/schemaTlsCertificateType"},"x-displayname":"TLS Certificates"},"validation_params":{"$ref":"#/components/schemas/schemaTlsValidationParamsType"}}},"schemaTlsProtocol":{"type":"string","description":"TlsProtocol is enumeration of supported TLS versions\n\nF5 Distributed Cloud will choose the optimal TLS version.","title":"TlsProtocol","enum":["TLS_AUTO","TLSv1_0","TLSv1_1","TLSv1_2","TLSv1_3"],"default":"TLS_AUTO","x-displayname":"TLS Protocol","x-ves-proto-enum":"ves.io.schema.TlsProtocol"},"schemaTlsValidationParamsType":{"type":"object","description":"This includes URL for a trust store, whether SAN verification is required\nand list of Subject Alt Names for verification","title":"TlsValidationParamsType","x-displayname":"TLS Certificate Validation Parameters","x-ves-oneof-field-trusted_ca_choice":"[\"trusted_ca\",\"trusted_ca_url\"]","x-ves-proto-message":"ves.io.schema.TlsValidationParamsType","properties":{"skip_hostname_verification":{"type":"boolean","description":" When True, skip verification of hostname i.e. CN/Subject Alt Name of certificate\n is not matched to the connecting hostname","title":"skip_hostname_verification","format":"boolean","x-displayname":"Skip verification of hostname"},"trusted_ca":{"$ref":"#/components/schemas/schemaTrustedCAList"},"trusted_ca_url":{"type":"string","description":"Exclusive with [trusted_ca]\n Inline Root CA Certificate\n\nValidation Rules:\n ves.io.schema.rules.string.max_bytes: 131072\n ves.io.schema.rules.string.truststore_url: true\n","title":"trusted_ca_url","maxLength":131072,"x-displayname":"Inline Root CA Certificate (legacy)","x-ves-validation-rules":{"ves.io.schema.rules.string.max_bytes":"131072","ves.io.schema.rules.string.truststore_url":"true"}},"verify_subject_alt_names":{"type":"array","description":" List of acceptable Subject Alt Names/CN in the peer's certificate.\n When skip_hostname_verification is false and verify_subject_alt_names is empty,\n the hostname of the peer will be used for matching against SAN/CN of peer's certificate\n\nExample: ` \"value\"`","title":"verify_subject_alt_names","items":{"type":"string"},"x-displayname":"List of SANs for matching","x-ves-example":"value"}}},"schemaTrustedCAList":{"type":"object","description":"Reference to Root CA Certificate","title":"Root CA Certificate","x-displayname":"Root CA Certificate Reference","x-ves-proto-message":"ves.io.schema.TrustedCAList","properties":{"trusted_ca_list":{"type":"array","description":" Reference to Root CA Certificate\n\nValidation Rules:\n ves.io.schema.rules.repeated.max_items: 1\n","title":"Root CA Certificate","maxItems":1,"items":{"$ref":"#/components/schemas/schemaObjectRefType"},"x-displayname":"Root CA Certificate Reference","x-ves-validation-rules":{"ves.io.schema.rules.repeated.max_items":"1"}}}},"schemaURLSchemeType":{"type":"string","description":"SchemeType is used to indicate URL scheme\n\nhttp:// scheme\nhttps:// scheme","title":"URLSchemeType","enum":["HTTP","HTTPS"],"default":"HTTP","x-displayname":"URL Scheme","x-ves-proto-enum":"ves.io.schema.URLSchemeType"},"schemaUpstreamCertificateParamsType":{"type":"object","description":"Certificate Parameters for authentication, TLS ciphers, and trust store","title":"UpstreamCertificateParamsType","x-displayname":"Upstream Certificate Parameters","x-ves-displayorder":"1,2,3,4,5","x-ves-proto-message":"ves.io.schema.UpstreamCertificateParamsType","properties":{"certificates":{"type":"array","description":" Client TLS Certificate required for mTLS authentication\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.string.max_len: 1\n ves.io.schema.rules.string.min_len: 1\n","title":"certificates","items":{"$ref":"#/components/schemas/schemaObjectRefType"},"x-displayname":"Client Certificate","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.string.max_len":"1","ves.io.schema.rules.string.min_len":"1"}},"cipher_suites":{"type":"array","description":" The following list specifies the supported cipher suite\n TLS_AES_128_GCM_SHA256\n TLS_AES_256_GCM_SHA384\n TLS_CHACHA20_POLY1305_SHA256\n TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256\n TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384\n TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256\n TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\n TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384\n TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256\n TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA\n TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA\n TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA\n TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA\n TLS_RSA_WITH_AES_128_CBC_SHA\n TLS_RSA_WITH_AES_128_GCM_SHA256\n TLS_RSA_WITH_AES_256_CBC_SHA\n TLS_RSA_WITH_AES_256_GCM_SHA384\n\n If not specified, the default list:\n TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256\n TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256\n TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\n TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256\n TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384\n TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384\n will be used.\n\nExample: ` \"TLS_AES_128_GCM_SHA256\"`\n\nValidation Rules:\n ves.io.schema.rules.repeated.items.string.in: [\\\"TLS_AES_128_GCM_SHA256\\\",\\\"TLS_AES_256_GCM_SHA384\\\",\\\"TLS_CHACHA20_POLY1305_SHA256\\\",\\\"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256\\\",\\\"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384\\\",\\\"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256\\\",\\\"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\\\",\\\"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384\\\",\\\"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256\\\",\\\"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA\\\",\\\"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA\\\",\\\"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA\\\",\\\"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA\\\",\\\"TLS_RSA_WITH_AES_128_CBC_SHA\\\",\\\"TLS_RSA_WITH_AES_128_GCM_SHA256\\\",\\\"TLS_RSA_WITH_AES_256_CBC_SHA\\\",\\\"TLS_RSA_WITH_AES_256_GCM_SHA384\\\"]\n ves.io.schema.rules.repeated.unique: true\n","title":"cipher_suites","items":{"type":"string"},"x-displayname":"Cipher Suites","x-ves-example":"TLS_AES_128_GCM_SHA256","x-ves-validation-rules":{"ves.io.schema.rules.repeated.items.string.in":"[\\\"TLS_AES_128_GCM_SHA256\\\",\\\"TLS_AES_256_GCM_SHA384\\\",\\\"TLS_CHACHA20_POLY1305_SHA256\\\",\\\"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256\\\",\\\"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384\\\",\\\"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256\\\",\\\"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\\\",\\\"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384\\\",\\\"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256\\\",\\\"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA\\\",\\\"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA\\\",\\\"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA\\\",\\\"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA\\\",\\\"TLS_RSA_WITH_AES_128_CBC_SHA\\\",\\\"TLS_RSA_WITH_AES_128_GCM_SHA256\\\",\\\"TLS_RSA_WITH_AES_256_CBC_SHA\\\",\\\"TLS_RSA_WITH_AES_256_GCM_SHA384\\\"]","ves.io.schema.rules.repeated.unique":"true"}},"maximum_protocol_version":{"$ref":"#/components/schemas/schemaTlsProtocol"},"minimum_protocol_version":{"$ref":"#/components/schemas/schemaTlsProtocol"},"validation_params":{"$ref":"#/components/schemas/schemaTlsValidationParamsType"}}},"schemaUpstreamTlsParamsType":{"type":"object","description":"TLS configuration for upstream connections","title":"UpstreamTlsParamsType","x-displayname":"Upstream TLS Parameters","x-ves-displayorder":"5,6,8","x-ves-oneof-field-max_session_keys_type":"[\"default_session_key_caching\",\"disable_session_key_caching\",\"max_session_keys\"]","x-ves-oneof-field-sni_choice":"[\"disable_sni\",\"sni\",\"use_host_header_as_sni\"]","x-ves-oneof-field-tls_params_choice":"[\"cert_params\",\"common_params\"]","x-ves-proto-message":"ves.io.schema.UpstreamTlsParamsType","properties":{"cert_params":{"$ref":"#/components/schemas/schemaUpstreamCertificateParamsType"},"common_params":{"$ref":"#/components/schemas/schemaTlsParamsType"},"default_session_key_caching":{"$ref":"#/components/schemas/ioschemaEmpty"},"disable_session_key_caching":{"$ref":"#/components/schemas/ioschemaEmpty"},"disable_sni":{"$ref":"#/components/schemas/ioschemaEmpty"},"max_session_keys":{"type":"integer","description":"Exclusive with [default_session_key_caching disable_session_key_caching]\n x-example:\"25\"\n Number of session keys that are cached.\n\nValidation Rules:\n ves.io.schema.rules.uint32.gte: 2\n ves.io.schema.rules.uint32.lte: 64\n","title":"Max Session Keys Cached","format":"int64","x-displayname":"Max Session Keys Cached","x-ves-validation-rules":{"ves.io.schema.rules.uint32.gte":"2","ves.io.schema.rules.uint32.lte":"64"}},"sni":{"type":"string","description":"Exclusive with [disable_sni use_host_header_as_sni]\n SNI value to be used.\n\nValidation Rules:\n ves.io.schema.rules.string.hostname: true\n ves.io.schema.rules.string.max_len: 256\n","title":"sni","maxLength":256,"x-displayname":"SNI Value","x-ves-validation-rules":{"ves.io.schema.rules.string.hostname":"true","ves.io.schema.rules.string.max_len":"256"}},"use_host_header_as_sni":{"$ref":"#/components/schemas/ioschemaEmpty"}}},"schemaVSiteRefType":{"type":"object","description":"A reference to virtual_site object","title":"VSiteRefType","x-displayname":"Virtual Site","x-ves-oneof-field-internet_vip_choice":"[\"disable_internet_vip\",\"enable_internet_vip\"]","x-ves-proto-message":"ves.io.schema.VSiteRefType","properties":{"disable_internet_vip":{"$ref":"#/components/schemas/ioschemaEmpty"},"enable_internet_vip":{"$ref":"#/components/schemas/ioschemaEmpty"},"network_type":{"$ref":"#/components/schemas/schemaVirtualNetworkType"},"ref":{"type":"array","description":" A virtual_site direct reference\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.repeated.max_items: 1\n","title":"ref","maxItems":1,"items":{"$ref":"#/components/schemas/schemaObjectRefType"},"x-displayname":"Reference","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.repeated.max_items":"1"}}}},"schemaVaultAuthInfoType":{"type":"object","description":"Authentication parameters for Hashicorp Vault hosts","title":"VaultAuthTypeInfo","x-displayname":"Vault Authentication Parameters","x-ves-oneof-field-auth_params":"[\"app_role_auth\",\"token\"]","x-ves-proto-message":"ves.io.schema.VaultAuthInfoType","properties":{"app_role_auth":{"$ref":"#/components/schemas/schemaAppRoleAuthInfoType"},"token":{"$ref":"#/components/schemas/schemaSecretType"}}},"schemaVaultSecretInfoType":{"type":"object","description":"x-displayName: \"Vault Secret\"\nVaultSecretInfoType specifies information about the Secret managed by Hashicorp Vault.","title":"VaultSecretInfoType","properties":{"key":{"type":"string","description":"x-displayName: \"Key\"\nx-example: \"key_pem\"\nKey of the individual secret. Vault Secrets are stored as key-value pair.\nIf user is only interested in one value from the map, this field should be set to the corresponding key.\nIf not provided entire secret will be returned.","title":"Key"},"location":{"type":"string","description":"x-displayName: \"Location\"\nx-required\nx-example: \"v1/data/vhost_key\"\nPath to secret in Vault.","title":"Location"},"provider":{"type":"string","description":"x-displayName: \"Provider\"\nx-required\nx-example: \"vault-vh-provider\"\nName of the Secret Management Access object that contains information about the backend Vault.","title":"Provider"},"secret_encoding":{"$ref":"#/components/schemas/schemaSecretEncodingType"},"version":{"type":"integer","description":"x-displayName: \"Version\"\nx-example: \"1\"\nVersion of the secret to be fetched. As vault secrets are versioned, user can specify this field to fetch specific version.\nIf not provided latest version will be returned.","title":"Version","format":"int64"}}},"schemaViewRefType":{"type":"object","description":"ViewRefType represents a reference to a view","title":"ViewRefType","x-displayname":"View Reference","x-ves-proto-message":"ves.io.schema.ViewRefType","properties":{"kind":{"type":"string","description":" Kind of the view object\n\nExample: ` \"http_proxy\"`","title":"kind","x-displayname":"Kind","x-ves-example":"http_proxy"},"name":{"type":"string","description":" When a configuration object(e.g. virtual_host) refers to another(e.g route)\n then name will hold the referred object's(e.g. route's) name.\n\nExample: ` \"contactus-route\"`","title":"name","x-displayname":"Name","x-ves-example":"contactus-route"},"namespace":{"type":"string","description":" When a configuration object(e.g. virtual_host) refers to another(e.g route)\n then namespace will hold the referred object's(e.g. route's) namespace.\n\nExample: ` \"ns1\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"ns1"},"uid":{"type":"string","description":" UID of the view object\n\nExample: ` \"f3744323-1adf-4aaa-a5dc-0707c1d1bd82\"`","title":"uid","x-displayname":"UID","x-ves-example":"f3744323-1adf-4aaa-a5dc-0707c1d1bd82"}}},"schemaVirtualNetworkType":{"type":"string","description":"Different types of virtual networks understood by the system\n\nVirtual-network of type VIRTUAL_NETWORK_SITE_LOCAL provides connectivity to public (outside) network.\nThis is an insecure network and is connected to public internet via NAT Gateways/firwalls\nVirtual-network of this type is local to every site. Two virtual networks of this type on different\nsites are neither related nor connected.\n\nConstraints:\nThere can be atmost one virtual network of this type in a given site.\nThis network type is supported on CE sites. This network is created automatically and present on all sites\nVirtual-network of type VIRTUAL_NETWORK_SITE_LOCAL_INSIDE is a private network inside site.\nIt is a secure network and is not connected to public network.\nVirtual-network of this type is local to every site. Two virtual networks of this type on different\nsites are neither related nor connected.\n\nConstraints:\nThere can be atmost one virtual network of this type in a given site.\nThis network type is supported on CE sites. This network is created during provisioning of site\nUser defined per-site virtual network. Scope of this virtual network is limited to the site.\nThis is not yet supported\nVirtual-network of type VIRTUAL_NETWORK_PUBLIC directly conects to the public internet.\nVirtual-network of this type is local to every site. Two virtual networks of this type on different sites are neither related nor connected.\n\nConstraints:\nThere can be atmost one virtual network of this type in a given site.\nThis network type is supported on RE sites only\nIt is an internally created by the system. They must not be created by user\nVirtual Neworks with global scope across different sites in F5XC domain.\nAn example global virtual-network called \"AIN Network\" is created for every tenant.\nfor volterra fabric\n\nConstraints:\nIt is currently only supported as internally created by the system.\nvK8s service network for a given tenant. Used to advertise a virtual host only to vk8s pods for that tenant\nConstraints:\nIt is an internally created by the system. Must not be created by user\nVER internal network for the site. It can only be used for virtual hosts with SMA_PROXY type proxy\nConstraints:\nIt is an internally created by the system. Must not be created by user\nVirtual-network of type VIRTUAL_NETWORK_SITE_LOCAL_INSIDE_OUTSIDE represents both\nVIRTUAL_NETWORK_SITE_LOCAL and VIRTUAL_NETWORK_SITE_LOCAL_INSIDE\n\nConstraints:\nThis network type is only meaningful in an advertise policy\nWhen virtual-network of type VIRTUAL_NETWORK_IP_AUTO is selected for\nan endpoint, VER will try to determine the network based on the provided\nIP address\n\nConstraints:\nThis network type is only meaningful in an endpoint\n\nVoltADN Private Network is used on volterra RE(s) to connect to customer private networks\nThis network is created by opening a support ticket\n\nThis network is per site srv6 network\nVER IP Fabric network for the site.\nThis Virtual network type is used for exposing virtual host on IP Fabric network on the VER site or\nfor endpoint in IP Fabric network\nConstraints:\nIt is an internally created by the system. Must not be created by user\nNetwork internally created for a segment\nConstraints:\nIt is an internally created by the system. Must not be created by user","title":"VirtualNetworkType","enum":["VIRTUAL_NETWORK_SITE_LOCAL","VIRTUAL_NETWORK_SITE_LOCAL_INSIDE","VIRTUAL_NETWORK_PER_SITE","VIRTUAL_NETWORK_PUBLIC","VIRTUAL_NETWORK_GLOBAL","VIRTUAL_NETWORK_SITE_SERVICE","VIRTUAL_NETWORK_VER_INTERNAL","VIRTUAL_NETWORK_SITE_LOCAL_INSIDE_OUTSIDE","VIRTUAL_NETWORK_IP_AUTO","VIRTUAL_NETWORK_VOLTADN_PRIVATE_NETWORK","VIRTUAL_NETWORK_SRV6_NETWORK","VIRTUAL_NETWORK_IP_FABRIC","VIRTUAL_NETWORK_SEGMENT"],"default":"VIRTUAL_NETWORK_SITE_LOCAL","x-displayname":"Virtual Network Type","x-ves-proto-enum":"ves.io.schema.VirtualNetworkType"},"schemaWingmanSecretInfoType":{"type":"object","description":"x-displayName: \"Wingman Secret\"\nWingmanSecretInfoType specifies the handle to the wingman secret","title":"WingmanSecretInfoType","properties":{"name":{"type":"string","description":"x-displayName: \"Name\"\nx-required\nx-example: \"ChargeBack-API-Key\"\nName of the secret.","title":"Name"}}},"secret_management_accessCreateRequest":{"type":"object","description":"This is the input message of the 'Create' RPC","title":"CreateRequest is used to create an instance of secret_management_access","x-displayname":"Create Request","x-ves-proto-message":"ves.io.schema.secret_management_access.CreateRequest","properties":{"metadata":{"$ref":"#/components/schemas/schemaObjectCreateMetaType"},"spec":{"$ref":"#/components/schemas/secret_management_accessCreateSpecType"}}},"secret_management_accessCreateResponse":{"type":"object","x-ves-proto-message":"ves.io.schema.secret_management_access.CreateResponse","properties":{"metadata":{"$ref":"#/components/schemas/schemaObjectGetMetaType"},"spec":{"$ref":"#/components/schemas/secret_management_accessGetSpecType"},"system_metadata":{"$ref":"#/components/schemas/schemaSystemObjectGetMetaType"}}},"secret_management_accessCreateSpecType":{"type":"object","description":"Create secret_management_access creates a new object in storage backend for metadata.namespace.","title":"Create Secret Management Access Object","x-displayname":"Create Secret Management Access","x-ves-displayorder":"2,3,1","x-ves-proto-message":"ves.io.schema.secret_management_access.CreateSpecType","properties":{"access_info":{"$ref":"#/components/schemas/schemaHostAccessInfoType"},"provider_name":{"type":"string","description":" Name given to this secret management backend. site.provider needs to be unique, and will be referenced for using this object\n\nExample: ` \"vault_backend\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.string.max_len: 256\n ves.io.schema.rules.string.min_len: 1\n","minLength":1,"maxLength":256,"x-displayname":"Provider Name","x-ves-example":"vault_backend","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.string.max_len":"256","ves.io.schema.rules.string.min_len":"1"}},"where":{"$ref":"#/components/schemas/schemaNetworkSiteRefSelector"}}},"secret_management_accessDeleteRequest":{"type":"object","description":"This is the input message of the 'Delete' RPC.","title":"DeleteRequest is used to delete a secret_management_access","x-displayname":"Delete Request","x-ves-proto-message":"ves.io.schema.secret_management_access.DeleteRequest","properties":{"fail_if_referred":{"type":"boolean","description":" Fail the delete operation if this object is being referred by other objects","title":"fail_if_referred","format":"boolean","x-displayname":"Fail-If-Referred"},"name":{"type":"string","description":" Name of the configuration object\n\nExample: ` \"name\"`","title":"name","x-displayname":"Name","x-ves-example":"name"},"namespace":{"type":"string","description":" Namespace in which the configuration object is present\n\nExample: ` \"ns1\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"ns1"}}},"secret_management_accessGetResponse":{"type":"object","description":"This is the output message of the 'Get' RPC","title":"GetResponse is the shape of a read secret_management_access","x-displayname":"Get Response","x-ves-proto-message":"ves.io.schema.secret_management_access.GetResponse","properties":{"create_form":{"$ref":"#/components/schemas/secret_management_accessCreateRequest"},"deleted_referred_objects":{"type":"array","description":"The set of deleted objects that are referred by this object","title":"deleted_referred_objects","items":{"$ref":"#/components/schemas/schemaObjectRefType"},"x-displayname":"Deleted Referred Objects"},"disabled_referred_objects":{"type":"array","description":"The set of deleted objects that are referred by this object","title":"disabled_referred_objects","items":{"$ref":"#/components/schemas/schemaObjectRefType"},"x-displayname":"Disabled Referred Objects"},"metadata":{"$ref":"#/components/schemas/schemaObjectGetMetaType"},"referring_objects":{"type":"array","description":"The set of objects that are referring to this object in their spec","title":"referring_objects","items":{"$ref":"#/components/schemas/schemaObjectRefType"},"x-displayname":"Referring Objects"},"replace_form":{"$ref":"#/components/schemas/secret_management_accessReplaceRequest"},"spec":{"$ref":"#/components/schemas/secret_management_accessGetSpecType"},"status":{"type":"array","description":"The status reported by different services for this configuration object","title":"status","items":{"$ref":"#/components/schemas/secret_management_accessStatusObject"},"x-displayname":"Status"},"system_metadata":{"$ref":"#/components/schemas/schemaSystemObjectGetMetaType"}}},"secret_management_accessGetResponseFormatCode":{"type":"string","description":"x-displayName: \"Get Response Format\"\nThis is the various forms that can be requested to be sent in the GetResponse\n\n - GET_RSP_FORMAT_DEFAULT: x-displayName: \"Default Format\"\nDefault format of returned resource\n - GET_RSP_FORMAT_FOR_CREATE: x-displayName: \"Create request Format\"\nResponse should be in CreateRequest format\n - GET_RSP_FORMAT_FOR_REPLACE: x-displayName: \"Replace request format\"\nResponse should be in ReplaceRequest format\n - GET_RSP_FORMAT_STATUS: x-displayName: \"Status format\"\nResponse should be in StatusObject(s) format\n - GET_RSP_FORMAT_READ: x-displayName: \"GetSpecType format\"\nResponse should be in format of GetSpecType\n - GET_RSP_FORMAT_REFERRING_OBJECTS: x-displayName: \"Referring Objects\"\nResponse should have other objects referring to this object\n - GET_RSP_FORMAT_BROKEN_REFERENCES: x-displayName: \"Broken Referred Objects\"\nResponse should have deleted and disabled objects referrred by this object","title":"GetResponseFormatCode","enum":["GET_RSP_FORMAT_DEFAULT","GET_RSP_FORMAT_FOR_CREATE","GET_RSP_FORMAT_FOR_REPLACE","GET_RSP_FORMAT_STATUS","GET_RSP_FORMAT_READ","GET_RSP_FORMAT_REFERRING_OBJECTS","GET_RSP_FORMAT_BROKEN_REFERENCES"],"default":"GET_RSP_FORMAT_DEFAULT"},"secret_management_accessGetSpecType":{"type":"object","description":"Get secret_management_access reads a given object from storage backend for metadata.namespace.","title":"Get Secret Management Access Object","x-displayname":"Get Secret Management Access","x-ves-displayorder":"2,3,1","x-ves-proto-message":"ves.io.schema.secret_management_access.GetSpecType","properties":{"access_info":{"$ref":"#/components/schemas/schemaHostAccessInfoType"},"provider_name":{"type":"string","description":" Name given to this secret management backend. site.provider needs to be unique, and will be referenced for using this object\n\nExample: ` \"vault_backend\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.string.max_len: 256\n ves.io.schema.rules.string.min_len: 1\n","minLength":1,"maxLength":256,"x-displayname":"Provider Name","x-ves-example":"vault_backend","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.string.max_len":"256","ves.io.schema.rules.string.min_len":"1"}},"where":{"$ref":"#/components/schemas/schemaNetworkSiteRefSelector"}}},"secret_management_accessListResponse":{"type":"object","description":"This is the output message of 'List' RPC.","title":"ListResponse is the collection of secret_management_access","x-displayname":"List Response","x-ves-proto-message":"ves.io.schema.secret_management_access.ListResponse","properties":{"errors":{"type":"array","description":" Errors(if any) while listing items from collection","title":"errors","items":{"$ref":"#/components/schemas/schemaErrorType"},"x-displayname":"Errors"},"items":{"type":"array","description":" items represents the collection in response","title":"items","items":{"$ref":"#/components/schemas/secret_management_accessListResponseItem"},"x-displayname":"Items"}}},"secret_management_accessListResponseItem":{"type":"object","description":"By default a summary of secret_management_access is returned in 'List'. By setting\n'report_fields' in the ListRequest more details of each item can be got.","title":"ListResponseItem is an individual item in a collection of secret_management_access","x-displayname":"List Item","x-ves-proto-message":"ves.io.schema.secret_management_access.ListResponseItem","properties":{"annotations":{"type":"object","description":" The set of annotations present on this secret_management_access","title":"annotations","x-displayname":"Annotations"},"description":{"type":"string","description":" The description set for this secret_management_access","title":"description","x-displayname":"Description"},"disabled":{"type":"boolean","description":" A value of true indicates secret_management_access is administratively disabled","title":"disabled","format":"boolean","x-displayname":"Disabled"},"get_spec":{"$ref":"#/components/schemas/secret_management_accessGetSpecType"},"labels":{"type":"object","description":" The set of labels present on this secret_management_access","title":"labels","x-displayname":"Labels"},"metadata":{"$ref":"#/components/schemas/schemaObjectGetMetaType"},"name":{"type":"string","description":" The name of this secret_management_access\n\nExample: ` \"name\"`","title":"name","x-displayname":"Name","x-ves-example":"name"},"namespace":{"type":"string","description":" The namespace this item belongs to\n\nExample: ` \"ns1\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"ns1"},"owner_view":{"$ref":"#/components/schemas/schemaViewRefType"},"status_set":{"type":"array","description":" The status reported by different services for this configuration object","title":"status","items":{"$ref":"#/components/schemas/secret_management_accessStatusObject"},"x-displayname":"Status"},"system_metadata":{"$ref":"#/components/schemas/schemaSystemObjectGetMetaType"},"tenant":{"type":"string","description":" The tenant this item belongs to\n\nExample: ` \"acmecorp\"`","title":"tenant","x-displayname":"Tenant","x-ves-example":"acmecorp"},"uid":{"type":"string","description":" The unique uid of this secret_management_access\n\nExample: ` \"d27938ba-967e-40a7-9709-57b8627f9f75\"`","title":"uid","x-displayname":"UID","x-ves-example":"d27938ba-967e-40a7-9709-57b8627f9f75"}}},"secret_management_accessReplaceRequest":{"type":"object","description":"This is the input message of the 'Replace' RPC","title":"ReplaceRequest is used to replace contents of a secret_management_access","x-displayname":"Replace Request","x-ves-proto-message":"ves.io.schema.secret_management_access.ReplaceRequest","properties":{"metadata":{"$ref":"#/components/schemas/schemaObjectReplaceMetaType"},"spec":{"$ref":"#/components/schemas/secret_management_accessReplaceSpecType"}}},"secret_management_accessReplaceResponse":{"type":"object","x-ves-proto-message":"ves.io.schema.secret_management_access.ReplaceResponse"},"secret_management_accessReplaceSpecType":{"type":"object","description":"Replace secret_management_access replaces an existing object in storage backend for metadata.namespace.","title":"Replace Secret Management Access Object","x-displayname":"Replace Secret Management Access","x-ves-displayorder":"2,3,1","x-ves-proto-message":"ves.io.schema.secret_management_access.ReplaceSpecType","properties":{"access_info":{"$ref":"#/components/schemas/schemaHostAccessInfoType"},"provider_name":{"type":"string","description":" Name given to this secret management backend. site.provider needs to be unique, and will be referenced for using this object\n\nExample: ` \"vault_backend\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.string.max_len: 256\n ves.io.schema.rules.string.min_len: 1\n","minLength":1,"maxLength":256,"x-displayname":"Provider Name","x-ves-example":"vault_backend","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.string.max_len":"256","ves.io.schema.rules.string.min_len":"1"}},"where":{"$ref":"#/components/schemas/schemaNetworkSiteRefSelector"}}},"secret_management_accessStatusObject":{"type":"object","description":"Most recently observed status of object","title":"Status for secret managment access","x-displayname":"Status","x-ves-proto-message":"ves.io.schema.secret_management_access.StatusObject","properties":{"conditions":{"type":"array","description":" Conditions","title":"conditions","items":{"$ref":"#/components/schemas/schemaConditionType"},"x-displayname":"Conditions"},"metadata":{"$ref":"#/components/schemas/schemaStatusMetaType"},"object_refs":{"type":"array","description":" Object reference","title":"object_refs","items":{"$ref":"#/components/schemas/schemaObjectRefType"},"x-displayname":"Config Object"}}}}}}

package/dist/docs/specifications/api/docs-cloud-f5-com.0202.public.ves.io.schema.secret_policy.ves-swagger.json ADDED Viewed

@@ -0,0 +1 @@

+ {"openapi":"3.0.0","info":{"title":"F5 Distributed Cloud Services API for ves.io.schema.secret_policy","description":"A Secret Policy defines who gets access to a secret.\nA secret_policy object consists of an unordered list of predicates and a list of secret policy rules.\nThe predicates are evaluated against a set of input fields that are extracted from or derived from client TLS certificate.\nAny predicates that are not specified in a policy are implicitly considered to be true.\nThe rules in the policy are also evaluated against the input fields.\nThey are treated as an ordered or unordered list depending on the value of the rule combining algorithm.\nA policy is considered a match if all predicates in the policy evaluate to true and the one of the rules in the policy is also matched.\n\nIf the configured rule combining algorithm is FIRST_MATCH, the rules in the policy are evaluated sequentially till a matching rule is identified.\nIf the rule combining algorithm is ALLOW_OVERRIDES all rules with an ALLOW action are evaluated prior to rules with a DENY action.\nIf it is DENY_OVERRIDES, all rules with a DENY action are evaluated prior to rules with a ALLOW action.","version":""},"paths":{"/api/secret_management/namespaces/{metadata.namespace}/secret_policys":{"post":{"summary":"Create Secret Policy","description":"Create secret_policy creates a new object in the storage backend for metadata.namespace.","operationId":"ves.io.schema.secret_policy.API.Create","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/secret_policyCreateResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"metadata.namespace","description":"namespace\n\nx-example: \"staging\"\nThis defines the workspace within which each the configuration object is to be created.\nMust be a DNS_LABEL format. For a namespace object itself, namespace value will be \"\"","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/secret_policyCreateRequest"}}},"required":true},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-secret_policy-api-create"},"x-ves-proto-rpc":"ves.io.schema.secret_policy.API.Create"},"x-displayname":"Secret Policy","x-ves-proto-service":"ves.io.schema.secret_policy.API","x-ves-proto-service-type":"AUTO_CRUD_PUBLIC"},"/api/secret_management/namespaces/{metadata.namespace}/secret_policys/{metadata.name}":{"put":{"summary":"Replace Secret Policy","description":"Replace secret_policy replaces an existing object in the storage backend for metadata.namespace.","operationId":"ves.io.schema.secret_policy.API.Replace","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/secret_policyReplaceResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"metadata.namespace","description":"namespace\n\nx-example: \"staging\"\nThis defines the workspace within which each the configuration object is to be created.\nMust be a DNS_LABEL format. For a namespace object itself, namespace value will be \"\"","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"metadata.name","description":"name\n\nx-example: \"acmecorp-web\"\nThe configuration object to be replaced will be looked up by name","in":"path","required":true,"x-displayname":"Name","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/secret_policyReplaceRequest"}}},"required":true},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-secret_policy-api-replace"},"x-ves-proto-rpc":"ves.io.schema.secret_policy.API.Replace"},"x-displayname":"Secret Policy","x-ves-proto-service":"ves.io.schema.secret_policy.API","x-ves-proto-service-type":"AUTO_CRUD_PUBLIC"},"/api/secret_management/namespaces/{namespace}/secret_policy/list_policy/{policy_state}":{"get":{"summary":"List secret policy","operationId":"ves.io.schema.secret_policy.CustomAPI.ListPolicy","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/secret_policyListPolicyResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"namespace\n\nx-required\nx-example: \"system\"\nNamespace of the secret policy","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"policy_state","description":"policy_state\n\nx-required\nx-example: \"all\"\nstate of the policy to filter in results","in":"path","required":true,"x-displayname":"policy_state","schema":{"type":"string"}}],"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-secret_policy-customapi-listpolicy"},"x-ves-proto-rpc":"ves.io.schema.secret_policy.CustomAPI.ListPolicy"},"x-displayname":"Secret Policy","x-ves-proto-service":"ves.io.schema.secret_policy.CustomAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/secret_management/namespaces/{namespace}/secret_policy/{name}/recover":{"post":{"summary":"Recover secret policy with given policy name","operationId":"ves.io.schema.secret_policy.CustomAPI.RecoverPolicy","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/secret_policyRecoverResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"namespace\n\nx-required\nx-example: \"system\"\nNamespace of the secret policy","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"name","description":"name\n\nx-required\nx-example: \"site-secret-policy\"\nName of the secret policy","in":"path","required":true,"x-displayname":"Name","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/secret_policyRecoverRequest"}}},"required":true},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-secret_policy-customapi-recoverpolicy"},"x-ves-proto-rpc":"ves.io.schema.secret_policy.CustomAPI.RecoverPolicy"},"x-displayname":"Secret Policy","x-ves-proto-service":"ves.io.schema.secret_policy.CustomAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/secret_management/namespaces/{namespace}/secret_policy/{name}/softdelete":{"post":{"summary":"Delete secret policy with given policy name","operationId":"ves.io.schema.secret_policy.CustomAPI.DeletePolicy","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/secret_policySoftDeleteResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"namespace\n\nx-required\nx-example: \"system\"\nNamespace of the secret policy","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"name","description":"name\n\nx-required\nx-example: \"site-secret-policy\"\nName of the secret policy","in":"path","required":true,"x-displayname":"Name","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/secret_policySoftDeleteRequest"}}},"required":true},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-secret_policy-customapi-deletepolicy"},"x-ves-proto-rpc":"ves.io.schema.secret_policy.CustomAPI.DeletePolicy"},"x-displayname":"Secret Policy","x-ves-proto-service":"ves.io.schema.secret_policy.CustomAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/secret_management/namespaces/{namespace}/secret_policys":{"get":{"summary":"List Secret Policy","description":"List the set of secret_policy in a namespace","operationId":"ves.io.schema.secret_policy.API.List","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/secret_policyListResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"namespace\n\nx-example: \"ns1\"\nNamespace to scope the listing of secret_policy","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"label_filter","description":"x-example: \"env in (staging, testing), tier in (web, db)\"\nA LabelSelectorType expression that every item in list response will satisfy","in":"query","required":false,"x-displayname":"Label Filter","schema":{"type":"string"}},{"name":"report_fields","description":"x-example: \"\"\nExtra fields to return along with summary fields","in":"query","required":false,"x-displayname":"Report Fields","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"name":"report_status_fields","description":"x-example: \"\"\nExtra status fields to return along with summary fields","in":"query","required":false,"x-displayname":"Report Status Fields","explode":true,"schema":{"type":"array","items":{"type":"string"}}}],"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-secret_policy-api-list"},"x-ves-proto-rpc":"ves.io.schema.secret_policy.API.List"},"x-displayname":"Secret Policy","x-ves-proto-service":"ves.io.schema.secret_policy.API","x-ves-proto-service-type":"AUTO_CRUD_PUBLIC"},"/api/secret_management/namespaces/{namespace}/secret_policys/{name}":{"get":{"summary":"Get Secret Policy","description":"Get secret_policy reads a given object from storage backend for metadata.namespace.","operationId":"ves.io.schema.secret_policy.API.Get","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/secret_policyGetResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"namespace\n\nx-example: \"ns1\"\nThe namespace in which the configuration object is present","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"name","description":"name\n\nx-example: \"name\"\nThe name of the configuration object to be fetched","in":"path","required":true,"x-displayname":"Name","schema":{"type":"string"}},{"name":"response_format","description":"The format in which the configuration object is to be fetched. This could be for example\n - in GetSpec form for the contents of object\n - in CreateRequest form to create a new similar object\n - to ReplaceRequest form to replace changeable values\n\nDefault format of returned resource\nResponse should be in CreateRequest format\nResponse should be in ReplaceRequest format\nResponse should be in StatusObject(s) format\nResponse should be in format of GetSpecType\nResponse should have other objects referring to this object\nResponse should have deleted and disabled objects referrred by this object","in":"query","required":false,"x-displayname":"Broken Referred Objects","schema":{"type":"string","enum":["GET_RSP_FORMAT_DEFAULT","GET_RSP_FORMAT_FOR_CREATE","GET_RSP_FORMAT_FOR_REPLACE","GET_RSP_FORMAT_STATUS","GET_RSP_FORMAT_READ","GET_RSP_FORMAT_REFERRING_OBJECTS","GET_RSP_FORMAT_BROKEN_REFERENCES"],"default":"GET_RSP_FORMAT_DEFAULT"}}],"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-secret_policy-api-get"},"x-ves-proto-rpc":"ves.io.schema.secret_policy.API.Get"},"delete":{"summary":"Delete Secret Policy","description":"Delete the specified secret_policy","operationId":"ves.io.schema.secret_policy.API.Delete","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"namespace\n\nx-example: \"ns1\"\nNamespace in which the configuration object is present","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"name","description":"name\n\nx-example: \"name\"\nName of the configuration object","in":"path","required":true,"x-displayname":"Name","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/secret_policyDeleteRequest"}}},"required":true},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-secret_policy-api-delete"},"x-ves-proto-rpc":"ves.io.schema.secret_policy.API.Delete"},"x-displayname":"Secret Policy","x-ves-proto-service":"ves.io.schema.secret_policy.API","x-ves-proto-service-type":"AUTO_CRUD_PUBLIC"}},"x-displayname":"Secret Policy","x-ves-proto-package":"ves.io.schema.secret_policy","components":{"schemas":{"ioschemaObjectRefType":{"type":"object","description":"This type establishes a 'direct reference' from one object(the referrer) to another(the referred).\nSuch a reference is in form of tenant/namespace/name for public API and Uid for private API\nThis type of reference is called direct because the relation is explicit and concrete (as opposed\nto selector reference which builds a group based on labels of selectee objects)","title":"ObjectRefType","x-displayname":"Object reference","x-ves-proto-message":"ves.io.schema.ObjectRefType","properties":{"kind":{"type":"string","description":" When a configuration object(e.g. virtual_host) refers to another(e.g route)\n then kind will hold the referred object's kind (e.g. \"route\")\n\nExample: ` \"virtual_site\"`","title":"kind","x-displayname":"Kind","x-ves-example":"virtual_site"},"name":{"type":"string","description":" When a configuration object(e.g. virtual_host) refers to another(e.g route)\n then name will hold the referred object's(e.g. route's) name.\n\nExample: ` \"contactus-route\"`","title":"name","x-displayname":"Name","x-ves-example":"contactus-route"},"namespace":{"type":"string","description":" When a configuration object(e.g. virtual_host) refers to another(e.g route)\n then namespace will hold the referred object's(e.g. route's) namespace.\n\nExample: ` \"ns1\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"ns1"},"tenant":{"type":"string","description":" When a configuration object(e.g. virtual_host) refers to another(e.g route)\n then tenant will hold the referred object's(e.g. route's) tenant.\n\nExample: ` \"acmecorp\"`","title":"tenant","x-displayname":"Tenant","x-ves-example":"acmecorp"},"uid":{"type":"string","description":" When a configuration object(e.g. virtual_host) refers to another(e.g route)\n then uid will hold the referred object's(e.g. route's) uid.\n\nExample: ` \"d15f1fad-4d37-48c0-8706-df1824d76d31\"`","title":"uid","x-displayname":"UID","x-ves-example":"d15f1fad-4d37-48c0-8706-df1824d76d31"}}},"policyMatcherType":{"type":"object","description":"A matcher specifies multiple criteria for matching an input string. The match is considered successful if any of the criteria are satisfied. The set\nof supported match criteria includes a list of exact values and a list of regular expressions.","title":"MatcherType","x-displayname":"Matcher","x-ves-proto-message":"ves.io.schema.policy.MatcherType","properties":{"exact_values":{"type":"array","description":" A list of exact values to match the input against.\n\nExample: ` \"['new york', 'london', 'sydney', 'tokyo', 'cairo']\"`\n\nValidation Rules:\n ves.io.schema.rules.repeated.items.string.max_bytes: 256\n ves.io.schema.rules.repeated.items.string.not_empty: true\n ves.io.schema.rules.repeated.max_items: 64\n ves.io.schema.rules.repeated.unique: true\n","title":"exact values","maxItems":64,"items":{"type":"string","maxLength":256},"x-displayname":"Exact Values","x-ves-example":"['new york', 'london', 'sydney', 'tokyo', 'cairo']","x-ves-validation-rules":{"ves.io.schema.rules.repeated.items.string.max_bytes":"256","ves.io.schema.rules.repeated.items.string.not_empty":"true","ves.io.schema.rules.repeated.max_items":"64","ves.io.schema.rules.repeated.unique":"true"}},"regex_values":{"type":"array","description":" A list of regular expressions to match the input against.\n\nExample: ` \"['^new .*$', 'san f.*', '.* del .*']\"`\n\nValidation Rules:\n ves.io.schema.rules.repeated.items.string.max_bytes: 256\n ves.io.schema.rules.repeated.items.string.not_empty: true\n ves.io.schema.rules.repeated.items.string.regex: true\n ves.io.schema.rules.repeated.max_items: 16\n ves.io.schema.rules.repeated.unique: true\n","title":"regex values","maxItems":16,"items":{"type":"string","maxLength":256},"x-displayname":"Regex Values","x-ves-example":"['^new .*$', 'san f.*', '.* del .*']","x-ves-validation-rules":{"ves.io.schema.rules.repeated.items.string.max_bytes":"256","ves.io.schema.rules.repeated.items.string.not_empty":"true","ves.io.schema.rules.repeated.items.string.regex":"true","ves.io.schema.rules.repeated.max_items":"16","ves.io.schema.rules.repeated.unique":"true"}},"transformers":{"type":"array","description":" An ordered list of transformers (starting from index 0) to be applied to the path before matching.\n\nExample: ` \"[BASE64_DECODE, LOWER_CASE]`\n\nValidation Rules:\n ves.io.schema.rules.repeated.max_items: 9\n ves.io.schema.rules.repeated.unique: true\n","title":"transformers","maxItems":9,"items":{"$ref":"#/components/schemas/policyTransformer"},"x-displayname":"Transformers","x-ves-validation-rules":{"ves.io.schema.rules.repeated.max_items":"9","ves.io.schema.rules.repeated.unique":"true"}}}},"policyRuleAction":{"type":"string","description":"The rule action determines the disposition of the input request API. If a policy matches a rule with an ALLOW action, the processing of the request proceeds\nforward. If it matches a rule with a DENY action, the processing of the request is terminated and an appropriate message/code returned to the originator. If\nit matches a rule with a NEXT_POLICY_SET action, evaluation of the current policy set terminates and evaluation of the next policy set in the chain begins.\n\n - DENY: DENY\n\nDeny the request.\n - ALLOW: ALLOW\n\nAllow the request to proceed.\n - NEXT_POLICY_SET: NEXT_POLICY_SET\n\nTerminate evaluation of the current policy set and begin evaluating the next policy set in the chain. Note that the evaluation of any remaining policies\nin the current policy set is skipped.\n - NEXT_POLICY: NEXT_POLICY\n\nTerminate evaluation of the current policy and begin evaluating the next policy in the policy set. Note that the evaluation of any remaining rules in the\ncurrent policy is skipped.\n - LAST_POLICY: LAST_POLICY\n\nTerminate evaluation of the current policy and begin evaluating the last policy in the policy set. Note that the evaluation of any remaining rules in the\ncurrent policy is skipped.\n - GOTO_POLICY: GOTO_POLICY\n\nTerminate evaluation of the current policy and begin evaluating a specific policy in the policy set. The policy is specified using the goto_policy field in\nthe rule and must be after the current policy in the policy set.","title":"Rule Action","enum":["DENY","ALLOW","NEXT_POLICY"],"default":"DENY","x-displayname":"Rule Action","x-ves-proto-enum":"ves.io.schema.policy.RuleAction"},"policyRuleCombiningAlgorithm":{"type":"string","description":"x-displayName: \"Rule Combining Algorithm\"\nThe rule combining algorithm for a policy determines how the list of rules in the policy is evaluated.\nIf any of the rules is configured with a App Firewall action, the rule combining algorithm must be configured to be FIRST_MATCH.\n\n- FIRST_MATCH Rules are evaluated sequentially till a matching rule is identified\n- ALLOW_OVERRIDES Rules with an ALLOW action are evaluated prior to rules with a DENY action\n- DENY_OVERRIDES Rules with a DENY action are evaluated prior to rules with an ALLOW action\n\n - FIRST_MATCH: First Match\n\nx-displayName: \"First Rule Match\"\nRules are evaluated sequentially till a matching rule is identified\n - DENY_OVERRIDES: Deny Overrides\n\nx-displayName: \"Deny Rule Overrides\"\nRules with a DENY action are evaluated prior to rules with an ALLOW action\n - ALLOW_OVERRIDES: Allow Overrides\n\nx-displayName: \"Allow Rule Overrides\"\nRules with an ALLOW action are evaluated prior to rules with a DENY action","title":"RuleCombiningAlgorithm","enum":["FIRST_MATCH","DENY_OVERRIDES","ALLOW_OVERRIDES"],"default":"FIRST_MATCH"},"policyTransformer":{"type":"string","description":"Transformers to be applied on the part of the request before matching.\n\n - TRANSFORMER_NONE: transformer none\n\nNo transformers enabled\n - LOWER_CASE: lower case\n\nConvert string to lower case\n - UPPER_CASE: upper case\n\nConvert string to upper case\n - BASE64_DECODE: base64 decode\n\nDecode string assuming base64 encoding\n - NORMALIZE_PATH: normalize path\n\nNormalize URL path so that /a/b/../c will be transformed to /a/c\n - REMOVE_WHITESPACE: remove whitespace\n\nRemove whitespaces\n - URL_DECODE: URL decode\n\nDecode string assuming URL encoding as per rfc1738\n - TRIM_LEFT: trim left\n\nRemove whitespace from the left side of the input string\n - TRIM_RIGHT: trim right\n\nRemove whitespace from the right side of the input string\n - TRIM: trim\n\nRemove whitespace from the both sides of the input string","title":"Transformer","enum":["LOWER_CASE","UPPER_CASE","BASE64_DECODE","NORMALIZE_PATH","REMOVE_WHITESPACE","URL_DECODE","TRIM_LEFT","TRIM_RIGHT","TRIM"],"default":"TRANSFORMER_NONE","x-displayname":"Transformer","x-ves-proto-enum":"ves.io.schema.policy.Transformer"},"protobufAny":{"type":"object","description":"`Any` contains an arbitrary serialized protocol buffer message along with a\nURL that describes the type of the serialized message.\n\nProtobuf library provides support to pack/unpack Any values in the form\nof utility functions or additional generated methods of the Any type.\n\nExample 1: Pack and unpack a message in C++.\n\n Foo foo = ...;\n Any any;\n any.PackFrom(foo);\n ...\n if (any.UnpackTo(&foo)) {\n ...\n }\n\nExample 2: Pack and unpack a message in Java.\n\n Foo foo = ...;\n Any any = Any.pack(foo);\n ...\n if (any.is(Foo.class)) {\n foo = any.unpack(Foo.class);\n }\n\n Example 3: Pack and unpack a message in Python.\n\n foo = Foo(...)\n any = Any()\n any.Pack(foo)\n ...\n if any.Is(Foo.DESCRIPTOR):\n any.Unpack(foo)\n ...\n\n Example 4: Pack and unpack a message in Go\n\n foo := &pb.Foo{...}\n any, err := ptypes.MarshalAny(foo)\n ...\n foo := &pb.Foo{}\n if err := ptypes.UnmarshalAny(any, foo); err != nil {\n ...\n }\n\nThe pack methods provided by protobuf library will by default use\n'type.googleapis.com/full.type.name' as the type URL and the unpack\nmethods only use the fully qualified type name after the last '/'\nin the type URL, for example \"foo.bar.com/x/y.z\" will yield type\nname \"y.z\".\n\n\nJSON\n====\nThe JSON representation of an `Any` value uses the regular\nrepresentation of the deserialized, embedded message, with an\nadditional field `@type` which contains the type URL. Example:\n\n package google.profile;\n message Person {\n string first_name = 1;\n string last_name = 2;\n }\n\n {\n \"@type\": \"type.googleapis.com/google.profile.Person\",\n \"firstName\": <string>,\n \"lastName\": <string>\n }\n\nIf the embedded message type is well-known and has a custom JSON\nrepresentation, that representation will be embedded adding a field\n`value` which holds the custom JSON in addition to the `@type`\nfield. Example (for message [google.protobuf.Duration][]):\n\n {\n \"@type\": \"type.googleapis.com/google.protobuf.Duration\",\n \"value\": \"1.212s\"\n }","properties":{"type_url":{"type":"string","description":"A URL/resource name that uniquely identifies the type of the serialized\nprotocol buffer message. This string must contain at least\none \"/\" character. The last segment of the URL's path must represent\nthe fully qualified name of the type (as in\n`path/google.protobuf.Duration`). The name should be in a canonical form\n(e.g., leading \".\" is not accepted).\n\nIn practice, teams usually precompile into the binary all types that they\nexpect it to use in the context of Any. However, for URLs which use the\nscheme `http`, `https`, or no scheme, one can optionally set up a type\nserver that maps type URLs to message definitions as follows:\n\n* If no scheme is provided, `https` is assumed.\n* An HTTP GET on the URL must yield a [google.protobuf.Type][]\n value in binary format, or produce an error.\n* Applications are allowed to cache lookup results based on the\n URL, or have them precompiled into a binary to avoid any\n lookup. Therefore, binary compatibility needs to be preserved\n on changes to types. (Use versioned type names to manage\n breaking changes.)\n\nNote: this functionality is not currently available in the official\nprotobuf release, and it is not used for type URLs beginning with\ntype.googleapis.com.\n\nSchemes other than `http`, `https` (or the empty scheme) might be\nused with implementation specific semantics."},"value":{"type":"string","description":"Must be a valid serialized protocol buffer of the above specified type.","format":"byte"}}},"schemaConditionType":{"type":"object","description":"Conditions are used in the object status to describe the current state of the\nobject, e.g. Ready, Succeeded, etc.","title":"ConditionType","x-displayname":"Status Condition","x-ves-proto-message":"ves.io.schema.ConditionType","properties":{"hostname":{"type":"string","description":" Hostname of the instance of the site that sent the status","title":"hostname","x-displayname":"Hostname"},"last_update_time":{"type":"string","description":" Last time the condition was updated","title":"last_update_time","format":"date-time","x-displayname":"Last Updated"},"reason":{"type":"string","description":" x-reason: \"Insufficient memory in data plane\"\n A human readable string explaining the reason for reaching this condition\n\nExample: ` \"value\"`","title":"reason","x-displayname":"Reason","x-ves-example":"value"},"service_name":{"type":"string","description":" Name of the service that sent the status","title":"service name","x-displayname":"Service Name"},"status":{"type":"string","description":" Status of the condition\n \"Success\" Validtion has succeded. Requested operation was successful.\n \"Failed\" Validation has failed.\n \"Incomplete\" Validation of configuration has failed due to missing configuration.\n \"Installed\" Validation has passed and configuration has been installed in data path or K8s\n \"Down\" Configuration is operationally down. e.g. down interface\n \"Disabled\" Configuration is administratively disabled i.e. ObjectMetaType.Disable = true.\n \"NotApplicable\" Configuration is not applicable e.g. tenant service_policy_set(s) in system namespace are not applicable on REs\n\nExample: ` \"Failed\"`\n\nValidation Rules:\n ves.io.schema.rules.string.in: [\\\"Success\\\",\\\"Failed\\\",\\\"Incomplete\\\",\\\"Installed\\\",\\\"Down\\\",\\\"Disabled\\\",\\\"NotApplicable\\\"]\n","title":"status","x-displayname":"Status","x-ves-example":"Failed","x-ves-validation-rules":{"ves.io.schema.rules.string.in":"[\\\"Success\\\",\\\"Failed\\\",\\\"Incomplete\\\",\\\"Installed\\\",\\\"Down\\\",\\\"Disabled\\\",\\\"NotApplicable\\\"]"}},"type":{"type":"string","description":" Type of the condition\n \"Validation\" represents validation user given configuration object\n \"Operational\" represents operational status of a given configuration object\n\nExample: ` \"Operational\"`\n\nValidation Rules:\n ves.io.schema.rules.string.in: [\\\"Validation\\\",\\\"Operational\\\"]\n","title":"type","x-displayname":"Type","x-ves-example":"Operational","x-ves-validation-rules":{"ves.io.schema.rules.string.in":"[\\\"Validation\\\",\\\"Operational\\\"]"}}}},"schemaErrorCode":{"type":"string","description":"Union of all possible error-codes from system\n\n - EOK: No error\n - EPERMS: Permissions error\n - EBADINPUT: Input is not correct\n - ENOTFOUND: Not found\n - EEXISTS: Already exists\n - EUNKNOWN: Unknown/catchall error\n - ESERIALIZE: Error in serializing/de-serializing\n - EINTERNAL: Server error\n - EPARTIAL: Partial error","title":"ErrorCode","enum":["EOK","EPERMS","EBADINPUT","ENOTFOUND","EEXISTS","EUNKNOWN","ESERIALIZE","EINTERNAL","EPARTIAL"],"default":"EOK","x-displayname":"Error Code","x-ves-proto-enum":"ves.io.schema.ErrorCode"},"schemaErrorType":{"type":"object","description":"Information about a error in API operation","title":"ErrorType","x-displayname":"Error Type","x-ves-proto-message":"ves.io.schema.ErrorType","properties":{"code":{"$ref":"#/components/schemas/schemaErrorCode"},"error_obj":{"$ref":"#/components/schemas/protobufAny"},"message":{"type":"string","description":" A human readable string of the error\n\nExample: ` \"value\"`","title":"message","x-displayname":"Message","x-ves-example":"value"}}},"schemaInitializerType":{"type":"object","description":"Initializer is information about an initializer that has not yet completed.","title":"InitializerType","x-displayname":"Initializer","x-ves-proto-message":"ves.io.schema.InitializerType","properties":{"name":{"type":"string","description":" name of the service that is responsible for initializing this object.","title":"name","x-displayname":"Name"}}},"schemaInitializersType":{"type":"object","description":"Initializers tracks the progress of initialization of a configuration object","title":"InitializersType","x-displayname":"Initializers","x-ves-proto-message":"ves.io.schema.InitializersType","properties":{"pending":{"type":"array","description":" Pending is a list of initializers that must execute in order before this object is initialized.\n When the last pending initializer is removed, and no failing result is set, the initializers\n struct will be set to nil and the object is considered as initialized and visible to all\n clients.","title":"pending","items":{"$ref":"#/components/schemas/schemaInitializerType"},"x-displayname":"Pending"},"result":{"$ref":"#/components/schemas/schemaStatusType"}}},"schemaLabelMatcherType":{"type":"object","description":"x-displayName: \"Label Matcher\"\nA label matcher specifies a list of label keys whose values need to match for\nsource/client and destination/server. Note that the actual label values are not\nspecified and do not matter. This allows an ability to scope grouping by the\nlabel key name.","title":"LabelMatcherType","properties":{"keys":{"type":"array","description":"x-displayName: \"Keys\"\nx-example: \"['environment', 'location', 'deployment']\"\nThe list of label key names that have to match","title":"keys","items":{"type":"string"}}}},"schemaLabelSelectorType":{"type":"object","description":"This type can be used to establish a 'selector reference' from one object(called selector) to\na set of other objects(called selectees) based on the value of expresssions.\nA label selector is a label query over a set of resources. An empty label selector matches all objects.\nA null label selector matches no objects. Label selector is immutable.\nexpressions is a list of strings of label selection expression.\nEach string has \",\" separated values which are \"AND\" and all strings are logically \"OR\".\nBNF for expression string\n<selector-syntax> ::= <requirement> | <requirement> \",\" <selector-syntax>\n<requirement> ::= [!] KEY [ <set-based-restriction> | <exact-match-restriction> ]\n<set-based-restriction> ::= \"\" | <inclusion-exclusion> <value-set>\n<inclusion-exclusion> ::= <inclusion> | <exclusion>\n<exclusion> ::= \"notin\"\n<inclusion> ::= \"in\"\n<value-set> ::= \"(\" <values> \")\"\n<values> ::= VALUE | VALUE \",\" <values>\n<exact-match-restriction> ::= [\"=\"|\"==\"|\"!=\"] VALUE","title":"LabelSelectorType","x-displayname":"Label Selector","x-ves-proto-message":"ves.io.schema.LabelSelectorType","properties":{"expressions":{"type":"array","description":" expressions contains the kubernetes style label expression for selections.\n\nExample: ` \"region in (us-west1, us-west2),tier in (staging)\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.repeated.items.string.k8s_label_selector: true\n ves.io.schema.rules.repeated.items.string.max_len: 4096\n ves.io.schema.rules.repeated.items.string.min_len: 1\n ves.io.schema.rules.repeated.max_items: 1\n","title":"expressions","maxItems":1,"items":{"type":"string","minLength":1,"maxLength":4096},"x-displayname":"Selector Expression","x-ves-example":"region in (us-west1, us-west2),tier in (staging)","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.repeated.items.string.k8s_label_selector":"true","ves.io.schema.rules.repeated.items.string.max_len":"4096","ves.io.schema.rules.repeated.items.string.min_len":"1","ves.io.schema.rules.repeated.max_items":"1"}}}},"schemaMessageMetaType":{"type":"object","description":"MessageMetaType is metadata (common attributes) of a message that only certain messages\nhave. This information is propagated to the metadata of a child object that gets created\nfrom the containing message during view processing.\nThe information in this type can be specified by user during create and replace APIs.","title":"MessageMetaType","x-displayname":"Message Metadata","x-ves-proto-message":"ves.io.schema.MessageMetaType","properties":{"description":{"type":"string","description":" Human readable description.\n\nExample: ` \"Virtual Host for acmecorp website\"`\n\nValidation Rules:\n ves.io.schema.rules.string.max_len: 256\n","title":"description","maxLength":256,"x-displayname":"Description","x-ves-example":"Virtual Host for acmecorp website","x-ves-validation-rules":{"ves.io.schema.rules.string.max_len":"256"}},"name":{"type":"string","description":" This is the name of the message.\n The value of name has to follow DNS-1035 format.\n\nExample: ` \"acmecorp-web\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.string.min_len: 1\n ves.io.schema.rules.string.ves_object_name: true\n","title":"name","minLength":1,"x-displayname":"Name","x-ves-example":"acmecorp-web","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.string.min_len":"1","ves.io.schema.rules.string.ves_object_name":"true"}}}},"schemaObjectCreateMetaType":{"type":"object","description":"ObjectCreateMetaType is metadata that can be specified in Create request of an object.","title":"ObjectCreateMetaType","x-displayname":"Create Metadata","x-ves-proto-message":"ves.io.schema.ObjectCreateMetaType","properties":{"annotations":{"type":"object","description":" Annotations is an unstructured key value map stored with a resource that may be\n set by external tools to store and retrieve arbitrary metadata. They are not\n queryable and should be preserved when modifying objects.\n\nExample: ` \"value\"`\n\nValidation Rules:\n ves.io.schema.rules.map.keys.string.max_len: 64\n ves.io.schema.rules.map.keys.string.min_len: 1\n ves.io.schema.rules.map.values.string.max_len: 1024\n ves.io.schema.rules.map.values.string.min_len: 1\n","title":"annotations","x-displayname":"Annotation","x-ves-validation-rules":{"ves.io.schema.rules.map.keys.string.max_len":"64","ves.io.schema.rules.map.keys.string.min_len":"1","ves.io.schema.rules.map.values.string.max_len":"1024","ves.io.schema.rules.map.values.string.min_len":"1"}},"description":{"type":"string","description":" Human readable description for the object\n\nExample: ` \"Virtual Host for acmecorp website\"`\n\nValidation Rules:\n ves.io.schema.rules.string.max_bytes: 1200\n","title":"description","maxLength":1200,"x-displayname":"Description","x-ves-example":"Virtual Host for acmecorp website","x-ves-validation-rules":{"ves.io.schema.rules.string.max_bytes":"1200"}},"disable":{"type":"boolean","description":" A value of true will administratively disable the object\n\nExample: ` \"true\"`","title":"disable","format":"boolean","x-displayname":"Disable"},"labels":{"type":"object","description":" Map of string keys and values that can be used to organize and categorize\n (scope and select) objects as chosen by the user. Values specified here will be used\n by selector expression\n\nExample: ` \"value\"`","title":"labels","x-displayname":"Labels"},"name":{"type":"string","description":" This is the name of configuration object. It has to be unique within the namespace.\n It can only be specified during create API and cannot be changed during replace API.\n The value of name has to follow DNS-1035 format.\n\nExample: ` \"acmecorp-web\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n","title":"name","x-displayname":"Name","x-ves-example":"acmecorp-web","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true"}},"namespace":{"type":"string","description":" This defines the workspace within which each the configuration object is to be created.\n Must be a DNS_LABEL format. For a namespace object itself, namespace value will be \"\"\n\nExample: ` \"staging\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"staging"}}},"schemaObjectGetMetaType":{"type":"object","description":"ObjectGetMetaType is metadata that can be specified in Get/Create response of an object.","title":"ObjectGetMetaType","x-displayname":"Get Metadata","x-ves-proto-message":"ves.io.schema.ObjectGetMetaType","properties":{"annotations":{"type":"object","description":" Annotations is an unstructured key value map stored with a resource that may be\n set by external tools to store and retrieve arbitrary metadata. They are not\n queryable and should be preserved when modifying objects.\n\nExample: ` \"value\"`\n\nValidation Rules:\n ves.io.schema.rules.map.keys.string.max_len: 64\n ves.io.schema.rules.map.keys.string.min_len: 1\n ves.io.schema.rules.map.values.string.max_len: 1024\n ves.io.schema.rules.map.values.string.min_len: 1\n","title":"annotations","x-displayname":"Annotation","x-ves-example":"value","x-ves-validation-rules":{"ves.io.schema.rules.map.keys.string.max_len":"64","ves.io.schema.rules.map.keys.string.min_len":"1","ves.io.schema.rules.map.values.string.max_len":"1024","ves.io.schema.rules.map.values.string.min_len":"1"}},"description":{"type":"string","description":" Human readable description for the object\n\nExample: ` \"Virtual Host for acmecorp website\"`\n\nValidation Rules:\n ves.io.schema.rules.string.max_bytes: 1200\n","title":"description","maxLength":1200,"x-displayname":"Description","x-ves-example":"Virtual Host for acmecorp website","x-ves-validation-rules":{"ves.io.schema.rules.string.max_bytes":"1200"}},"disable":{"type":"boolean","description":" A value of true will administratively disable the object\n\nExample: ` \"true\"`","title":"disable","format":"boolean","x-displayname":"Disable","x-ves-example":"true"},"labels":{"type":"object","description":" Map of string keys and values that can be used to organize and categorize\n (scope and select) objects as chosen by the user. Values specified here will be used\n by selector expression\n\nExample: ` \"value\"`","title":"labels","x-displayname":"Labels","x-ves-example":"value"},"name":{"type":"string","description":" This is the name of configuration object. It has to be unique within the namespace.\n It can only be specified during create API and cannot be changed during replace API.\n The value of name has to follow DNS-1035 format.\n\nExample: ` \"acmecorp-web\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n","title":"name","x-displayname":"Name","x-ves-example":"acmecorp-web","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true"}},"namespace":{"type":"string","description":" This defines the workspace within which each the configuration object is to be created.\n Must be a DNS_LABEL format. For a namespace object itself, namespace value will be \"\"\n\nExample: ` \"staging\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"staging"}}},"schemaObjectReplaceMetaType":{"type":"object","description":"ObjectReplaceMetaType is metadata that can be specified in Replace request of an object.","title":"ObjectReplaceMetaType","x-displayname":"Replace Metadata","x-ves-proto-message":"ves.io.schema.ObjectReplaceMetaType","properties":{"annotations":{"type":"object","description":" Annotations is an unstructured key value map stored with a resource that may be\n set by external tools to store and retrieve arbitrary metadata. They are not\n queryable and should be preserved when modifying objects.\n\nExample: ` \"value\"`\n\nValidation Rules:\n ves.io.schema.rules.map.keys.string.max_len: 64\n ves.io.schema.rules.map.keys.string.min_len: 1\n ves.io.schema.rules.map.values.string.max_len: 1024\n ves.io.schema.rules.map.values.string.min_len: 1\n","title":"annotations","x-displayname":"Annotations","x-ves-example":"value","x-ves-validation-rules":{"ves.io.schema.rules.map.keys.string.max_len":"64","ves.io.schema.rules.map.keys.string.min_len":"1","ves.io.schema.rules.map.values.string.max_len":"1024","ves.io.schema.rules.map.values.string.min_len":"1"}},"description":{"type":"string","description":" Human readable description for the object\n\nExample: ` \"Virtual Host for acmecorp website\"`\n\nValidation Rules:\n ves.io.schema.rules.string.max_bytes: 1200\n","title":"description","maxLength":1200,"x-displayname":"Description","x-ves-example":"Virtual Host for acmecorp website","x-ves-validation-rules":{"ves.io.schema.rules.string.max_bytes":"1200"}},"disable":{"type":"boolean","description":" A value of true will administratively disable the object\n\nExample: ` \"true\"`","title":"disable","format":"boolean","x-displayname":"Disable"},"labels":{"type":"object","description":" Map of string keys and values that can be used to organize and categorize\n (scope and select) objects as chosen by the user. Values specified here will be used\n by selector expression\n\nExample: ` \"value\"`","title":"labels","x-displayname":"Labels","x-ves-example":"value"},"name":{"type":"string","description":" This is the name of configuration object. It has to be unique within the namespace.\n It can only be specified during create API and cannot be changed during replace API.\n The value of name has to follow DNS-1035 format.\n\nExample: ` \"acmecorp-web\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n","title":"name","x-displayname":"Name","x-ves-example":"acmecorp-web","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true"}},"namespace":{"type":"string","description":" This defines the workspace within which each the configuration object is to be created.\n Must be a DNS_LABEL format. For a namespace object itself, namespace value will be \"\"\n\nExample: ` \"staging\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"staging"}}},"schemaStatusMetaType":{"type":"object","description":"StatusMetaType is metadata that all status must have.","title":"StatusMetaType","x-displayname":"Metadata","x-ves-proto-message":"ves.io.schema.StatusMetaType","properties":{"creation_timestamp":{"type":"string","description":" creation_timestamp is when the status object was created. It is used to find/tie-break\n for latest status object from same origin","title":"creation_timestamp","format":"date-time","x-displayname":"Creation Timestamp"},"creator_class":{"type":"string","description":" Class of creator which created this StatusObject. This will be service's DNS FQDN.\n This will be set by the system based on client certificate information.\n\nExample: ` \"ver.re1.int.ves.io\"`","title":"creator_class","x-displayname":"Creator Class","x-ves-example":"ver.re1.int.ves.io"},"creator_id":{"type":"string","description":" ID of creator which created this StatusObject. This will be a concrete identifier for service (e.g.\n identifying the environment also). This will be set by the system based on client certificate\n information\n\nExample: ` \"ver-instance-1\"`","title":"creator_id","x-displayname":"Creator ID","x-ves-example":"ver-instance-1"},"publish":{"$ref":"#/components/schemas/schemaStatusPublishType"},"status_id":{"type":"string","description":" status_id is a field used by the generator to distinguish (if necessary) between two status\n objects for the same config object from the same site and same service and potentially same\n daemon(creator-id)","title":"status_id","x-displayname":"Status ID"},"uid":{"type":"string","description":" uid is the unique in time and space value for a StatusObject.\n\nExample: ` \"d15f1fad-4d37-48c0-8706-df1824d76d31\"`","title":"uid","x-displayname":"UID","x-ves-example":"d15f1fad-4d37-48c0-8706-df1824d76d31"},"vtrp_id":{"type":"string","description":" Origin of this status exchanged by VTRP.","title":"vtrp_id","x-displayname":"VTRP ID"},"vtrp_stale":{"type":"boolean","description":" Indicate whether mars deems this object to be stale via graceful restart timer information","title":"vtrp_stale","format":"boolean","x-displayname":"VTRP Stale"}}},"schemaStatusPublishType":{"type":"string","description":"StatusPublishType is all possible publish operations on a StatusObject\n\n - STATUS_DO_NOT_PUBLISH: Do Not Publish\n\nDo not propagate this status to user. This could be because status is only informational\n - STATUS_PUBLISH: Publish\n\nPropagate this status up to user as it might be actionable","title":"StatusPublishType","enum":["STATUS_DO_NOT_PUBLISH","STATUS_PUBLISH"],"default":"STATUS_DO_NOT_PUBLISH","x-displayname":"Status Publish Type","x-ves-proto-enum":"ves.io.schema.StatusPublishType"},"schemaStatusType":{"type":"object","description":"Status is a return value for calls that don't return other objects.","title":"StatusType","x-displayname":"Status","x-ves-proto-message":"ves.io.schema.StatusType","properties":{"code":{"type":"integer","description":" Suggested HTTP return code for this status, 0 if not set.\n\nExample: ` \"0\"`","title":"code","format":"int32","x-displayname":"Code","x-ves-example":"0"},"reason":{"type":"string","description":" A human-readable description of why this operation is in the\n \"Failure\" status. If this value is empty there\n is no information available.\n\nExample: ` \"value\"`","title":"reason","x-displayname":"Reason","x-ves-example":"value"},"status":{"type":"string","description":" Status of the operation.\n One of: \"Success\" or \"Failure\".\n\nExample: ` \"value\"`","title":"status","x-displayname":"Status","x-ves-example":"value"}}},"schemaSystemObjectGetMetaType":{"type":"object","description":"SystemObjectGetMetaType is metadata generated or populated by the system for all persisted objects and\ncannot be updated directly by users.","title":"SystemObjectGetMetaType","x-displayname":"System Metadata","x-ves-proto-message":"ves.io.schema.SystemObjectGetMetaType","properties":{"creation_timestamp":{"type":"string","description":" CreationTimestamp is a timestamp representing the server time when this object was\n created. It is not guaranteed to be set in happens-before order across separate operations.\n Clients may not set this value. It is represented in RFC3339 form and is in UTC.","title":"creation_timestamp","format":"date-time","x-displayname":"Creation Timestamp"},"creator_class":{"type":"string","description":" A value identifying the class of the user or service which created this configuration object.\n\nExample: ` \"value\"`","title":"creator_class","x-displayname":"Creator Class","x-ves-example":"prism"},"creator_id":{"type":"string","description":" A value identifying the exact user or service that created this configuration object\n\nExample: ` \"value\"`","title":"creator_id","x-displayname":"Creator ID","x-ves-example":"admin@acmecorp.com"},"deletion_timestamp":{"type":"string","description":" DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This\n field is set by the server when a graceful deletion is requested by the user, and is not\n directly settable by a client. The resource is expected to be deleted (no longer visible\n from resource lists, and not reachable by name) after the time in this field, once the\n finalizers list is empty. As long as the finalizers list contains items, deletion is blocked.\n Once the deletionTimestamp is set, this value may not be unset or be set further into the\n future, although it may be shortened or the resource may be deleted prior to this time.\n For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react\n by sending a graceful termination signal to the containers in the pod. After that 30 seconds,\n the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup,\n remove the pod from the API. In the presence of network partitions, this object may still\n exist after this timestamp, until an administrator or automated process can determine the\n resource is fully terminated.\n If not set, graceful deletion of the object has not been requested.\n\n Populated by the system when a graceful deletion is requested.\n Read-only.","title":"deletion_timestamp","format":"date-time","x-displayname":"Deletion Timestamp"},"finalizers":{"type":"array","description":" Must be empty before the object is deleted from the registry. Each entry\n is an identifier for the responsible component that will remove the entry\n from the list. If the deletionTimestamp of the object is non-nil, entries\n in this list can only be removed.\n\nExample: ` \"value\"`","title":"finalizers","items":{"type":"string"},"x-displayname":"Finalizers","x-ves-example":"value"},"initializers":{"$ref":"#/components/schemas/schemaInitializersType"},"labels":{"type":"object","description":" Map of string keys and values that can be used to organize and categorize\n (scope and select) objects as chosen by the operator or software. Values here can be interpreted\n by software(backend or frontend) to enable certain behavior e.g. things marked as soft-deleted(restorable).\n\nExample: ` \"'ves.io/soft-deleted''true'\"`","title":"labels","x-displayname":"Labels","x-ves-example":"'ves.io/soft-deleted': 'true'"},"modification_timestamp":{"type":"string","description":" ModificationTimestamp is a timestamp representing the server time when this object was\n last modified.","title":"modification_timestamp","format":"date-time","x-displayname":"Modification Timestamp"},"object_index":{"type":"integer","description":" Unique index for the object. Some objects need a unique integer index to be allocated\n for each object type. This field will be populated for all objects that need it and will\n be zero otherwise.\n\nExample: ` \"0\"`","title":"object_index","format":"int64","x-displayname":"Object Index","x-ves-example":"0"},"owner_view":{"$ref":"#/components/schemas/schemaViewRefType"},"tenant":{"type":"string","description":" Tenant to which this configuration object belongs to. The value for this is found from\n presented credentials.\n\nExample: ` \"acmecorp\"`","title":"tenant","x-displayname":"Tenant","x-ves-example":"acmecorp"},"uid":{"type":"string","description":" uid is the unique in time and space value for this object. It is generated by\n the server on successful creation of an object and is not allowed to change on Replace\n API. The value of is taken from uid field of ObjectMetaType, if provided.\n\nExample: ` \"d15f1fad-4d37-48c0-8706-df1824d76d31\"`","title":"uid","x-displayname":"UID","x-ves-example":"d15f1fad-4d37-48c0-8706-df1824d76d31"}}},"schemaViewRefType":{"type":"object","description":"ViewRefType represents a reference to a view","title":"ViewRefType","x-displayname":"View Reference","x-ves-proto-message":"ves.io.schema.ViewRefType","properties":{"kind":{"type":"string","description":" Kind of the view object\n\nExample: ` \"http_proxy\"`","title":"kind","x-displayname":"Kind","x-ves-example":"http_proxy"},"name":{"type":"string","description":" When a configuration object(e.g. virtual_host) refers to another(e.g route)\n then name will hold the referred object's(e.g. route's) name.\n\nExample: ` \"contactus-route\"`","title":"name","x-displayname":"Name","x-ves-example":"contactus-route"},"namespace":{"type":"string","description":" When a configuration object(e.g. virtual_host) refers to another(e.g route)\n then namespace will hold the referred object's(e.g. route's) namespace.\n\nExample: ` \"ns1\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"ns1"},"uid":{"type":"string","description":" UID of the view object\n\nExample: ` \"f3744323-1adf-4aaa-a5dc-0707c1d1bd82\"`","title":"uid","x-displayname":"UID","x-ves-example":"f3744323-1adf-4aaa-a5dc-0707c1d1bd82"}}},"schemasecret_policyCreateSpecType":{"type":"object","description":"Create secret_policy creates a new object in the storage backend for metadata.namespace.","title":"Create Secret Policy","x-displayname":"Create Secret Policy","x-ves-oneof-field-rule_choice":"[\"rule_list\"]","x-ves-proto-message":"ves.io.schema.secret_policy.CreateSpecType","properties":{"allow_f5xc":{"type":"boolean","description":" if allow_f5xc is set to true, it allows relevant F5XC infrastructure services to decrypt the secret encrypted using this policy.\n\nExample: ` \"true\"`","format":"boolean","x-displayname":"Allow F5XC","x-ves-example":"true"},"decrypt_cache_timeout":{"type":"string","description":" decrypt_cache_timeout contains the amount of time a decrypted secret is cached in wingman.\n Value for this parameter is a string ending in the suffix \"s\" (indicating seconds), suffix \"m\" (indicating minutes) or suffix \"h\" (indicating hours)\n\nExample: ` \"6h\"`","x-displayname":"Decrypt Cache Timeout","x-ves-example":"6h"},"rule_list":{"$ref":"#/components/schemas/secret_policyRuleList"}}},"schemasecret_policyGetSpecType":{"type":"object","description":"Get secret_policy reads a given object from storage backend for metadata.namespace.","title":"Get Secret Policy","x-displayname":"Get Secret Policy","x-ves-oneof-field-rule_choice":"[\"legacy_rule_list\",\"rule_list\"]","x-ves-proto-message":"ves.io.schema.secret_policy.GetSpecType","properties":{"allow_f5xc":{"type":"boolean","description":" if allow_f5xc is set to true, it allows relevant F5XC infrastructure services to decrypt the secret encrypted using this policy.\n\nExample: ` \"true\"`","format":"boolean","x-displayname":"Allow F5XC","x-ves-example":"true"},"decrypt_cache_timeout":{"type":"string","description":" decrypt_cache_timeout contains the amount of time a decrypted secret is cached in wingman.\n Value for this parameter is a string ending in the suffix \"s\" (indicating seconds), suffix \"m\" (indicating minutes) or suffix \"h\" (indicating hours)\n\nExample: ` \"6h\"`","x-displayname":"Decrypt Cache Timeout","x-ves-example":"6h"},"deletion_time":{"type":"string","description":"deletion_time is set when the secret policy object is marked for delete,\nsecret policy marked for delete will be automatically deleted after deletion_time","title":"Deletion Time","format":"date-time","x-displayname":"Deletion Time"},"legacy_rule_list":{"$ref":"#/components/schemas/secret_policyLegacyRuleList"},"marked_for_delete":{"type":"boolean","description":"marked_for_delete is set when the secret policy object is marked for delete, based on this value\nsecret policy marked for delete will be automatically deleted after deletion_time","title":"Marked For Delete","format":"boolean","x-displayname":"Marked For Delete"},"rule_list":{"$ref":"#/components/schemas/secret_policyRuleList"}}},"schemasecret_policyReplaceSpecType":{"type":"object","description":"Replace secret_policy replaces an existing object in the storage backend for metadata.namespace.","title":"Replace Secret Policy","x-displayname":"Replace Secret Policy","x-ves-oneof-field-rule_choice":"[\"legacy_rule_list\",\"rule_list\"]","x-ves-proto-message":"ves.io.schema.secret_policy.ReplaceSpecType","properties":{"allow_f5xc":{"type":"boolean","description":" if allow_f5xc is set to true, it allows relevant F5XC infrastructure services to decrypt the secret encrypted using this policy.\n\nExample: ` \"true\"`","format":"boolean","x-displayname":"Allow F5XC","x-ves-example":"true"},"decrypt_cache_timeout":{"type":"string","description":" decrypt_cache_timeout contains the amount of time a decrypted secret is cached in wingman.\n Value for this parameter is a string ending in the suffix \"s\" (indicating seconds), suffix \"m\" (indicating minutes) or suffix \"h\" (indicating hours)\n\nExample: ` \"6h\"`","x-displayname":"Decrypt Cache Timeout","x-ves-example":"6h"},"legacy_rule_list":{"$ref":"#/components/schemas/secret_policyLegacyRuleList"},"rule_list":{"$ref":"#/components/schemas/secret_policyRuleList"}}},"schemasecret_policy_ruleGlobalSpecType":{"type":"object","description":"A secret_policy_rule object consists of an unordered list of predicates and an action.\nThe predicates are evaluated against a set of input fields that are extracted from client certificate.\nA rule is considered to match if all predicates in the rule evaluate to true for that request.\nAny predicates that are not specified in a rule are implicitly considered to be true.\nIf a rule is matched, the action specified for the rule is enforced for that request.\n\nA secret_policy_rule can be part of exactly one secret_policy and must belong to the same namespace as the secret policy.","title":"Secret Policy Rule Specifications","x-displayname":"Global Specifications","x-ves-oneof-field-client_choice":"[\"client_name\",\"client_name_matcher\",\"client_selector\"]","x-ves-proto-message":"ves.io.schema.secret_policy_rule.GlobalSpecType","properties":{"action":{"$ref":"#/components/schemas/policyRuleAction"},"client_name":{"type":"string","description":"Exclusive with [client_name_matcher client_selector]\n The name of the client trying to access the secret. Name of the client will be extracted from client TLS certificate.\n This predicate evaluates to true if client name matches the configured name\n\nExample: ` \"ver.re01.int.ves.io\"`\n\nValidation Rules:\n ves.io.schema.rules.string.max_bytes: 256\n","title":"client name","maxLength":256,"x-displayname":"Client Name","x-ves-example":"ver.re01.int.ves.io","x-ves-validation-rules":{"ves.io.schema.rules.string.max_bytes":"256"}},"client_name_matcher":{"$ref":"#/components/schemas/policyMatcherType"},"client_selector":{"$ref":"#/components/schemas/schemaLabelSelectorType"}}},"secret_policyCreateRequest":{"type":"object","description":"This is the input message of the 'Create' RPC","title":"CreateRequest is used to create an instance of secret_policy","x-displayname":"Create Request","x-ves-proto-message":"ves.io.schema.secret_policy.CreateRequest","properties":{"metadata":{"$ref":"#/components/schemas/schemaObjectCreateMetaType"},"spec":{"$ref":"#/components/schemas/schemasecret_policyCreateSpecType"}}},"secret_policyCreateResponse":{"type":"object","x-ves-proto-message":"ves.io.schema.secret_policy.CreateResponse","properties":{"metadata":{"$ref":"#/components/schemas/schemaObjectGetMetaType"},"spec":{"$ref":"#/components/schemas/schemasecret_policyGetSpecType"},"system_metadata":{"$ref":"#/components/schemas/schemaSystemObjectGetMetaType"}}},"secret_policyDeleteRequest":{"type":"object","description":"This is the input message of the 'Delete' RPC.","title":"DeleteRequest is used to delete a secret_policy","x-displayname":"Delete Request","x-ves-proto-message":"ves.io.schema.secret_policy.DeleteRequest","properties":{"fail_if_referred":{"type":"boolean","description":" Fail the delete operation if this object is being referred by other objects","title":"fail_if_referred","format":"boolean","x-displayname":"Fail-If-Referred"},"name":{"type":"string","description":" Name of the configuration object\n\nExample: ` \"name\"`","title":"name","x-displayname":"Name","x-ves-example":"name"},"namespace":{"type":"string","description":" Namespace in which the configuration object is present\n\nExample: ` \"ns1\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"ns1"}}},"secret_policyGetResponse":{"type":"object","description":"This is the output message of the 'Get' RPC","title":"GetResponse is the shape of a read secret_policy","x-displayname":"Get Response","x-ves-proto-message":"ves.io.schema.secret_policy.GetResponse","properties":{"create_form":{"$ref":"#/components/schemas/secret_policyCreateRequest"},"deleted_referred_objects":{"type":"array","description":"The set of deleted objects that are referred by this object","title":"deleted_referred_objects","items":{"$ref":"#/components/schemas/ioschemaObjectRefType"},"x-displayname":"Deleted Referred Objects"},"disabled_referred_objects":{"type":"array","description":"The set of deleted objects that are referred by this object","title":"disabled_referred_objects","items":{"$ref":"#/components/schemas/ioschemaObjectRefType"},"x-displayname":"Disabled Referred Objects"},"metadata":{"$ref":"#/components/schemas/schemaObjectGetMetaType"},"referring_objects":{"type":"array","description":"The set of objects that are referring to this object in their spec","title":"referring_objects","items":{"$ref":"#/components/schemas/ioschemaObjectRefType"},"x-displayname":"Referring Objects"},"replace_form":{"$ref":"#/components/schemas/secret_policyReplaceRequest"},"spec":{"$ref":"#/components/schemas/schemasecret_policyGetSpecType"},"status":{"type":"array","description":"The status reported by different services for this configuration object","title":"status","items":{"$ref":"#/components/schemas/secret_policyStatusObject"},"x-displayname":"Status"},"system_metadata":{"$ref":"#/components/schemas/schemaSystemObjectGetMetaType"}}},"secret_policyGetResponseFormatCode":{"type":"string","description":"x-displayName: \"Get Response Format\"\nThis is the various forms that can be requested to be sent in the GetResponse\n\n - GET_RSP_FORMAT_DEFAULT: x-displayName: \"Default Format\"\nDefault format of returned resource\n - GET_RSP_FORMAT_FOR_CREATE: x-displayName: \"Create request Format\"\nResponse should be in CreateRequest format\n - GET_RSP_FORMAT_FOR_REPLACE: x-displayName: \"Replace request format\"\nResponse should be in ReplaceRequest format\n - GET_RSP_FORMAT_STATUS: x-displayName: \"Status format\"\nResponse should be in StatusObject(s) format\n - GET_RSP_FORMAT_READ: x-displayName: \"GetSpecType format\"\nResponse should be in format of GetSpecType\n - GET_RSP_FORMAT_REFERRING_OBJECTS: x-displayName: \"Referring Objects\"\nResponse should have other objects referring to this object\n - GET_RSP_FORMAT_BROKEN_REFERENCES: x-displayName: \"Broken Referred Objects\"\nResponse should have deleted and disabled objects referrred by this object","title":"GetResponseFormatCode","enum":["GET_RSP_FORMAT_DEFAULT","GET_RSP_FORMAT_FOR_CREATE","GET_RSP_FORMAT_FOR_REPLACE","GET_RSP_FORMAT_STATUS","GET_RSP_FORMAT_READ","GET_RSP_FORMAT_REFERRING_OBJECTS","GET_RSP_FORMAT_BROKEN_REFERENCES"],"default":"GET_RSP_FORMAT_DEFAULT"},"secret_policyLegacyRuleList":{"type":"object","description":"A list of references to service_policy_rule objects.\nThe order of evaluation of the rules depends on the rule combining algorithm.","title":"LegacyRuleList","x-displayname":"Legacy Rules","x-ves-proto-message":"ves.io.schema.secret_policy.LegacyRuleList","properties":{"rules":{"type":"array","description":" A list of references to service_policy_rule objects.\n The order of evaluation of the rules depends on the rule combining algorithm.\n\nValidation Rules:\n ves.io.schema.rules.repeated.max_items: 256\n","title":"rules","maxItems":256,"items":{"$ref":"#/components/schemas/ioschemaObjectRefType"},"x-displayname":"Rules","x-ves-validation-rules":{"ves.io.schema.rules.repeated.max_items":"256"}}}},"secret_policyListPolicyResponse":{"type":"object","description":"This is the response message of the 'ListPolicy' RPC.","title":"ListPolicyResponse is used to list a secret_policy","x-displayname":"List Policy Response","x-ves-proto-message":"ves.io.schema.secret_policy.ListPolicyResponse","properties":{"errors":{"type":"array","description":" Errors(if any) while listing items from collection","title":"errors","items":{"$ref":"#/components/schemas/schemaErrorType"},"x-displayname":"Errors"},"items":{"type":"array","description":" items represents the collection in response","title":"items","items":{"$ref":"#/components/schemas/secret_policyListPolicyResponseItem"},"x-displayname":"Items"}}},"secret_policyListPolicyResponseItem":{"type":"object","title":"ListPolicyResponseItem is an individual item in a collection of secret_policy","x-displayname":"List Polic Response Item","x-ves-proto-message":"ves.io.schema.secret_policy.ListPolicyResponseItem","properties":{"annotations":{"type":"object","description":" The set of annotations present on this secret_policy","title":"annotations","x-displayname":"Annotations"},"description":{"type":"string","description":" The description set for this secret_policy","title":"description","x-displayname":"Description"},"disabled":{"type":"boolean","description":" A value of true indicates secret_policy is administratively disabled","title":"disabled","format":"boolean","x-displayname":"Disabled"},"get_spec":{"$ref":"#/components/schemas/schemasecret_policyGetSpecType"},"labels":{"type":"object","description":" The set of labels present on this secret_policy","title":"labels","x-displayname":"Labels"},"metadata":{"$ref":"#/components/schemas/schemaObjectGetMetaType"},"name":{"type":"string","description":" The name of this secret_policy\n\nExample: ` \"name\"`","title":"name","x-displayname":"Name","x-ves-example":"name"},"namespace":{"type":"string","description":" The namespace this item belongs to\n\nExample: ` \"ns1\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"ns1"},"system_metadata":{"$ref":"#/components/schemas/schemaSystemObjectGetMetaType"},"tenant":{"type":"string","description":" The tenant this item belongs to\n\nExample: ` \"acmecorp\"`","title":"tenant","x-displayname":"Tenant","x-ves-example":"acmecorp"},"uid":{"type":"string","description":" The unique uid of this secret_policy\n\nExample: ` \"d27938ba-967e-40a7-9709-57b8627f9f75\"`","title":"uid","x-displayname":"UID","x-ves-example":"d27938ba-967e-40a7-9709-57b8627f9f75"}}},"secret_policyListResponse":{"type":"object","description":"This is the output message of 'List' RPC.","title":"ListResponse is the collection of secret_policy","x-displayname":"List Response","x-ves-proto-message":"ves.io.schema.secret_policy.ListResponse","properties":{"errors":{"type":"array","description":" Errors(if any) while listing items from collection","title":"errors","items":{"$ref":"#/components/schemas/schemaErrorType"},"x-displayname":"Errors"},"items":{"type":"array","description":" items represents the collection in response","title":"items","items":{"$ref":"#/components/schemas/secret_policyListResponseItem"},"x-displayname":"Items"}}},"secret_policyListResponseItem":{"type":"object","description":"By default a summary of secret_policy is returned in 'List'. By setting\n'report_fields' in the ListRequest more details of each item can be got.","title":"ListResponseItem is an individual item in a collection of secret_policy","x-displayname":"List Item","x-ves-proto-message":"ves.io.schema.secret_policy.ListResponseItem","properties":{"annotations":{"type":"object","description":" The set of annotations present on this secret_policy","title":"annotations","x-displayname":"Annotations"},"description":{"type":"string","description":" The description set for this secret_policy","title":"description","x-displayname":"Description"},"disabled":{"type":"boolean","description":" A value of true indicates secret_policy is administratively disabled","title":"disabled","format":"boolean","x-displayname":"Disabled"},"get_spec":{"$ref":"#/components/schemas/schemasecret_policyGetSpecType"},"labels":{"type":"object","description":" The set of labels present on this secret_policy","title":"labels","x-displayname":"Labels"},"metadata":{"$ref":"#/components/schemas/schemaObjectGetMetaType"},"name":{"type":"string","description":" The name of this secret_policy\n\nExample: ` \"name\"`","title":"name","x-displayname":"Name","x-ves-example":"name"},"namespace":{"type":"string","description":" The namespace this item belongs to\n\nExample: ` \"ns1\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"ns1"},"owner_view":{"$ref":"#/components/schemas/schemaViewRefType"},"status_set":{"type":"array","description":" The status reported by different services for this configuration object","title":"status","items":{"$ref":"#/components/schemas/secret_policyStatusObject"},"x-displayname":"Status"},"system_metadata":{"$ref":"#/components/schemas/schemaSystemObjectGetMetaType"},"tenant":{"type":"string","description":" The tenant this item belongs to\n\nExample: ` \"acmecorp\"`","title":"tenant","x-displayname":"Tenant","x-ves-example":"acmecorp"},"uid":{"type":"string","description":" The unique uid of this secret_policy\n\nExample: ` \"d27938ba-967e-40a7-9709-57b8627f9f75\"`","title":"uid","x-displayname":"UID","x-ves-example":"d27938ba-967e-40a7-9709-57b8627f9f75"}}},"secret_policyRecoverRequest":{"type":"object","description":"This is the input message of the 'RecoverPolicy' RPC.","title":"RecoverRequest is used to recover a secret_policy","x-displayname":"Recover Request","x-ves-proto-message":"ves.io.schema.secret_policy.RecoverRequest","properties":{"name":{"type":"string","description":" Name of the secret policy\n\nExample: ` \"site-secret-policy\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n","title":"name","x-displayname":"Name","x-ves-example":"site-secret-policy","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true"}},"namespace":{"type":"string","description":" Namespace of the secret policy\n\nExample: ` \"system\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n","title":"namespace","x-displayname":"Namespace","x-ves-example":"system","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true"}}}},"secret_policyRecoverResponse":{"type":"object","description":"This is the response message of the 'RecoverPolicy' RPC.","title":"RecoverResponse","x-displayname":"Recover Response","x-ves-proto-message":"ves.io.schema.secret_policy.RecoverResponse","properties":{"status":{"type":"string","description":" HTTP status as reported by the backend\n\nExample: ` \"200`","title":"Status","format":"int64","x-displayname":"Status"}}},"secret_policyReplaceRequest":{"type":"object","description":"This is the input message of the 'Replace' RPC","title":"ReplaceRequest is used to replace contents of a secret_policy","x-displayname":"Replace Request","x-ves-proto-message":"ves.io.schema.secret_policy.ReplaceRequest","properties":{"metadata":{"$ref":"#/components/schemas/schemaObjectReplaceMetaType"},"spec":{"$ref":"#/components/schemas/schemasecret_policyReplaceSpecType"}}},"secret_policyReplaceResponse":{"type":"object","x-ves-proto-message":"ves.io.schema.secret_policy.ReplaceResponse"},"secret_policyRule":{"type":"object","description":"A Rule consists of an unordered list of predicates and an action. The predicates are evaluated against a set of input fields that are extracted from\nor derived from an L7 request API. A request API is considered to match the simple rule if all predicates in the rule evaluate to true for that request. Any\npredicates that are not specified in a rule are implicitly considered to be true. If a request API matches a simple rule, the action for the simple rule is\nenforced.","title":"rule","x-displayname":"Rule","x-ves-proto-message":"ves.io.schema.secret_policy.Rule","properties":{"metadata":{"$ref":"#/components/schemas/schemaMessageMetaType"},"spec":{"$ref":"#/components/schemas/schemasecret_policy_ruleGlobalSpecType"}}},"secret_policyRuleList":{"type":"object","description":"A list of rules.\nThe order of evaluation of the rules depends on the rule combining algorithm.","title":"rule list","x-displayname":"Rule List","x-ves-proto-message":"ves.io.schema.secret_policy.RuleList","properties":{"rules":{"type":"array","description":" Define the list of rules (with an order) that should be evaluated by this service policy.\n Rules are evaluated from top to bottom in the list.\n\nValidation Rules:\n ves.io.schema.rules.repeated.max_items: 256\n ves.io.schema.rules.repeated.unique_metadata_name: true\n","title":"rules","maxItems":256,"items":{"$ref":"#/components/schemas/secret_policyRule"},"x-displayname":"Rules","x-ves-validation-rules":{"ves.io.schema.rules.repeated.max_items":"256","ves.io.schema.rules.repeated.unique_metadata_name":"true"}}}},"secret_policySoftDeleteRequest":{"type":"object","description":"This is the input message of the 'DeletePolicy' RPC.","title":"SoftDeleteRequest is used to soft delete a secret_policy","x-displayname":"Soft Delete Request","x-ves-proto-message":"ves.io.schema.secret_policy.SoftDeleteRequest","properties":{"name":{"type":"string","description":" Name of the secret policy\n\nExample: ` \"site-secret-policy\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n","title":"name","x-displayname":"Name","x-ves-example":"site-secret-policy","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true"}},"namespace":{"type":"string","description":" Namespace of the secret policy\n\nExample: ` \"system\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n","title":"namespace","x-displayname":"Namespace","x-ves-example":"system","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true"}}}},"secret_policySoftDeleteResponse":{"type":"object","description":"This is the response message of the 'DeletePolicy' RPC.","title":"DeleteResponse","x-displayname":"Delete Response","x-ves-proto-message":"ves.io.schema.secret_policy.SoftDeleteResponse","properties":{"status":{"type":"string","description":" HTTP status as reported by the backend\n\nExample: ` \"200`","title":"Status","format":"int64","x-displayname":"Status"}}},"secret_policyStatusObject":{"type":"object","description":"Most recently observed status of the object","title":"Status for secret policy","x-displayname":"Status","x-ves-proto-message":"ves.io.schema.secret_policy.StatusObject","properties":{"conditions":{"type":"array","description":" Conditions","title":"conditions","items":{"$ref":"#/components/schemas/schemaConditionType"},"x-displayname":"Conditions"},"metadata":{"$ref":"#/components/schemas/schemaStatusMetaType"},"object_refs":{"type":"array","description":" Object reference","title":"object_refs","items":{"$ref":"#/components/schemas/ioschemaObjectRefType"},"x-displayname":"Config Object"}}}}}}