diff --git a/assets/css/v2/style.css b/assets/css/v2/style.css index 9a5c8383..782c6836 100644 --- a/assets/css/v2/style.css +++ b/assets/css/v2/style.css @@ -320,12 +320,17 @@ h6, } html { - scroll-behavior: smooth; + scroll-behavior: smooth; /* Breaks for redocly */ font-optical-sizing: auto; font-weight: 300; font-style: normal; } +html:has(api-container) { + /* Fixes scroll for redocly but loses smooth scroll */ + scroll-behavior: auto; +} + h1, h2, h3, @@ -916,8 +921,8 @@ nav { /* Allow redocly to fill the entire container */ &.content__redocly { - justify-self: unset; - max-width: 100%; + min-width: 100%; + margin: 0; #api-component { z-index: 0; diff --git a/exampleSite/content/test-product/redoc/live-example.md b/exampleSite/content/test-product/redoc/live-example.md new file mode 100644 index 00000000..fc05a23b --- /dev/null +++ b/exampleSite/content/test-product/redoc/live-example.md @@ -0,0 +1,11 @@ +--- +description: Live example of Redocly usage +title: Live example +weight: 200 +type: redoc +tags: + - api +doctypes: + - reference +--- +{{< openapi spec="./api/one.json" >}} diff --git a/exampleSite/static/api/one.json b/exampleSite/static/api/one.json new file mode 100644 index 00000000..607866bf --- /dev/null +++ b/exampleSite/static/api/one.json @@ -0,0 +1,10895 @@ +{ + "openapi": "3.0.3", + "info": { + "title": "NGINX One Console Spec", + "description": "The API Reference documentation for NGINX One Console", + "version": "v1" + }, + "servers": [ + { + "url": "https://{tenant_cname}.console.ves.volterra.io/api/nginx/one/namespaces/{namespace}", + "variables": { + "namespace": { + "description": "The application namespace used to organize and scope API resources.", + "default": "default" + }, + "tenant_cname": { + "description": "The specific DNS name used to access your tenant.", + "default": "tenant-example" + } + } + } + ], + "tags": [ + { + "name": "Data Plane Key", + "description": "The `DataPlaneKey` object represents a secure token required to establish a connection between your NGINX instances and NGINX One. \nAs a fundamental security measure, the data plane key ensures that only trusted NGINX instances can register and communicate with NGINX One. \n\nData plane keys expire after one year. This is the default setting if you don't specify an expiration time when you create a key. \nIf necessary, you can update the data plane key later to extend its expiration.\n\nRevoking a data plane key will disconnect the associated NGINX instances from NGINX One.\n\n**IMPORTANT** Data plane keys are not saved and are displayed only once when you generate them. You should save this key in a secure location for future reference.\n", + "x-displayName": "Data Plane Key" + }, + { + "name": "Instances", + "description": "The `Instance` object represents an active NGINX installation. \nYou can access detailed information about each NGINX instance, including its configuration analysis, security advisories, and operational status.\n", + "x-displayName": "Instances" + }, + { + "name": "Config Sync Groups", + "description": "The `ConfigSyncGroups` object represents a NGINX config sync group where `Instances` are grouped to have same configuration. \nYou can access detailed information about each NGINX config sync group, including its configuration analysis and operational status.\n", + "x-displayName": "Config Sync Groups" + }, + { + "name": "Certificates", + "description": "The `Certificates` object in the NGINX One console represents an SSL certificate, covering both managed and unmanaged types. \nYou can view essential details like issuer, expiration status, and the instances or config sync groups where each certificate is deployed.\n", + "x-displayName": "Certificates" + }, + { + "name": "CVEs", + "description": "The `CVEs` object represents the security advisories published for all the F5 products supported by NGINX One.\n", + "x-displayName": "CVEs" + }, + { + "name": "Events", + "description": "Get a list of system events in the NGINX One console.\n", + "x-displayName": "Events" + }, + { + "name": "Staged Configs", + "description": "The `StagedConfigs` object represents a NGINX staged config which users can save to publish at a later time.\n", + "x-displayName": "Staged Configs" + }, + { + "name": "Control Planes", + "description": "The `Control Planes` object represents an external control plane such as NGINX Ingress Controller.\nFrom this endpoint, you can get detailed information about each control plane, including its NGINX instances, configurations, security advisories, and operational status.\n", + "x-displayName": "Control Planes" + }, + { + "name": "Metrics", + "x-displayName": "Metrics" + }, + { + "name": "Settings", + "description": "Configuration option for different aspect of NGINX One service.\nYou can set NGINX Instance cleanup preferences.\n", + "x-displayName": "Settings" + }, + { + "name": "NGINX App Protect", + "description": "Manage and publish security policies on your NGINX data plane instances.\n", + "x-displayName": "NGINX App Protect" + } + ], + "paths": { + "/data-plane-keys": { + "get": { + "tags": [ + "Data Plane Key" + ], + "summary": "List all data plane keys", + "description": "Returns a list of data plane keys for your tenant namespace. \nThis list provides important information such as each key's name, when it was created, and when it will expire.\n", + "operationId": "listDataPlaneKeys", + "parameters": [ + { + "$ref": "#/components/parameters/Paginated" + }, + { + "$ref": "#/components/parameters/Limit" + }, + { + "$ref": "#/components/parameters/Offset" + }, + { + "$ref": "#/components/parameters/FilterFieldDataPlaneKeys" + }, + { + "$ref": "#/components/parameters/FilterOperands" + }, + { + "$ref": "#/components/parameters/FilterValues" + } + ], + "responses": { + "200": { + "description": "Successfully retrieved the list of data plane keys.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/DataPlaneKeyListResponse" + }, + "examples": { + "DataPlaneKeys": { + "$ref": "#/components/examples/DataPlaneKeys" + } + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "patch": { + "x-nginx-one-action": "bulk", + "x-nginx-one-entity": "data plane key", + "tags": [ + "Data Plane Key" + ], + "summary": "Bulk operation on multiple data plane keys", + "operationId": "BulkDataPlaneKeys", + "description": "Performs bulk operation on one or more data plane keys, only delete is supported.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/DataPlaneKeyBulkRequest" + } + } + } + }, + "responses": { + "200": { + "description": "Batch request completed.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/DataPlaneKeyBulkResponse" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "post": { + "tags": [ + "Data Plane Key" + ], + "x-nginx-one-action": "create", + "x-nginx-one-entity": "data plane key", + "summary": "Create a data plane key", + "description": "Creates a unique data plane key that you can use to register NGINX instances with NGINX One.\n\n**IMPORTANT**: Save the data plane key somewhere secure for reference. The key is displayed only once and cannot be retrieved again.\n", + "operationId": "createDataPlaneKey", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/DataPlaneKeyCreateRequest" + }, + "examples": { + "DataPlaneKeyCreateRequest": { + "$ref": "#/components/examples/DataPlaneKeyRequest" + } + } + } + } + }, + "responses": { + "200": { + "description": "Successfully created the data plane key.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/DataPlaneKeyResponse" + }, + "examples": { + "DataPlaneKeyResponse": { + "$ref": "#/components/examples/DataPlaneKeyResponse" + } + } + } + } + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/data-plane-keys/{data_plane_key_id}": { + "delete": { + "tags": [ + "Data Plane Key" + ], + "x-nginx-one-action": "delete", + "x-nginx-one-entity": "data plane key", + "summary": "Delete a data plane key", + "description": "Deletes a data plane key.\n", + "operationId": "deleteDataPlaneKey", + "parameters": [ + { + "$ref": "#/components/parameters/DataPlaneKeyParamObjectID" + } + ], + "responses": { + "204": { + "description": "Successfully deleted the data plane key." + }, + "404": { + "description": "The data plane key with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "409": { + "description": "Cannot delete an active data plane key. Revoke the key first, then try deleting it again.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "get": { + "tags": [ + "Data Plane Key" + ], + "summary": "Retrieve a data plane key", + "description": "Retrieves the details for an existing data plane key.\n", + "operationId": "getDataPlaneKey", + "parameters": [ + { + "$ref": "#/components/parameters/DataPlaneKeyParamObjectID" + } + ], + "responses": { + "200": { + "description": "Successfully retrieved the details of the data plane key.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/DataPlaneKey" + }, + "examples": { + "DataPlaneKeys": { + "$ref": "#/components/examples/DataPlaneKey" + } + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "patch": { + "tags": [ + "Data Plane Key" + ], + "x-nginx-one-action": "update", + "x-nginx-one-entity": "data plane key", + "summary": "Update a data plane key", + "description": "Updates an existing data plane key. \n\nYou can update the data plane key's name or extend its expiration date. It's not possible to update the expiration date for a data plane key that has expired.\n", + "operationId": "updateDataPlaneKey", + "parameters": [ + { + "$ref": "#/components/parameters/DataPlaneKeyParamObjectID" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/DataPlaneKeyUpdateRequest" + }, + "examples": { + "DataPlaneKeyUpdateRequest": { + "$ref": "#/components/examples/DataPlaneKeyRequest" + } + } + } + } + }, + "responses": { + "200": { + "description": "Successfully updated the data plane key.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/DataPlaneKey" + }, + "examples": { + "DataPlaneKeys": { + "$ref": "#/components/examples/DataPlaneKey" + } + } + } + } + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The data plane key with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/data-plane-keys/{data_plane_key_id}/revoke": { + "put": { + "tags": [ + "Data Plane Key" + ], + "x-nginx-one-action": "revoke", + "x-nginx-one-entity": "data plane key", + "summary": "Revoke a data plane key", + "description": "Revoke an existing data plane key.\n\n**IMPORTANT**: When you revoke a data plane key, all NGINX instances registered with this key will be disconnected from NGINX One.\n", + "operationId": "revokeDataPlaneKey", + "parameters": [ + { + "$ref": "#/components/parameters/DataPlaneKeyParamObjectID" + } + ], + "responses": { + "202": { + "description": "The request to revoke the data plane key has been accepted and is being processed.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/DataPlaneKey" + }, + "examples": { + "DataPlaneKeys": { + "$ref": "#/components/examples/DataPlaneKey" + } + } + } + } + }, + "404": { + "description": "The data plane key with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/certificates": { + "get": { + "tags": [ + "Certificates" + ], + "summary": "List all SSL certificates", + "description": "Returns a paginated list showing metadata for every SSL certificate.\n", + "parameters": [ + { + "$ref": "#/components/parameters/Paginated" + }, + { + "$ref": "#/components/parameters/Limit" + }, + { + "$ref": "#/components/parameters/Offset" + }, + { + "$ref": "#/components/parameters/FilterFieldCertificates" + }, + { + "$ref": "#/components/parameters/FilterOperands" + }, + { + "$ref": "#/components/parameters/FilterValues" + }, + { + "$ref": "#/components/parameters/SortDirection" + }, + { + "$ref": "#/components/parameters/SortNameCertificates" + } + ], + "operationId": "listCertificates", + "responses": { + "200": { + "description": "Successfully retrieved the list of SSL certificates.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/CertificateListResponse" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "post": { + "x-nginx-one-action": "create", + "x-nginx-one-entity": "NGINX certificate", + "tags": [ + "Certificates" + ], + "summary": "Create an SSL certificate", + "operationId": "createCertificate", + "description": "Creates a new SSL certificate with an optional name. \nYou must supply the certificate's content in base64-encoded PEM format.\nAny warnings will be displayed only upon creation of the certificate object, and\nis not retrievable after it is created.\n", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/CertificateRequest" + } + } + } + }, + "responses": { + "200": { + "description": "Successfully created the SSL certificate.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/CertificateResponse" + } + } + } + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/certificates/{certificateObjectID}": { + "delete": { + "x-nginx-one-action": "delete", + "x-nginx-one-entity": "NGINX certificate", + "tags": [ + "Certificates" + ], + "summary": "Delete an SSL certificate", + "operationId": "deleteCertificate", + "description": "* Deletes a managed SSL certificate from the NGINX One console. This operation is disabled for unmanaged certificates, as they get cleaned up automatically when they are not used in any NGINX configuration. \n* An optional flag `deleteFromDataPlanes` when set to true, can be used to remove the certificate from data plane instances to where it was deployed.\n * Deleting from data planes triggers publications on either instances or Config Sync Groups. After the managed cert object is deleted from NGINX One Console, a `PublicationBulkResponse` is returned along with status code 202, indicating whether an error occurred while issuing a publication to a data plane target.\n * If this cert is not associated with any data plane, status code 204 is returned when `deleteFromDataPlanes` set to true.\n", + "parameters": [ + { + "$ref": "#/components/parameters/DeleteFromDataPlanesParamFlag" + } + ], + "responses": { + "202": { + "description": "Successfully deleted the SSL certificate. Handling deletion of certificate from data planes in the background.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/PublicationBulkResponse" + } + } + } + }, + "204": { + "description": "Successfully deleted the SSL certificate." + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The SSL certificate with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "get": { + "tags": [ + "Certificates" + ], + "summary": "Retrieve an SSL certificate", + "operationId": "getCertificate", + "description": "Retrieves the details for an SSL certificate, including:\n* Object ID that uniquely identifies this certificate object\n* SSL certificate type (managed or unmanaged by NGINX One Console)\n* Certificate type (whether it is a CA bundle or a certificate-key pair)\n* Subject name of the leaf certificate, or the soonest-expiring CA in a bundle\n * This subject name will be the DNS name in the SAN extension of the certificate. If not present, it will be the certificate's common name\n* Status of the certificate (valid, expiring, expired)\n* Validity period, if applicable to multiple certificates\n* Metadata for each public certificate if multiples are provided\n* Private key metadata, if available\n", + "responses": { + "200": { + "description": "Successfully retrieved the details of the SSL certificate.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/CertificateResponse" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The SSL certificate with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "parameters": [ + { + "$ref": "#/components/parameters/CertificateParamObjectID" + } + ], + "patch": { + "x-nginx-one-action": "update", + "x-nginx-one-entity": "NGINX certificate", + "tags": [ + "Certificates" + ], + "summary": "Update an SSL certificate", + "operationId": "updateCertificate", + "description": "Updates public certificates, private keys, or both. \nThis endpoint can also be used to update a Certificate Authority (CA) bundle.\n", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/CertificateUpdateRequest" + } + } + } + }, + "responses": { + "200": { + "description": "Successfully updated the specified SSL certificate.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/CertificateResponse" + } + } + } + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The SSL certificate with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/certificates/{certificateObjectID}/deployments": { + "get": { + "tags": [ + "Certificates" + ], + "summary": "List SSL certificate deployments", + "description": "Returns a paginated list showing all the deployments for a SSL certificate and assigned file path(s).\n", + "parameters": [ + { + "$ref": "#/components/parameters/CertificateParamObjectID" + }, + { + "$ref": "#/components/parameters/Paginated" + }, + { + "$ref": "#/components/parameters/Limit" + }, + { + "$ref": "#/components/parameters/Offset" + }, + { + "$ref": "#/components/parameters/FilterFieldCertificateDeployments" + }, + { + "$ref": "#/components/parameters/FilterOperands" + }, + { + "$ref": "#/components/parameters/FilterValues" + }, + { + "$ref": "#/components/parameters/SortDirection" + }, + { + "$ref": "#/components/parameters/SortNameCertificateDeployments" + } + ], + "operationId": "listCertificateDeployments", + "responses": { + "200": { + "description": "Successfully retrieved the list of SSL certificate deployments.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/CertificateDeploymentListResponse" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The SSL certificate with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/certificates/parse": { + "post": { + "x-nginx-one-action": "validate", + "x-nginx-one-entity": "NGINX certificate", + "tags": [ + "Certificates" + ], + "summary": "Parse and validate an SSL certificate", + "operationId": "parseCertificate", + "description": "Parses and validates an SSL certificate. \nIt checks the provided PEM files and verifies that the public certificates follow the correct X.509 format. \nIf the certificate cannot be parsed, an error will be returned. \nOtherwise, as long as the certificate is parsable, a `200 OK` status will be returned even if there are issues \nsuch as mismatched private keys or expired certificates. Details of any issues found will be shown in the \"warnings\" field of the response.\n", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/CertificateRequest" + } + } + } + }, + "responses": { + "200": { + "description": "Successfully parsed and validated the SSL certificate.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/CertificateResponse" + } + } + } + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/config-report": {}, + "/config-sync-groups": { + "get": { + "tags": [ + "Config Sync Groups" + ], + "summary": "List all config sync groups", + "operationId": "listConfigSyncGroups", + "description": "Returns a list of all NGINX config sync groups, providing details such as:\n * Name of the config sync group\n * List of instance with details\n * Version of the NGINX configuration that's expected to be on all listed instances\n * Status of apply configuration operation \n * Timestamp of last reported action\n", + "parameters": [ + { + "$ref": "#/components/parameters/Paginated" + }, + { + "$ref": "#/components/parameters/Limit" + }, + { + "$ref": "#/components/parameters/Offset" + }, + { + "$ref": "#/components/parameters/FilterFieldConfigSyncGroups" + }, + { + "$ref": "#/components/parameters/FilterOperands" + }, + { + "$ref": "#/components/parameters/FilterValues" + }, + { + "$ref": "#/components/parameters/SortDirection" + }, + { + "$ref": "#/components/parameters/SortNameConfigSyncGroups" + } + ], + "responses": { + "200": { + "description": "Successfully retrieved the list of NGINX config sync groups.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ConfigSyncGroupListResponse" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "patch": { + "x-nginx-one-action": "bulk", + "x-nginx-one-entity": "config sync group", + "tags": [ + "Config Sync Groups" + ], + "summary": "Bulk operation on multiple config sync groups", + "operationId": "BulkConfigSyncGroups", + "description": "Performs bulk operation on one or more config sync groups, only delete is supported.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ConfigSyncGroupBulkRequest" + } + } + } + }, + "responses": { + "200": { + "description": "Batch request completed.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ConfigSyncGroupBulkResponse" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "post": { + "x-nginx-one-action": "create", + "x-nginx-one-entity": "NGINX config sync group", + "tags": [ + "Config Sync Groups" + ], + "summary": "Create an NGINX config sync group", + "operationId": "createConfigSyncGroup", + "description": "Create NGINX config sync group with a unique name to identify it within the tenant namespace.\n", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ConfigSyncGroupCreateRequest" + } + } + } + }, + "responses": { + "200": { + "description": "Successfully created NGINX config sync group", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ConfigSyncGroupCreateResponse" + } + } + } + }, + "401": { + "description": "Access denied", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "409": { + "description": "The NGINX config sync group can't be created because the name is already in use", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/config-sync-groups/{configSyncGroupObjectID}": { + "delete": { + "x-nginx-one-action": "delete", + "x-nginx-one-entity": "NGINX config sync group", + "tags": [ + "Config Sync Groups" + ], + "summary": "Delete an NGINX config sync group", + "description": "Delete a NGINX config sync group from the NGINX One console. You can delete a config sync group, only if it contains no NGINX instances.\n", + "operationId": "deleteConfigSyncGroup", + "responses": { + "204": { + "description": "Successfully deleted the NGINX config sync group" + }, + "401": { + "description": "Access denied", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX config sync group with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "get": { + "tags": [ + "Config Sync Groups" + ], + "summary": "Retrieve an NGINX config sync group", + "description": "Retrieve the details for an NGINX config sync group, including:\n* name\n* Instances and details of each instance\n* Timestamp of last reported action\n* NGINX config version on the config sync group\n* Certificate summary referenced by config sync group members\n* NGINX config sync operation status\n* Last config sync group publication operation status\n", + "operationId": "getConfigSyncGroup", + "responses": { + "200": { + "description": "Successfully retrieved the details of the NGINX config sync group.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ConfigSyncGroupDetails" + }, + "examples": { + "ConfigSyncGroupDetails": { + "$ref": "#/components/examples/ConfigSyncGroupDetails" + } + } + } + } + }, + "401": { + "description": "Access denied", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX config sync group with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "parameters": [ + { + "$ref": "#/components/parameters/ConfigSyncGroupParamObjectID" + } + ] + }, + "/config-sync-groups/{configSyncGroupObjectID}/config": { + "get": { + "tags": [ + "Config Sync Groups" + ], + "summary": "Retrieve a config sync group's configuration details", + "description": "Returns the configuration details for a NGINX config sync group, including: \n* Main configuration path\n* Details about configuration files\n* Details about auxiliary files\n* Unique identifiers\n", + "operationId": "getConfigSyncGroupConfig", + "responses": { + "200": { + "description": "Successfully retrieved the configuration details for the specified NGINX config sync group.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NginxConfig" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX config sync group with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "parameters": [ + { + "$ref": "#/components/parameters/ConfigSyncGroupParamObjectID" + } + ], + "patch": { + "tags": [ + "Config Sync Groups" + ], + "x-nginx-one-action": "update", + "x-nginx-one-entity": "NGINX config sync group configuration", + "summary": "Apply partial updates to config sync group's configuration", + "description": "Applies the specified partial updates to an existing NGINX configuration. Details:\n * This endpoint accepts additive updates to `NginxConfig`. \n * To delete files, omit the `file.contents` field. \n * This method compares the provided config_version with the current NGINX config sync group configuration to detect conflicts, which may arise if the config_version does not match due to an out-of-band update.\n", + "operationId": "patchConfigSyncGroupConfig", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NginxConfigRequest" + } + } + } + }, + "responses": { + "200": { + "description": "Successfully stored the configuration of the NGINX config sync group", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NginxConfig" + } + } + } + }, + "202": { + "description": "The request to publish the configuration has been accepted and is being processed. To check the publication status, make a GET request to /config-sync-groups/{configSyncGroupObjectID}/publications.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/PublicationInstance" + } + } + } + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "401": { + "description": "Access denied", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX config sync group with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "put": { + "tags": [ + "Config Sync Groups" + ], + "x-nginx-one-action": "create", + "x-nginx-one-entity": "NGINX config sync group configuration", + "summary": "Publish a configuration to NGINX config sync group", + "description": "Publishes a new or updated NGINX configuration to the specified config sync group. \nIf no existing configuration is found, a new one is created; otherwise, the current configuration is overwritten.\n", + "operationId": "publishConfigSyncGroupConfig", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NginxConfigRequest" + } + } + } + }, + "responses": { + "200": { + "description": "Successfully stored the configuration of the NGINX config sync group.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NginxConfig" + } + } + } + }, + "202": { + "description": "The request to publish the configuration has been accepted and is being processed. To check the publication status, make a GET request to /config-sync-groups/{configSyncGroupObjectID}/publications.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ConfigSyncGroupPublication" + } + } + } + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "401": { + "description": "Access denied", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX config sync group with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/config-sync-groups/{configSyncGroupObjectID}/config-report": { + "get": { + "tags": [ + "Config Sync Groups" + ], + "summary": "Retrieve an analysis report for the configuration of an NGINX config sync group", + "description": "Analyzes the configuration of an NGINX config sync group and returns a detailed report.\nThe report includes insights, identified issues, and recommendations for optimizing and troubleshooting.\n", + "operationId": "getConfigSyncGroupConfigReport", + "responses": { + "200": { + "description": "Successfully retrieved the NGINX configuration analysis for the specified config sync group.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NginxConfigReports" + } + } + } + }, + "204": { + "description": "The requested config sync group exists, but analysis of the NGINX configuration is not yet completed. Please retry the request at a later time to retrieve the report." + }, + "404": { + "description": "The NGINX config sync group with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "parameters": [ + { + "$ref": "#/components/parameters/ConfigSyncGroupParamObjectID" + } + ], + "patch": { + "x-nginx-one-action": "analyze", + "x-nginx-one-entity": "NGINX config sync group configuration", + "tags": [ + "Config Sync Groups" + ], + "summary": "Generate an analysis report for the configuration of the modified NGINX config sync group", + "description": "Analyzes the provided partial updates merging with an existing configuration of an NGINX config sync group. Generates a report detailing potential issues along with optimization suggestions. \nThis analysis accounts for additive updates made to NGINX configuration. To delete files, omit the `file.contents` field. \nThis method compares the provided `config_version` with the current NGINX config sync group's configuration to detect conflicts, which may arise if the `config_version` does not match due to an out-of-band update. \nNote that this operation is for analysis purposes only and does not apply any changes to the configuration. \nThe report is not stored and is provided only in the API response.\nTo publish the configuration, use the `PATCH /config-sync-groups/{configSyncGroupObjectID}/config` endpoint.\n", + "operationId": "analyzeConfigSyncGroupConfigPatch", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NginxConfigRequest" + } + } + } + }, + "responses": { + "200": { + "description": "Successfully analyzed the provided NGINX configuration", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NginxConfigReports" + } + } + } + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "401": { + "description": "Access denied", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX config sync group with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "put": { + "x-nginx-one-action": "analyze", + "x-nginx-one-entity": "NGINX config sync group configuration", + "tags": [ + "Config Sync Groups" + ], + "summary": "Generate an analysis report for the configuration of the NGINX config sync group", + "description": "Returns an analysis report for the configuration of the NGINX config sync group. This report includes insights, identified issues, and recommendations for optimizing and troubleshooting. Note that this operation is for analysis purposes only and does not apply any changes to the configuration. The report is not stored and is provided only in the API response. To publish the configuration, use the `PUT /config-sync-groups/{configSyncGroupObjectID}/config` endpoint.", + "operationId": "analyzeConfigSyncGroupConfig", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NginxConfigRequest" + } + } + } + }, + "responses": { + "200": { + "description": "Successfully analyzed the provided NGINX configuration.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NginxConfigReports" + } + } + } + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "401": { + "description": "Access denied", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX config sync group with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/config-sync-groups/{configSyncGroupObjectID}/config/{configSyncGroupConfigurationObjectID}": { + "get": { + "tags": [ + "Config Sync Groups" + ], + "summary": "Retrieve details the NGINX config sync group", + "description": "Returns the configuration details for an NGINX config sync group, including: \n* Main configuration path\n* Details about configuration files\n* Details about auxiliary files\n* Unique identifiers\n", + "operationId": "getConfigSyncGroupConfigWithObjectID", + "responses": { + "200": { + "description": "Successfully retrieved the configuration details for the specified NGINX config sync group and NGINX configuration.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NginxConfig" + } + } + } + }, + "401": { + "description": "Access denied", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX config sync group or NGINX configuration with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "parameters": [ + { + "$ref": "#/components/parameters/ConfigSyncGroupParamObjectID" + }, + { + "$ref": "#/components/parameters/ConfigSyncGroupConfigurationParamObjectID" + } + ] + }, + "/config-sync-groups/{configSyncGroupObjectID}/configs": { + "get": { + "tags": [ + "Config Sync Groups" + ], + "summary": "Retrieves stored NGINX configurations for a NGINX config sync group", + "description": "Returns a list of all configurations for a NGINX config sync group. Only the last 10 are kept on the NGINX One Console for a NGINX config sync group.", + "operationId": "listConfigSyncGroupConfigurations", + "responses": { + "200": { + "description": "Successfully retrieved the list of NGINX configurations for the specified NGINX config sync group.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/NginxConfigMeta" + } + } + } + } + }, + "401": { + "description": "Access denied", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX config sync group with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "parameters": [ + { + "$ref": "#/components/parameters/ConfigSyncGroupParamObjectID" + } + ] + }, + "/config-sync-groups/{configSyncGroupObjectID}/publications": { + "get": { + "tags": [ + "Config Sync Groups" + ], + "summary": "Retrieve the publications for the NGINX config sync group", + "description": "Returns a list of publications for a NGINX config sync group, providing details such as:\n * Current status along with reason(s) including the target instance object, cause and relevant message\n * Configuration version\n", + "operationId": "listConfigSyncGroupPublications", + "responses": { + "200": { + "description": "Successfully retrieved the list of all publications for the specified NGINX config sync group.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/ConfigSyncGroupPublication" + } + } + } + } + }, + "401": { + "description": "Access denied", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX config sync group with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "parameters": [ + { + "$ref": "#/components/parameters/ConfigSyncGroupParamObjectID" + } + ] + }, + "/config-sync-groups/{configSyncGroupObjectID}/publications/{publicationObjectID}": { + "get": { + "tags": [ + "Config Sync Groups" + ], + "summary": "Retrieve the publications for the NGINX config sync group, providing details such as:\n * Current status along with reason(s) including the target instance object, cause and relevant message\n * Configuration version\n", + "description": "Returns a publication for a NGINX config sync group.", + "operationId": "getConfigSyncGroupPublication", + "responses": { + "200": { + "description": "Successfully retrieved the publication for the specified NGINX config sync group.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ConfigSyncGroupPublication" + } + } + } + }, + "401": { + "description": "Access denied", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX config sync group with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "parameters": [ + { + "$ref": "#/components/parameters/ConfigSyncGroupParamObjectID" + }, + { + "$ref": "#/components/parameters/PublicationParamObjectID" + } + ] + }, + "/control-planes": { + "get": { + "tags": [ + "Control Planes" + ], + "x-feature-flag": "control_planes_m1", + "summary": "List control planes", + "operationId": "listControlPlanes", + "description": "Returns a paginated list of control planes.\n", + "parameters": [ + { + "$ref": "#/components/parameters/Paginated" + }, + { + "$ref": "#/components/parameters/Limit" + }, + { + "$ref": "#/components/parameters/Offset" + }, + { + "$ref": "#/components/parameters/SortDirection" + }, + { + "$ref": "#/components/parameters/SortNameControlPlanes" + }, + { + "$ref": "#/components/parameters/FilterOperands" + }, + { + "$ref": "#/components/parameters/FilterValues" + }, + { + "$ref": "#/components/parameters/FilterFieldControlPlanes" + } + ], + "responses": { + "200": { + "description": "Successfully retrieved the list of control planes.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ControlPlaneListResponse" + } + } + } + }, + "401": { + "$ref": "#/components/responses/Unauthorized" + }, + "500": { + "$ref": "#/components/responses/InternalServerErr" + } + } + } + }, + "/control-planes/{controlPlaneObjectID}": { + "delete": { + "x-nginx-one-action": "delete", + "x-nginx-one-entity": "Control Plane", + "tags": [ + "Control Planes" + ], + "summary": "Delete a control plane", + "description": "Delete a control plane from the NGINX One Console. You can delete a control plane, only if it contains no NGINX instances.\n", + "operationId": "deleteControlPlane", + "responses": { + "204": { + "description": "Successfully deleted the control plane" + }, + "401": { + "$ref": "#/components/responses/Unauthorized" + }, + "404": { + "$ref": "#/components/responses/NotFound" + }, + "500": { + "$ref": "#/components/responses/InternalServerErr" + } + } + }, + "get": { + "tags": [ + "Control Planes" + ], + "summary": "Retrieve a control plane", + "description": "Retrieve the details for a control plane, including:\n* Object ID\n* Product name and version\n* Cluster UUID\n* Kubernetes namespace\n* Deployment UUID\n* Data plane key\n* Certificate summary referenced by control plane instances\n* Instance status summary\n", + "operationId": "getControlPlane", + "responses": { + "200": { + "description": "Successfully retrieved the details of the control plane.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ControlPlaneDetails" + } + } + } + }, + "401": { + "$ref": "#/components/responses/Unauthorized" + }, + "404": { + "$ref": "#/components/responses/NotFound" + }, + "500": { + "$ref": "#/components/responses/InternalServerErr" + } + } + }, + "parameters": [ + { + "$ref": "#/components/parameters/ControlPlaneParamObjectID" + } + ], + "x-feature-flag": "control_planes_m1" + }, + "/control-planes/summary": { + "get": { + "tags": [ + "Control Planes" + ], + "summary": "Retrieve a summary for all Control Planes.", + "description": "Retrieves details for all control planes, including:\n * Number of control planes for each product name/version\n", + "operationId": "getControlPlaneSummary", + "responses": { + "200": { + "description": "Successfully retrieved the summary of control planes.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ControlPlaneSummary" + } + } + } + }, + "401": { + "$ref": "#/components/responses/Unauthorized" + }, + "500": { + "$ref": "#/components/responses/InternalServerErr" + } + } + }, + "x-feature-flag": "control_planes_m1" + }, + "/cves": { + "get": { + "tags": [ + "CVEs" + ], + "summary": "List of all CVEs affecting the instances", + "operationId": "listNginxCVEs", + "description": "Returns a list of all CVEs that affect at least one instance under the tenant\n", + "parameters": [ + { + "$ref": "#/components/parameters/Paginated" + }, + { + "$ref": "#/components/parameters/Limit" + }, + { + "$ref": "#/components/parameters/Offset" + }, + { + "$ref": "#/components/parameters/SortDirection" + }, + { + "$ref": "#/components/parameters/SortNameCVEs" + } + ], + "responses": { + "200": { + "description": "Successfully retrieved the list of CVEs.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/CVEListResponse" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/cves/{nginxCVEID}": { + "get": { + "tags": [ + "CVEs" + ], + "summary": "Retrieve NGINX CVE details", + "operationId": "GetNginxCVEDetails", + "description": "Retrieve CVE details\n", + "parameters": [ + { + "$ref": "#/components/parameters/NginxCVEParamID" + } + ], + "responses": { + "200": { + "description": "Successfully retrieved NGINX CVE details.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NginxCVEDetailsResponse" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "CVE with the specified nginxCVEID was not found. Check that the nginxCVEID provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/cves/{nginxCVEID}/impacted_instances": { + "get": { + "tags": [ + "CVEs" + ], + "summary": "Retrieve the instances impacted by a CVE", + "description": "Retrieves a list of the instances impacted by a security advisory.", + "operationId": "listCVEImpactedInstances", + "parameters": [ + { + "$ref": "#/components/parameters/Paginated" + }, + { + "$ref": "#/components/parameters/Limit" + }, + { + "$ref": "#/components/parameters/Offset" + }, + { + "$ref": "#/components/parameters/SortDirection" + }, + { + "$ref": "#/components/parameters/SortNameCVEImpactedInstances" + }, + { + "$ref": "#/components/parameters/NginxCVEParamID" + } + ], + "responses": { + "200": { + "description": "Successfully retrieved the list of instances affected by the CVE.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/CVEImpactedInstancesListResponse" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The CVE with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing CVE.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/events": { + "get": { + "tags": [ + "Events" + ], + "summary": "Retrieve system events.", + "description": "Retrieves a list of the system events.", + "operationId": "listEvents", + "parameters": [ + { + "$ref": "#/components/parameters/Paginated" + }, + { + "$ref": "#/components/parameters/Limit" + }, + { + "$ref": "#/components/parameters/Offset" + }, + { + "$ref": "#/components/parameters/FilterFieldEvents" + }, + { + "$ref": "#/components/parameters/FilterOperands" + }, + { + "$ref": "#/components/parameters/FilterValues" + } + ], + "responses": { + "200": { + "description": "Successfully retrieved the list of events.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/EventsListResponse" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/events/{eventObjectID}": { + "get": { + "tags": [ + "Events" + ], + "operationId": "getEvent", + "summary": "Retrieve specific event.", + "description": "Retrieve a specific event using the event object_id.", + "parameters": [ + { + "$ref": "#/components/parameters/EventParamObjectID" + } + ], + "responses": { + "200": { + "description": "Successfully retrieved the details of the event.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Event" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The Event with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/instances": { + "get": { + "tags": [ + "Instances" + ], + "summary": "List all instances", + "operationId": "listInstances", + "description": "Returns a list of all NGINX instances, providing details such as:\n * Unique identifiers for each instance\n * Timestamps for key actions (like registration and last report)\n * Information about the NGINX build\n * Version of the NGINX Agent\n", + "parameters": [ + { + "$ref": "#/components/parameters/Paginated" + }, + { + "$ref": "#/components/parameters/Limit" + }, + { + "$ref": "#/components/parameters/Offset" + }, + { + "$ref": "#/components/parameters/FilterFieldInstances" + }, + { + "$ref": "#/components/parameters/FilterOperands" + }, + { + "$ref": "#/components/parameters/FilterValues" + }, + { + "$ref": "#/components/parameters/SortDirection" + }, + { + "$ref": "#/components/parameters/SortNameInstances" + } + ], + "responses": { + "200": { + "description": "Successfully retrieved the list of instances.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/InstanceListResponse" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "patch": { + "x-nginx-one-action": "bulk", + "x-nginx-one-entity": "NGINX instance", + "tags": [ + "Instances" + ], + "summary": "Bulk operation on multiple instances", + "operationId": "BulkInstances", + "description": "Performs bulk operation on one or more NGINX instances, only delete is supported.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/InstanceBulkRequest" + } + } + } + }, + "responses": { + "200": { + "description": "Batch request completed.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/InstanceBulkResponse" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/instances/{instanceObjectID}": { + "delete": { + "tags": [ + "Instances" + ], + "x-nginx-one-action": "delete", + "x-nginx-one-entity": "NGINX instance", + "summary": "Delete an instance", + "description": "Deletes an NGINX instance. Associations with certificates will be cleaned up.\n", + "operationId": "deleteInstance", + "parameters": [ + { + "$ref": "#/components/parameters/InstanceParamObjectID" + } + ], + "responses": { + "204": { + "description": "Successfully deleted the NGINX instance." + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX instance with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "get": { + "tags": [ + "Instances" + ], + "summary": "Retrieve an instance", + "description": "Retrieves the details for an NGINX instance, including\n* Hostname\n* System status\n* Timestamps of key actions (registration, last reported, etc.)\n* NGINX build information\n* Certificate data\n* Operating system version\n* NGINX Agent version\n* Config Sync Group membership details\n* Control plane object ID, name, product and version\n", + "operationId": "getInstance", + "parameters": [ + { + "$ref": "#/components/parameters/InstanceParamObjectID" + } + ], + "responses": { + "200": { + "description": "Successfully retrieved the details of the NGINX instance.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/InstanceDetails" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX instance with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/instances/{instanceObjectID}/config": { + "get": { + "tags": [ + "Instances" + ], + "summary": "Retrieve an instance's configuration details", + "description": "Returns the configuration details for an NGINX instance, including: \n* Main configuration path\n* Details about configuration files\n* Details about auxiliary files\n* Details about deployed payloads of managed SSL certificates and keys\n* Unique identifiers\n", + "operationId": "getInstanceConfig", + "responses": { + "200": { + "description": "Successfully retrieved the configuration details for the specified NGINX instance.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NginxConfig" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX instance with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "parameters": [ + { + "$ref": "#/components/parameters/InstanceParamObjectID" + } + ], + "patch": { + "tags": [ + "Instances" + ], + "x-nginx-one-action": "update", + "x-nginx-one-entity": "NGINX instance configuration", + "summary": "Apply partial updates to an instance's configuration", + "description": "Applies the specified partial updates to an existing NGINX configuration. \nThis endpoint accepts additive updates to `NginxConfig`. \nTo delete files, omit the `file.contents` field. \nThis method compares the provided config_version with the current NGINX instance configuration to detect conflicts, which may arise if the config_version does not match due to an out-of-band update. \nBefore publishing, use the `PATCH /instances/{instanceObjectID}/config-report` endpoint to generate an analysis report for the modified configuration.\n", + "operationId": "publishInstanceConfigWithModify", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NginxConfigRequest" + } + } + } + }, + "responses": { + "202": { + "description": "The request to publish the configuration has been accepted and is being processed. To check the publication status, make a GET request to /instances/{instanceObjectID}/publications.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/PublicationInstance" + } + } + } + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX instance with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "put": { + "tags": [ + "Instances" + ], + "x-nginx-one-action": "create", + "x-nginx-one-entity": "NGINX instance configuration", + "summary": "Publish a configuration to an instance", + "description": "Publishes a new or updated NGINX configuration to the specified instance.\nIn the specified `configs`, empty files are not allowed in the directory.\nIf no existing configuration is found, a new one is created; otherwise, the current configuration is overwritten. \nBefore publishing, use the `PUT /instances/{instanceObjectID}/config-report` endpoint to generate an analysis report for the provided configuration.\nYou can specify `payloads` in the request to deploy managed certificates and keys to the dataplane. Include file paths\nfor each payload component.\n", + "operationId": "publishInstanceConfig", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NginxConfigRequest" + } + } + } + }, + "responses": { + "202": { + "description": "The request to publish the configuration has been accepted and is being processed. To check the publication status, make a GET request to /instances/{instanceObjectID}/publications.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/PublicationInstance" + } + } + } + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX instance with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/instances/{instanceObjectID}/config-report": { + "get": { + "tags": [ + "Instances" + ], + "summary": "Retrieve an analysis report for an instance's configuration", + "description": "Analyzes the configuration of an NGINX instance and returns a detailed report.\nThe report includes insights, identified issues, and recommendations for optimizing and troubleshooting.\n", + "operationId": "getInstanceConfigReport", + "responses": { + "200": { + "description": "Successfully retrieved the NGINX configuration analysis for the specified instance.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NginxConfigReports" + } + } + } + }, + "204": { + "description": "The requested instance exists, but analysis of the NGINX configuration is not yet completed. Please retry the request at a later time to retrieve the report." + }, + "404": { + "description": "The NGINX instance with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "parameters": [ + { + "$ref": "#/components/parameters/InstanceParamObjectID" + } + ], + "patch": { + "tags": [ + "Instances" + ], + "x-nginx-one-action": "analyze", + "x-nginx-one-entity": "NGINX instance configuration", + "summary": "Generate an analysis report for the provided modified configuration", + "description": "Analyzes the provided partial updates to an existing NGINX configuration and generates a report detailing potential issues along with optimization suggestions. \nThis analysis accounts for additive updates made to `NginxConfig`. To delete files, omit the `file.contents` field. \nThis method compares the provided `config_version` with the current NGINX instance configuration to detect conflicts, which may arise if the `config_version` does not match due to an out-of-band update. \nNote that this operation is for analysis purposes only and does not apply any changes to the configuration. \nThe report is not stored and is provided only in the API response.\nTo publish the configuration, use the `PATCH /instances/{instanceObjectID}/config` endpoint.\n", + "operationId": "analyzeInstanceConfigWithModify", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NginxConfigRequest" + } + } + } + }, + "responses": { + "200": { + "description": "Successfully analyzed the provided NGINX configuration.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NginxConfigReports" + } + } + } + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX instance with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "put": { + "tags": [ + "Instances" + ], + "x-nginx-one-action": "analyze", + "x-nginx-one-entity": "NGINX instance configuration", + "summary": "Generate an analysis report for the provided configuration", + "description": "Returns an analysis report for the provided NGINX configuration. This report includes insights, identified issues, and recommendations for optimizing and troubleshooting. Note that this operation is for analysis purposes only and does not apply any changes to the configuration. The report is not stored and is provided only in the API response. To publish the configuration, use the `PUT /instances/{instanceObjectID}/config` endpoint.", + "operationId": "analyzeInstanceConfig", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NginxConfigRequest" + } + } + } + }, + "responses": { + "200": { + "description": "Successfully analyzed the provided NGINX configuration.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NginxConfigReports" + } + } + } + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX instance with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/instances/{instanceObjectID}/configs": { + "get": { + "tags": [ + "Instances" + ], + "summary": "Retrieves the stored NGINX configurations for an instance", + "description": "Returns a list of all configurations for a NGINX instance. Only the last 10 are kept on the NGINX One Console for a NGINX instance.", + "operationId": "listInstanceConfigurations", + "responses": { + "200": { + "description": "Successfully retrieved the list of NGINX configurations for the specified NGINX instance.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/NginxConfigMeta" + } + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX instance with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "parameters": [ + { + "$ref": "#/components/parameters/InstanceParamObjectID" + } + ] + }, + "/instances/{instanceObjectID}/configs/{instanceConfigurationObjectID}": { + "get": { + "tags": [ + "Instances" + ], + "summary": "Retrieve an instance's configuration details", + "description": "Returns the configuration details for an NGINX instance, including: \n* Main configuration path\n* Details about configuration files\n* Details about auxiliary files\n* Unique identifiers\n", + "operationId": "getInstanceConfigWithObjectID", + "responses": { + "200": { + "description": "Successfully retrieved the configuration details for the specified NGINX instance and NGINX configuration.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NginxConfig" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX instance or NGINX configuration with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "parameters": [ + { + "$ref": "#/components/parameters/InstanceParamObjectID" + }, + { + "$ref": "#/components/parameters/InstanceConfigurationParamObjectID" + } + ] + }, + "/instances/{instanceObjectID}/cves": { + "get": { + "tags": [ + "Instances" + ], + "summary": "Retrieve an instance's security advisories (CVEs)", + "description": "Retrieves a list of the security advisories (CVEs) for an NGINX instance.", + "operationId": "listInstanceSecurityAdvisories", + "parameters": [ + { + "$ref": "#/components/parameters/InstanceParamObjectID" + } + ], + "responses": { + "200": { + "description": "Successfully retrieved the list of security advisories (CVEs).", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/NginxSecurityAdvisory" + } + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX instance with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/instances/{instanceObjectID}/publications": { + "get": { + "tags": [ + "Instances" + ], + "summary": "Retrieve the publications for an instance", + "description": "Returns a list of all publications for a NGINX instance.", + "operationId": "listInstancePublications", + "parameters": [ + { + "$ref": "#/components/parameters/InstanceParamObjectID" + } + ], + "responses": { + "200": { + "description": "Successfully retrieved the list of all publications for the specified NGINX instance.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/PublicationInstance" + } + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/instances/{instanceObjectID}/publications/{publicationObjectID}": { + "get": { + "tags": [ + "Instances" + ], + "summary": "Retrieve a publication for an NGINX instance.", + "description": "Returns a specific publication for an NGINX instance. Only 5 previous entries of Publication are kept for each NGINX instance.", + "operationId": "getInstancePublication", + "parameters": [ + { + "$ref": "#/components/parameters/InstanceParamObjectID" + }, + { + "$ref": "#/components/parameters/PublicationParamObjectID" + } + ], + "responses": { + "200": { + "description": "Successfully retrieved the specific Publication for the specified NGINX instance.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/PublicationInstance" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX instance or Publication with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/instances/summary": { + "get": { + "tags": [ + "Instances" + ], + "summary": "Retrieve a summary for all instances", + "description": "Retrieves a comprehensive summary for all NGINX instances, which includes details such as:\n * Certificate status and associations\n * Operating system details\n * Version of the NGINX Agent\n * Overall system status\n", + "operationId": "listSummary", + "responses": { + "200": { + "description": "Successfully retrieved the summary of NGINX instances.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/InstanceSummary" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/staged-configs": { + "get": { + "x-feature-flag": "staged-configs", + "tags": [ + "Staged Configs" + ], + "summary": "List all staged configs", + "operationId": "listStagedConfigs", + "description": "Returns a list of all NGINX staged configs, providing details such as:\n * Name and object_id of staged config\n * Created and modified timestamps\n", + "parameters": [ + { + "$ref": "#/components/parameters/Paginated" + }, + { + "$ref": "#/components/parameters/Limit" + }, + { + "$ref": "#/components/parameters/Offset" + }, + { + "$ref": "#/components/parameters/FilterFieldStagedConfigs" + }, + { + "$ref": "#/components/parameters/FilterOperands" + }, + { + "$ref": "#/components/parameters/FilterValues" + }, + { + "$ref": "#/components/parameters/SortDirection" + }, + { + "$ref": "#/components/parameters/SortNameStagedConfigs" + } + ], + "responses": { + "200": { + "description": "Successfully retrieved the list of NGINX staged configs.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/StagedConfigListResponse" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "post": { + "x-feature-flag": "staged-configs", + "x-nginx-one-action": "create", + "x-nginx-one-entity": "NGINX staged configs", + "tags": [ + "Staged Configs" + ], + "summary": "Create an NGINX staged config", + "operationId": "createStagedConfig", + "description": "Create NGINX staged config with a unique ID to identify it within the tenant namespace.\n", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/StagedConfigCreateRequest" + } + } + } + }, + "responses": { + "200": { + "description": "Successfully created NGINX staged configs", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/StagedConfigCreateResponse" + } + } + } + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "401": { + "description": "Access denied", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/staged-configs/{stagedConfigObjectID}": { + "delete": { + "x-feature-flag": "staged-configs", + "x-nginx-one-action": "delete", + "x-nginx-one-entity": "NGINX staged config", + "tags": [ + "Staged Configs" + ], + "summary": "Delete an NGINX staged config", + "description": "Delete a NGINX staged config from the NGINX One console.\n", + "operationId": "deleteStagedConfig", + "responses": { + "204": { + "description": "Successfully deleted the NGINX staged configs" + }, + "401": { + "description": "Access denied", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX staged config with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "get": { + "x-feature-flag": "staged-configs", + "tags": [ + "Staged Configs" + ], + "summary": "Retrieve an NGINX staged config meta", + "description": "Retrieve the meta details for an NGINX staged config.\n", + "operationId": "getStagedConfigMeta", + "responses": { + "200": { + "description": "Successfully retrieved the details of the NGINX staged config meta.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/StagedConfigMeta" + } + } + } + }, + "401": { + "description": "Access denied", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX staged config with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "parameters": [ + { + "$ref": "#/components/parameters/StagedConfigParamObjectID" + } + ] + }, + "/staged-configs/{stagedConfigObjectID}/config": { + "get": { + "tags": [ + "Staged Configs" + ], + "x-feature-flag": "staged-configs", + "summary": "Retrieve an NGINX staged config", + "description": "Retrieve the details for an NGINX staged config.\n", + "operationId": "getStagedConfig", + "responses": { + "200": { + "description": "Successfully retrieved the details of the NGINX staged config.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/StagedConfigResponse" + } + } + } + }, + "401": { + "description": "Access denied", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX staged config with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "parameters": [ + { + "$ref": "#/components/parameters/StagedConfigParamObjectID" + } + ], + "patch": { + "tags": [ + "Staged Configs" + ], + "x-feature-flag": "staged-configs", + "x-nginx-one-action": "update", + "x-nginx-one-entity": "NGINX staged config", + "summary": "Apply partial updates to staged config", + "description": "Applies the specified partial updates to an existing NGINX staged config Details:\n * This endpoint accepts additive updates to `NginxConfig`. Base `nginx.conf` file must always be provided along with additives.\n * To delete files, omit the `file.contents` field.\n * `config_version` is used to ensure the requested patch is applied against the same version.\n", + "operationId": "patchStagedConfig", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/StagedConfigChangeRequest" + } + } + } + }, + "responses": { + "200": { + "description": "Successfully stored the NGINX staged configuration.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/StagedConfigMeta" + } + } + } + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "401": { + "description": "Access denied", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX staged config with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "409": { + "description": "NGINX config version mismatch. Provided config_version does not match recent config_version for the NGINX staged config, possible conflict.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "put": { + "tags": [ + "Staged Configs" + ], + "x-feature-flag": "staged-configs", + "x-nginx-one-action": "create", + "x-nginx-one-entity": "NGINX staged config", + "summary": "Replace existing state", + "description": "Completely replaces existing staged config with payload of new request.\n", + "operationId": "replaceStagedConfig", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/StagedConfigUpdateRequest" + } + } + } + }, + "responses": { + "200": { + "description": "Successfully updated the NGINX configuration.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/StagedConfigMeta" + } + } + } + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "401": { + "description": "Access denied", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX staged config with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/staged-configs/{stagedConfigObjectID}/config-report": { + "get": { + "tags": [ + "Staged Configs" + ], + "x-feature-flag": "staged-configs", + "summary": "Retrieve an analysis report for the NGINX staged config", + "description": "Analyzes the NGINX staged config and returns a detailed report.\nThe report includes insights, identified issues, and recommendations for optimizing and troubleshooting.\n", + "operationId": "getStagedConfigReport", + "responses": { + "200": { + "description": "Successfully retrieved the NGINX configuration analysis for the specified staged config.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NginxConfigReports" + } + } + } + }, + "204": { + "description": "The requested staged config exists, but analysis of the NGINX configuration is not yet completed. Please retry the request at a later time to retrieve the report." + }, + "404": { + "description": "The NGINX staged config with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "parameters": [ + { + "$ref": "#/components/parameters/StagedConfigParamObjectID" + } + ], + "patch": { + "x-feature-flag": "staged-configs", + "x-nginx-one-action": "analyze", + "x-nginx-one-entity": "NGINX staged configuration", + "tags": [ + "Staged Configs" + ], + "summary": "Generate an analysis report for the modified NGINX staged config", + "description": "Analyzes the provided partial updates merging with an existing configuration of an NGINX config sync group. Generates a report detailing potential issues along with optimization suggestions. \nThis analysis accounts for additive updates made to NGINX configuration. To delete files, omit the `file.contents` field. \nNote that this operation is for analysis purposes only and does not apply any changes to the configuration. \nThe report is not stored and is provided only in the API response.\nTo publish the configuration, use the `PATCH /staged-configs/{stagedConfigObjectID}/config` endpoint.\n", + "operationId": "analyzeStagedConfigPatch", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NginxConfigRequest" + } + } + } + }, + "responses": { + "200": { + "description": "Successfully analyzed the provided NGINX configuration", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NginxConfigReports" + } + } + } + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "401": { + "description": "Access denied", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX staged config with the specified object_id was not found. Check that the object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/monitor/metrics_query_topx": { + "post": { + "tags": [ + "Metrics" + ], + "summary": "Retrieve system metrics for instances with series limit", + "operationId": "queryMetricsInputTopX", + "description": "Returns (up to 10,000) system metrics for NGINX instances with series limit based on query parameters.\n\nYou can filter metrics by name and timestamp, aggregate metrics over a configurable period of time, and group metrics by dimension.\n", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/MetricTopXQueryRequest" + }, + "example": { + "start_time": "now-1h", + "end_time": "now", + "resolution": "1m", + "metrics": [ + { + "aggregate": "sum", + "name": "nginx.http.request.count" + } + ], + "series_limit": 1, + "group_series_by": "instance_object_id" + } + } + } + }, + "responses": { + "200": { + "description": "Successfully retrieved system metrics.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/MetricQueryResultEx" + } + } + } + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The requested metric resource was not found. Check that the resource name provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/settings/instance-cleanup": { + "get": { + "tags": [ + "Settings" + ], + "summary": "Retrieve settings", + "description": "Retrieves settings for NGINX Instance cleanup\n", + "operationId": "getSettingInstanceCleanup", + "responses": { + "200": { + "description": "Successfully retrieved the setting for NGINX Instance cleanup.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/SettingsInstanceCleanup" + } + } + } + }, + "400": { + "$ref": "#/components/responses/InvalidRequest" + }, + "500": { + "$ref": "#/components/responses/InternalServerErr" + } + } + }, + "put": { + "x-nginx-one-action": "update", + "x-nginx-one-entity": "NGINX Instance Cleanup Setting", + "tags": [ + "Settings" + ], + "summary": "Update settings", + "description": "Update settings for NGINX Instance cleanup\n", + "operationId": "updateSettingInstanceCleanup", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/SettingsInstanceCleanup" + } + } + } + }, + "responses": { + "200": { + "description": "Successfully updated settings for NGINX Instance cleanup.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/SettingsInstanceCleanup" + } + } + } + }, + "500": { + "$ref": "#/components/responses/InternalServerErr" + } + } + } + }, + "/app-protect/policies": { + "get": { + "x-feature-flag": "nap-waf", + "tags": [ + "NGINX App Protect" + ], + "summary": "List NGINX App Protect policies", + "description": "Returns a list of NGINX App Protect policies along with deployment details.", + "operationId": "listNapPolicies", + "parameters": [ + { + "$ref": "#/components/parameters/Paginated" + }, + { + "$ref": "#/components/parameters/Limit" + }, + { + "$ref": "#/components/parameters/Offset" + }, + { + "$ref": "#/components/parameters/SortDirection" + }, + { + "$ref": "#/components/parameters/SortNameNapPolicies" + }, + { + "$ref": "#/components/parameters/FilterOperands" + }, + { + "$ref": "#/components/parameters/FilterValues" + }, + { + "$ref": "#/components/parameters/FilterFieldNapPolicy" + } + ], + "responses": { + "200": { + "description": "Successfully returned NGINX App Protect policies.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NapPolicyListResponse" + } + } + } + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "patch": { + "x-nginx-one-action": "bulk", + "x-nginx-one-entity": "NGINX Nap Policies", + "x-feature-flag": "nap-waf", + "tags": [ + "NGINX App Protect" + ], + "summary": "Bulk operation on multiple Nap policy", + "operationId": "bulkNAPPolicy", + "description": "Performs bulk operation on one or more Nap policy, only delete is supported.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NapPolicyBulkRequest" + } + } + } + }, + "responses": { + "200": { + "description": "Batch request completed.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NapBulkResponse" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "post": { + "x-feature-flag": "nap-waf", + "tags": [ + "NGINX App Protect" + ], + "summary": "Create NGINX App Protect policy", + "description": "Creates NGINX App Protect policy.", + "operationId": "createNapPolicy", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NapPolicy" + } + } + } + }, + "responses": { + "201": { + "description": "Successfully created NGINX App Protect policy.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NapPolicyMetadata" + } + } + } + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/app-protect/policies/{nap_policy_object_id}": { + "delete": { + "x-feature-flag": "nap-waf", + "tags": [ + "NGINX App Protect" + ], + "summary": "Delete NGINX App Protect policy", + "description": "Deletes NGINX App Protect policy.", + "operationId": "deleteNapPolicy", + "parameters": [ + { + "$ref": "#/components/parameters/NapPolicyParamObjectID" + } + ], + "responses": { + "204": { + "description": "Successfully deleted NGINX App Protect policy." + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX App Protect policy with the specified nap_policy_object_id was not found. Check that the nap_policy_object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "get": { + "x-feature-flag": "nap-waf", + "tags": [ + "NGINX App Protect" + ], + "summary": "Get NGINX App Protect policy details", + "description": "Returns NGINX App Protect policy summary.", + "operationId": "getNapPolicy", + "parameters": [ + { + "$ref": "#/components/parameters/NapPolicyParamObjectID" + } + ], + "responses": { + "200": { + "description": "Successfully returned NGINX App Protect policy details.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NapPolicyObject" + } + } + } + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX App Protect policy with the specified nap_policy_object_id was not found. Check that the nap_policy_object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "put": { + "x-feature-flag": "nap-waf", + "tags": [ + "NGINX App Protect" + ], + "summary": "Update NGINX App Protect policy details", + "description": "Update NGINX App Protect policy details.", + "operationId": "updateNapPolicy", + "parameters": [ + { + "$ref": "#/components/parameters/NapPolicyParamObjectID" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NapPolicy" + } + } + } + }, + "responses": { + "201": { + "description": "Successfully created an NGINX App Protect policy version.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NapPolicyMetadata" + } + } + } + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX App Protect policy with the specified nap_policy_object_id was not found. Check that the nap_policy_object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/app-protect/policies/{nap_policy_object_id}/deployments": { + "get": { + "x-feature-flag": "nap-waf", + "tags": [ + "NGINX App Protect" + ], + "summary": "List NGINX App Protect deployments", + "description": "Returns NGINX App Protect deployments, providing details such as:\n * Target of the deployment\n * Time of deployment\n * Enforcement mode\n * Policy version\n * Threat campaign\n * Attack signature\n * Bot signature\n", + "operationId": "listNapPolicyDeployments", + "parameters": [ + { + "$ref": "#/components/parameters/NapPolicyParamObjectID" + }, + { + "$ref": "#/components/parameters/Paginated" + }, + { + "$ref": "#/components/parameters/Limit" + }, + { + "$ref": "#/components/parameters/Offset" + }, + { + "$ref": "#/components/parameters/SortDirection" + }, + { + "$ref": "#/components/parameters/SortNameNapPolicyDeployments" + }, + { + "$ref": "#/components/parameters/FilterOperands" + }, + { + "$ref": "#/components/parameters/FilterValues" + }, + { + "$ref": "#/components/parameters/FilterFieldNapPolicyDeployment" + } + ], + "responses": { + "200": { + "description": "Successfully returned NGINX App Protect deployments.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NapPolicyDeploymentsListResponse" + } + } + } + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX App Protect policy with the specified nap_policy_object_id was not found. Check that the nap_policy_object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/app-protect/policies/{nap_policy_object_id}/version": { + "get": { + "x-feature-flag": "nap-waf", + "tags": [ + "NGINX App Protect" + ], + "summary": "Get the latest NGINX App Protect policy version details", + "description": "Returns the latest NGINX App Protect policy version details.", + "operationId": "getLatestNapPolicyVersion", + "parameters": [ + { + "$ref": "#/components/parameters/NapPolicyParamObjectID" + } + ], + "responses": { + "200": { + "description": "Successfully returned NGINX App Protect policy version details.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NapPolicyVersionDetails" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX App Protect policy version with the specified nap_policy_object_id was not found. Check that the nap_policy_object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/app-protect/policies/{nap_policy_object_id}/versions": { + "get": { + "x-feature-flag": "nap-waf", + "tags": [ + "NGINX App Protect" + ], + "summary": "List NGINX App Protect policy versions", + "description": "Returns NGINX App Protect policy versions.", + "operationId": "listNapPolicyVersions", + "parameters": [ + { + "$ref": "#/components/parameters/NapPolicyParamObjectID" + }, + { + "$ref": "#/components/parameters/Paginated" + }, + { + "$ref": "#/components/parameters/Limit" + }, + { + "$ref": "#/components/parameters/Offset" + }, + { + "$ref": "#/components/parameters/SortDirection" + }, + { + "$ref": "#/components/parameters/SortNameNapPolicyVersions" + }, + { + "$ref": "#/components/parameters/FilterOperands" + }, + { + "$ref": "#/components/parameters/FilterValues" + }, + { + "$ref": "#/components/parameters/FilterFieldNapPolicyVersion" + } + ], + "responses": { + "200": { + "description": "Successfully returned the NGINX App Protect policy versions.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NapPolicyVersionsListResponse" + } + } + } + }, + "400": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX App Protect policy with the specified nap_policy_object_id was not found. Check that the nap_policy_object_id provided is correct and corresponds to an existing resource.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + }, + "/app-protect/policies/{nap_policy_object_id}/versions/{nap_policy_version_object_id}": { + "delete": { + "x-feature-flag": "nap-waf", + "tags": [ + "NGINX App Protect" + ], + "summary": "Delete NGINX App Protect policy version", + "description": "Deletes the NGINX App Protect policy version.", + "operationId": "deleteNapPolicyVersion", + "parameters": [ + { + "$ref": "#/components/parameters/NapPolicyParamObjectID" + }, + { + "$ref": "#/components/parameters/NapPolicyVersionParamObjectID" + } + ], + "responses": { + "204": { + "description": "Successfully deleted the NGINX App Protect policy version." + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX App Protect policy version with the specified nap_policy_version_object_id and nap_policy_version_object_id was not found. Check that the object IDs provided are correct and corresponds to existing resources.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + }, + "get": { + "x-feature-flag": "nap-waf", + "tags": [ + "NGINX App Protect" + ], + "summary": "Get the specified NGINX App Protect policy version details", + "description": "Returns the specified NGINX App Protect policy version details.", + "operationId": "getNapPolicyVersion", + "parameters": [ + { + "$ref": "#/components/parameters/NapPolicyParamObjectID" + }, + { + "$ref": "#/components/parameters/NapPolicyVersionParamObjectID" + } + ], + "responses": { + "200": { + "description": "Successfully returned NGINX App Protect policy version details.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/NapPolicyVersionDetails" + } + } + } + }, + "401": { + "description": "Access denied.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "404": { + "description": "The NGINX App Protect policy version with the specified nap_policy_version_object_id and nap_policy_version_object_id was not found. Check that the object IDs provided are correct and corresponds to existing resources.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "500": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + } + } + } + }, + "components": { + "parameters": { + "Paginated": { + "name": "paginated", + "in": "query", + "schema": { + "type": "boolean", + "default": true + }, + "description": "A boolean indicating if the results should be presented as a paginated list. Defaults to `true`. \nWhen set to `false` a maximum of 3000 results are returned.\n", + "required": false + }, + "Limit": { + "name": "limit", + "in": "query", + "schema": { + "type": "integer", + "minimum": 0 + }, + "description": "An integer that specifies the maximum number of items to be returned. \nSetting this to `0` will result in no items being returned, but a total count will still be provided. \nThis parameter is not applicable if `paginated` is `false`.\n", + "required": false + }, + "Offset": { + "name": "offset", + "in": "query", + "schema": { + "type": "integer", + "minimum": 1 + }, + "description": "An integer that specifies the starting position of the results, starting at `1`.\nThis parameter is not applicable if `paginated` is `false`.\n" + }, + "FilterFieldDataPlaneKeys": { + "name": "filter_fields", + "in": "query", + "description": "Filter options for data plane keys; used in conjunction with other filter parameters having the same array length.\n\nWhen filtering on `status`, only the following `filter_values` are supported:\n * revoked\n * expired\n * valid\n", + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/FilterNameDataPlaneKeys" + } + } + }, + "FilterOperands": { + "name": "filter_ops", + "in": "query", + "description": "An array of strings defining the operands for filtering, to be used in conjunction with `filter_fields` and `filter_values`. \nAll filter parameters must have matching array lengths. Currently, the only supported operand is `\"IN\"`.\n", + "schema": { + "$ref": "#/components/schemas/FilterOperands" + } + }, + "FilterValues": { + "name": "filter_values", + "in": "query", + "description": "An array of strings containing the keywords for filtering. \nMultiple keywords can be chained using the `|` character. \nEnsure this parameter's array length matches those of `filter_fields` and `filter_ops` for effective filtering.\nThe total length of the filter string should not exceed 1024 characters.\n", + "schema": { + "type": "array", + "items": { + "type": "string", + "example": "value1|value2|value3", + "minLength": 1, + "maxLength": 1024 + } + } + }, + "DataPlaneKeyParamObjectID": { + "name": "data_plane_key_id", + "in": "path", + "schema": { + "$ref": "#/components/schemas/DataPlaneKeyObjectID" + }, + "description": "A globally unique identifier for the data plane key.\n", + "required": true + }, + "FilterFieldCertificates": { + "name": "filter_fields", + "in": "query", + "description": "Filter options for certificates; used in conjunction with other filter parameters having the same array length.\n", + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/FilterNameCertificates" + } + } + }, + "SortDirection": { + "name": "sort_dir", + "in": "query", + "description": "Sorting direction for the criteria and the resulting collection returned. Defaults to descending if not specified.\n", + "schema": { + "type": "string", + "enum": [ + "Ascending", + "Descending" + ], + "x-enum-varnames": [ + "ascending", + "descending" + ] + } + }, + "SortNameCertificates": { + "name": "sort_certificates", + "in": "query", + "description": "Sort certificates by enumerate value(s). Ordinal position determines primary, secondary, etc.\n", + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "name", + "subject_name", + "not_before", + "not_after" + ], + "x-enum-varnames": [ + "sort_name_certificates_name", + "sort_name_certificates_subject_name", + "sort_name_certificates_not_before", + "sort_name_certificates_not_after" + ] + } + } + }, + "CertificateParamObjectID": { + "name": "certificateObjectID", + "in": "path", + "schema": { + "$ref": "#/components/schemas/CertificateObjectID" + }, + "description": "A globally unique identifier for the certificate.\n", + "required": true + }, + "DeleteFromDataPlanesParamFlag": { + "name": "deleteFromDataPlanes", + "in": "query", + "schema": { + "type": "boolean" + }, + "description": "Flag indicating whether the certificate should be deleted from its associated data planes.\n" + }, + "FilterFieldCertificateDeployments": { + "name": "filter_fields", + "in": "query", + "description": "Filter options for certificate deployments; used in conjunction with other filter parameters having the same array length.\n", + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/FilterNameCertificateDeployments" + } + } + }, + "SortNameCertificateDeployments": { + "name": "sort_certificate_deployments", + "in": "query", + "description": "Sort certificate deployments by enumerate value(s). Ordinal position determines primary, secondary, etc.\n", + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "name" + ], + "x-enum-varnames": [ + "sort_name_certificate_deployments_name" + ] + } + } + }, + "FilterFieldConfigSyncGroups": { + "name": "filter_fields", + "in": "query", + "description": "An array of strings indicating which fields to filter by (for example, `name`, `config_status`). This parameter works in conjunction with `filter_values` and `filter_ops`.\n", + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/FilterNameConfigSyncGroups" + } + } + }, + "SortNameConfigSyncGroups": { + "name": "sort_config_sync_groups", + "in": "query", + "description": "Sort config sync groups by enumerate value(s). Ordinal position determines primary, secondary, etc.\n", + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "name" + ], + "x-enum-varnames": [ + "sort_name_config_sync_group_name" + ] + } + } + }, + "ConfigSyncGroupParamObjectID": { + "name": "configSyncGroupObjectID", + "in": "path", + "schema": { + "$ref": "#/components/schemas/ConfigSyncGroupObjectID" + }, + "description": "A globally unique identifier for the NGINX config sync group.\n", + "required": true + }, + "ConfigSyncGroupConfigurationParamObjectID": { + "name": "configSyncGroupConfigurationObjectID", + "in": "path", + "schema": { + "$ref": "#/components/schemas/NginxConfigObjectID" + }, + "description": "A globally unique identifier for the NGINX config sync group configuration.\n", + "required": true + }, + "PublicationParamObjectID": { + "name": "publicationObjectID", + "in": "path", + "schema": { + "$ref": "#/components/schemas/PublicationObjectID" + }, + "description": "A globally unique identifier for a Publication.\n", + "required": true + }, + "SortNameControlPlanes": { + "name": "sort_control_planes", + "in": "query", + "description": "Sort control planes by enumerate value(s). Ordinal position determines primary, secondary, etc.\n", + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "name" + ], + "x-enum-varnames": [ + "sort_name_control_plane_name" + ] + } + } + }, + "FilterFieldControlPlanes": { + "name": "filter_fields", + "in": "query", + "description": "An array of strings. Identifies the fields to filter by (for example, `name`, `product`). This parameter works in conjunction with `filter_values` and `filter_ops`.\n", + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/FilterNameControlPlanes" + } + } + }, + "ControlPlaneParamObjectID": { + "name": "controlPlaneObjectID", + "in": "path", + "schema": { + "$ref": "#/components/schemas/ControlPlaneObjectID" + }, + "description": "A globally unique identifier for the control plane.\n", + "required": true + }, + "SortNameCVEs": { + "name": "sort_cves", + "in": "query", + "description": "Sort CVEs by the number of instances affected by that CVE.\n", + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "instance_count", + "severity", + "cve_id", + "published_at" + ], + "x-enum-varnames": [ + "sort_instance_count", + "sort_cve_severity", + "sort_cve_id", + "sort_published_at" + ] + } + } + }, + "NginxCVEParamID": { + "name": "nginxCVEID", + "in": "path", + "schema": { + "type": "string", + "pattern": "^\\d{4}-\\d{4,19}$" + }, + "description": "A globally unique identifier for NGINX CVE.\n", + "required": true + }, + "SortNameCVEImpactedInstances": { + "name": "sort_cve_impacted_instances", + "in": "query", + "description": "Sort the Instances that are affected by a CVE\n", + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "hostname", + "status" + ], + "x-enum-varnames": [ + "sort_name_cve_impacted_instances_hostname", + "sort_name_cve_impacted_instances_status" + ] + } + } + }, + "FilterFieldEvents": { + "name": "filter_fields", + "in": "query", + "description": "An array of strings indicating which fields to filter by (for example, `hostname`, `object_id`). This parameter works in conjunction with `filter_values` and `filter_ops`.\n", + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/FilterNameEvents" + } + } + }, + "EventParamObjectID": { + "name": "eventObjectID", + "in": "path", + "schema": { + "$ref": "#/components/schemas/EventObjectID" + }, + "description": "A globally unique identifier for an event.\n", + "required": true + }, + "FilterFieldInstances": { + "name": "filter_fields", + "in": "query", + "description": "An array of strings indicating which fields to filter by (for example, `hostname`, `nginx_version`). This parameter works in conjunction with `filter_values` and `filter_ops`.\n", + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/FilterNameInstances" + } + } + }, + "SortNameInstances": { + "name": "sort_instances", + "in": "query", + "description": "Sort instances by enumerate value(s). Ordinal position determines primary, secondary, etc.\n", + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "hostname", + "status", + "last_reported" + ], + "x-enum-varnames": [ + "sort_name_instance_hostname", + "sort_name_instance_status", + "sort_name_instance_last_reported" + ] + } + } + }, + "InstanceParamObjectID": { + "name": "instanceObjectID", + "in": "path", + "schema": { + "$ref": "#/components/schemas/InstanceObjectID" + }, + "description": "A globally unique identifier for the NGINX instance.\n", + "required": true + }, + "InstanceConfigurationParamObjectID": { + "name": "instanceConfigurationObjectID", + "in": "path", + "schema": { + "$ref": "#/components/schemas/NginxConfigObjectID" + }, + "description": "A globally unique identifier for the NGINX instance configuration.\n", + "required": true + }, + "FilterFieldStagedConfigs": { + "name": "filter_fields", + "in": "query", + "description": "An array of strings indicating which fields to filter by (for example, `name`). This parameter works in conjunction with `filter_values` and `filter_ops`.\n", + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/FilterStagedConfigs" + } + } + }, + "SortNameStagedConfigs": { + "name": "sort_staged_configs", + "in": "query", + "description": "Sort staged configs by enumerate value(s). Ordinal position determines primary, secondary, etc.\n", + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "name" + ], + "x-enum-varnames": [ + "sort_name_staged_config_name" + ] + } + } + }, + "StagedConfigParamObjectID": { + "name": "stagedConfigObjectID", + "in": "path", + "schema": { + "$ref": "#/components/schemas/StagedConfigObjectID" + }, + "description": "A globally unique identifier for the NGINX staged config.\n", + "required": true + }, + "SortNameNapPolicies": { + "name": "sort_nap_policies", + "in": "query", + "description": "Sort NGINX App Protect policies by enumerate value(s). Ordinal position determines primary, secondary, etc.\n", + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "name", + "deployment_count", + "enforcement_mode", + "last_deployed" + ], + "x-enum-varnames": [ + "sort_name_nap_policies_name", + "sort_name_nap_policies_deployment_count", + "sort_name_nap_policies_enforcement_mode", + "sort_name_nap_policies_last_deployed" + ] + } + } + }, + "FilterFieldNapPolicy": { + "name": "filter_fields", + "in": "query", + "description": "An array of strings indicating which fields to filter by (for example, `name`). This parameter works in conjunction with `filter_values` and `filter_ops`.\n", + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/FilterNameNapPolicy" + } + } + }, + "NapPolicyParamObjectID": { + "name": "nap_policy_object_id", + "in": "path", + "schema": { + "$ref": "#/components/schemas/NapPolicyObjectID" + }, + "description": "A globally unique identifier for the App Protect policy.\n", + "required": true + }, + "SortNameNapPolicyDeployments": { + "name": "sort_nap_deployments", + "in": "query", + "description": "Sort NGINX App Protect deployments by enumerate value(s). Ordinal position determines primary, secondary, etc.\n", + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "name", + "type", + "policy_version", + "status", + "deployed_on", + "threat_campaign_version", + "attack_signature_version", + "bot_signature_version" + ], + "x-enum-varnames": [ + "sort_name_nap_policy_deployments_name", + "sort_name_nap_policy_deployments_type", + "sort_name_nap_policy_deployments_policy_version", + "sort_name_nap_policy_deployments_status", + "sort_name_nap_policy_deployments_deployed_on", + "sort_name_nap_policy_deployments_threat_campaign_version", + "sort_name_nap_policy_deployments_attack_signature_version", + "sort_name_nap_policy_deployments_bot_sigature_version" + ] + } + } + }, + "FilterFieldNapPolicyDeployment": { + "name": "filter_fields", + "in": "query", + "description": "An array of strings indicating which fields to filter by (for example, `name`). This parameter works in conjunction with `filter_values` and `filter_ops`.\n", + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/FilterNameNapPolicyDeployment" + } + } + }, + "SortNameNapPolicyVersions": { + "name": "sort_nap_policy_versions", + "in": "query", + "description": "Sort NGINX App Protect policy versions by enumerate value(s). Ordinal position determines primary, secondary, etc.\n", + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "created_at", + "deployment_status", + "deployment_count", + "enforcement_mode" + ], + "x-enum-varnames": [ + "sort_name_nap_policy_versions_created_at", + "sort_name_nap_policy_versions_deployment_status", + "sort_name_nap_policy_versions_deployment_count", + "sort_name_nap_policy_versions_enforcement_mode" + ] + } + } + }, + "FilterFieldNapPolicyVersion": { + "name": "filter_fields", + "in": "query", + "description": "An array of strings indicating which fields to filter by (for example, `name`). This parameter works in conjunction with `filter_values` and `filter_ops`.\n", + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/FilterNameNapPolicyVersion" + } + } + }, + "NapPolicyVersionParamObjectID": { + "name": "nap_policy_version_object_id", + "in": "path", + "schema": { + "$ref": "#/components/schemas/NapPolicyVersionObjectID" + }, + "description": "A globally unique identifier for the App Protect policy version.\n", + "required": true + } + }, + "schemas": { + "FilterNameDataPlaneKeys": { + "type": "string", + "description": "Keywords for data plane key filters.\nWhen filtering on `status`, only the following `filter_values` are supported:\n * revoked\n * valid\n", + "enum": [ + "name", + "status", + "object_id" + ], + "x-enum-varnames": [ + "filter_name_data_plane_key_name", + "filter_name_data_plane_key_status", + "filter_name_data_plane_key_object_id" + ] + }, + "FilterOperand": { + "type": "string", + "enum": [ + "IN" + ], + "x-enum-varnames": [ + "filter_operands_in" + ] + }, + "FilterOperands": { + "type": "array", + "items": { + "$ref": "#/components/schemas/FilterOperand" + } + }, + "PaginationResponse": { + "type": "object", + "description": "Outlines pagination details for list responses, including total results, start index, and items per page.", + "required": [ + "total", + "count" + ], + "properties": { + "total": { + "type": "integer", + "description": "The absolute total number of the resource in the NGINX One Console, ignoring any filter(s).\n" + }, + "count": { + "type": "integer", + "description": "The total number of results generated by the list or query operation, accounting for any filter(s).\nThis number can be greater than the number of returned resources when pagination is in effect and a page size limit (or maximum allowed) is reached.\n" + }, + "start_index": { + "type": "integer", + "description": "The first result's starting position in the list. This is disregarded when `paginated=false`.\n" + }, + "items_per_page": { + "type": "integer", + "description": "The number of items to display per page. This is disregarded when `paginated=false`.\n" + } + }, + "example": { + "total": 101, + "count": 1, + "start_index": 1, + "items_per_page": 100 + } + }, + "DataPlaneKeyObjectID": { + "description": "A globally unique identifier for the data plane key.", + "type": "string", + "format": "object_id", + "pattern": "^key_.*", + "x-go-type": "objects.ID", + "x-go-type-import": { + "name": "objects", + "path": "gitlab.com/f5/nginx/one/saas/control-plane/pkg/collections/objects" + } + }, + "DataPlaneKey": { + "type": "object", + "description": "Represents a data plane key with details such as object_id, name, and timestamps.", + "required": [ + "object_id", + "name", + "revoked", + "expires_at", + "created_at", + "modified_at" + ], + "properties": { + "object_id": { + "$ref": "#/components/schemas/DataPlaneKeyObjectID" + }, + "name": { + "description": "The name given to the data plane key.", + "type": "string" + }, + "revoked": { + "description": "Indicates whether the data plane key has been revoked or not.", + "type": "boolean" + }, + "revoked_at": { + "type": "string", + "format": "date-time", + "description": "The date and time when the data plane key was revoked." + }, + "expires_at": { + "type": "string", + "format": "date-time", + "description": "The date and time when the data plane key expires." + }, + "created_at": { + "type": "string", + "format": "date-time", + "description": "The date and time when the data plane key was created." + }, + "modified_at": { + "type": "string", + "format": "date-time", + "description": "The date and time when the data plane key was last modified." + }, + "instances_count": { + "type": "integer", + "description": "The number of registered instances using this data plane key. If field not populated, user should see the key has `unknown` key count" + }, + "control_planes_count": { + "type": "integer", + "description": "The number of observed control planes using this data plane key." + } + } + }, + "DataPlaneKeyListResponse": { + "allOf": [ + { + "$ref": "#/components/schemas/PaginationResponse" + }, + { + "type": "object", + "description": "List of data plane keys.", + "required": [ + "items" + ], + "properties": { + "items": { + "description": "An array of DataPlaneKey objects.", + "type": "array", + "items": { + "$ref": "#/components/schemas/DataPlaneKey" + } + } + } + } + ] + }, + "Error": { + "description": "This object contains details about the errors that are returned when API requests fail.", + "type": "object", + "required": [ + "message", + "request_id", + "timestamp" + ], + "properties": { + "message": { + "description": "The error message describing the problem.", + "type": "string" + }, + "request_id": { + "description": "The unique identifier of the API request that failed.", + "type": "string" + }, + "timestamp": { + "description": "The date and time (in UTC) when the error happened.", + "type": "string" + }, + "detail": { + "description": "Additional information about the error, if available.", + "type": "string" + } + } + }, + "DataPlaneKeyCreateRequest": { + "type": "object", + "description": "Request structure for creating a new data plane key.", + "required": [ + "name" + ], + "properties": { + "name": { + "description": "Give the data plane key a name so you can tell it apart from others.", + "type": "string", + "minLength": 1, + "maxLength": 128 + }, + "expires_at": { + "type": "string", + "format": "date-time", + "description": "Set an expiration date and time for the data plane key in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ. \nIf an expiration date isn't specified, the key will expire one year after it's created. \n\nYou can use the _Update a data plane key_ endpoint to extend the expiration date.\nIt's not possible to update the expiration date once the data plane key has expired.\n" + } + } + }, + "DataPlaneKeyResponse": { + "type": "object", + "description": "Response structure containing details of the created or retrieved data plane key.", + "required": [ + "key", + "object_id", + "expires_at" + ], + "properties": { + "name": { + "description": "The name to be give to the new data plane key.", + "type": "string" + }, + "object_id": { + "$ref": "#/components/schemas/DataPlaneKeyObjectID" + }, + "key": { + "description": "The data plane key value. Save this key somewhere secure as it isn't saved and is shown only once.", + "type": "string" + }, + "expires_at": { + "type": "string", + "format": "date-time", + "description": "The date and time when the data plane key will expire." + } + } + }, + "BulkRequestAction": { + "type": "string", + "default": "modify", + "description": "Bulk action to perform:\n * `create` creates a new object given all required elements.\n * `modify` updates one or more elements of an existing object.\n * `delete` removes the existing object.\n", + "enum": [ + "create", + "modify", + "delete" + ], + "x-enum-varnames": [ + "bulk_action_create", + "bulk_action_modify", + "bulk_action_delete" + ] + }, + "DataPlaneKeyBulkRequestData": { + "type": "object", + "description": "Part of bulk operation on a data plane key, only `delete` is supported.", + "required": [ + "action", + "object_id" + ], + "properties": { + "object_id": { + "$ref": "#/components/schemas/DataPlaneKeyObjectID" + }, + "action": { + "$ref": "#/components/schemas/BulkRequestAction" + } + }, + "example": { + "object_id": "key_-uvR3F2TQGm18jnl7bpaGw", + "action": "delete" + } + }, + "DataPlaneKeyBulkRequest": { + "type": "array", + "items": { + "$ref": "#/components/schemas/DataPlaneKeyBulkRequestData" + }, + "minItems": 1, + "maxItems": 50, + "example": [ + { + "object_id": "key_-uvR3F2TQGm18jnl7bpaGw", + "action": "delete" + }, + { + "object_id": "key_PL0c1XodRemmzVEjiXSsTg", + "action": "delete" + } + ] + }, + "ObjectID": { + "description": "A globally unique identifier.", + "type": "string", + "format": "object_id", + "pattern": "^\\w+_.*", + "x-go-type": "objects.ID", + "x-go-type-import": { + "name": "objects", + "path": "gitlab.com/f5/nginx/one/saas/control-plane/pkg/collections/objects" + } + }, + "BulkRequestObjectStatus": { + "type": "object", + "required": [ + "outcome" + ], + "properties": { + "object_id": { + "$ref": "#/components/schemas/ObjectID" + }, + "name": { + "type": "string", + "description": "this is the user facing name of the object." + }, + "outcome": { + "type": "string", + "description": "This is the outcome that corresponds to the action.\n* deleted - the object deletion was processed, and the object was deleted.\n* accepted - the request was accepted, and will be processed.\n* failed - the request failed, see failure_reason for more details.\n* invalid - the request was invalid, see failure_reason for more details.\n", + "enum": [ + "deleted", + "accepted", + "failed", + "invalid" + ], + "x-enum-varnames": [ + "build_request_object_status_deleted", + "build_request_object_status_accepted", + "build_request_object_status_failed", + "build_request_object_status_invalid" + ] + }, + "failure_reason": { + "type": "string", + "description": "this is the failure reason populated when outcome is 'failed' or 'invalid'." + } + } + }, + "DataPlaneKeyBulkResponse": { + "description": "The data plane key bulk outcome.", + "type": "array", + "items": { + "$ref": "#/components/schemas/BulkRequestObjectStatus" + } + }, + "DataPlaneKeyUpdateRequest": { + "type": "object", + "description": "Request structure for updating an existing data plane key.", + "properties": { + "name": { + "description": "Give the data plane key a new name so you can tell it apart from others.", + "type": "string", + "minLength": 1, + "maxLength": 128 + }, + "expires_at": { + "type": "string", + "format": "date-time", + "description": "Adjust the expiration date and time for the data plane key in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ. \n\nIt's not possible to update the expiration date once the data plane key has expired.\n" + } + } + }, + "FilterNameCertificates": { + "type": "string", + "description": "Keywords for certificates filters.\nWhen filtering on `management`, only the following `filter_values` are supported:\n * managed\n * unmanaged\nWhen filtering on `type`, only the following `filter_values` are supported:\n * cert_key\n * ca_bundle\n * unknown\nWhen filtering on `status`, only the following `filter_values` are supported:\n * valid\n * expiring\n * expired\n * not_ready\n", + "enum": [ + "name", + "management", + "type", + "subject_name", + "status", + "object_id" + ], + "x-enum-varnames": [ + "filter_name_certificates_name", + "filter_name_certificates_management", + "filter_name_certificates_type", + "filter_name_certificates_subject_name", + "filter_name_certificates_status", + "filter_name_certificates_object_id" + ] + }, + "CertificateObjectID": { + "description": "A globally unique identifier for the certificates.", + "type": "string", + "format": "object_id", + "pattern": "^cert_.*", + "x-go-type": "objects.ID", + "x-go-type-import": { + "name": "objects", + "path": "gitlab.com/f5/nginx/one/saas/control-plane/pkg/collections/objects" + } + }, + "CertificateManagement": { + "type": "string", + "description": "Management type:\n * `managed` - Certificate managed by NGINX One Console.\n * `unmanaged` - Certificate that only exists on a data plane instance, detected from its NGINX configuration.\n", + "enum": [ + "managed", + "unmanaged" + ], + "x-enum-varnames": [ + "certificate_management_managed", + "certificate_management_unmanaged" + ] + }, + "CertificateType": { + "type": "string", + "description": "Certificate type:\n * `ca_bundle` - This certificate object is a CA bundle.\n * `cert_key` - This certificate object is consisted of public certificates and key.\n * `unmanaged` - This certificate is not managed by NGINX One console and its type is unmanaged.\n", + "enum": [ + "ca_bundle", + "cert_key", + "unmanaged" + ], + "x-enum-varnames": [ + "certificate_type_ca_bundle", + "certificate_type_pem_cert_key", + "certificate_type_unmanaged" + ] + }, + "CertificateObjectMetadata": { + "required": [ + "management", + "type" + ], + "properties": { + "name": { + "description": "Name of the certificate, optionally specified upon creation", + "type": "string" + }, + "object_id": { + "$ref": "#/components/schemas/CertificateObjectID" + }, + "management": { + "$ref": "#/components/schemas/CertificateManagement" + }, + "type": { + "$ref": "#/components/schemas/CertificateType" + }, + "certs_count": { + "description": "The number of public certificates under this certificate object.", + "type": "integer", + "format": "int64" + } + }, + "example": { + "name": "example-ca-bundle", + "object_id": "cert_Tet21AeYTHCj7taOwVfzyw", + "management": "managed", + "type": "ca_bundle", + "certs_count": 5 + } + }, + "CertificateStatus": { + "type": "string", + "description": "Status of the certificate:\n * `valid` - The certificate is currently valid and operational.\n * `expiring` - The certificate will expire within the next 30 days. Consider renewing it to maintain uninterrupted service.\n * `expired` - The certificate is no longer valid. Immediate renewal is recommended to ensure secure connections.\n * `not_ready` - The certificate is not ready to be used, based on the start date of its validity period.\n", + "enum": [ + "valid", + "expiring", + "expired", + "not_ready" + ], + "x-enum-varnames": [ + "certificate_status_valid", + "certificate_status_expiring", + "certificate_status_expired", + "certificate_status_not_ready" + ] + }, + "CertificateDisplayMetadata": { + "description": "This represents the essential metadata of a public certificate.", + "type": "object", + "required": [ + "subject_name", + "status", + "not_before", + "not_after" + ], + "properties": { + "subject_name": { + "type": "string", + "example": "www.example.com", + "description": "DNS name that identifies the certificate. If DNS is not present in the SAN extension, this will be the common name.\n" + }, + "status": { + "$ref": "#/components/schemas/CertificateStatus" + }, + "not_before": { + "type": "string", + "format": "date-time", + "example": "2023-06-12T09:12:33.001Z", + "description": "The start of the validity period for the certificate." + }, + "not_after": { + "type": "string", + "format": "date-time", + "example": "2029-12-25T09:12:33.001Z", + "description": "The end of the validity period for the certificate." + } + }, + "example": { + "subject_name": "self_ca_signed", + "status": "valid", + "not_before": "2023-08-10T16:59:15Z", + "not_after": "2024-08-14T16:59:15Z" + } + }, + "CertificateOverviewMetadata": { + "description": "Represents an overview of all the public certificates under a single cert object.\nIf multiple public certificates on the same CA chain, including the leaf certificate and key are provided, \nthis includes `status`, `subject_name`, `not_before` and `not_after` for the leaf certificate.\nIf a CA bundle is provided, the above mentioned certificate metadata is for the Certificate Authority that\nexpires the soonest in the bundle.\n", + "type": "object", + "allOf": [ + { + "$ref": "#/components/schemas/CertificateObjectMetadata" + }, + { + "$ref": "#/components/schemas/CertificateDisplayMetadata" + } + ], + "example": { + "name": "example-ca-bundle", + "object_id": "cert_Tet21AeYTHCj7taOwVfzyw", + "management": "managed", + "type": "ca_bundle", + "subject_name": "self_ca_signed", + "status": "valid", + "not_before": "2023-08-10T16:59:15Z", + "not_after": "2024-08-14T16:59:15Z", + "certs_count": 5 + } + }, + "CertificateListResponse": { + "allOf": [ + { + "$ref": "#/components/schemas/PaginationResponse" + }, + { + "type": "object", + "description": "List of SSL certificates.", + "required": [ + "items" + ], + "properties": { + "items": { + "description": "An array of basic metadata for all the SSL certificates in NGINX One Console. \nFor a CA bundle, an overview with metadata on the first Certificate Authority in the bundle will be displayed.\nOtherwise, an overview with metadata on the leaf certificate will be displayed.\n", + "type": "array", + "items": { + "$ref": "#/components/schemas/CertificateOverviewMetadata" + } + } + } + } + ], + "example": { + "total": 10, + "count": 2, + "start_index": 1, + "items_per_page": 100, + "items": [ + { + "name": "example-cert_key", + "object_id": "cert_Tet21AeYTHCj7taOwVfzyw", + "management": "managed", + "type": "cert_key", + "status": "valid", + "subject_name": "www.example.com", + "not_before": "2023-08-10T16:59:15Z", + "not_after": "2024-08-14T16:59:15Z", + "certs_count": 1 + }, + { + "name": "example-ca-bundle", + "object_id": "cert_Tet21AeYTHCj7taOwVfzyw", + "management": "managed", + "type": "ca_bundle", + "subject_name": "self_ca_signed", + "status": "valid", + "not_before": "2023-08-10T16:59:15Z", + "not_after": "2024-08-14T16:59:15Z", + "certs_count": 5 + } + ] + } + }, + "CertificateContent": { + "type": "object", + "description": "Defines the PEM-formatted certificate content which includes the certificates and corresponding private key, all encoded in base64.\n", + "required": [ + "public_certs" + ], + "properties": { + "public_certs": { + "type": "string", + "format": "base64", + "maxLength": 3145728, + "description": "Base64-encoded PEM-formatted certificate information. \nThe `public_certs` field can include a leaf certificate along with its full chain of trust or a CA bundle. \nFor leaf certificates, the accompanying `private_key` is required to authenticate the certificate's validity. \nCA bundles contain trusted CA certificates and may consist of certificates from different CA chains. A private\nkey should not be included in a CA bundle.\n" + }, + "private_key": { + "type": "string", + "format": "base64", + "maxLength": 3145728, + "description": "Base64-encoded private key string for the leaf certificate, required only for certificate-key pairs to \nverify the certificate's authenticity.\n" + } + }, + "example": { + "public_certs": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUUzb3lkdWVPQU5KSGh2TDN5dkpkVHBob2V2NUdPN2dvK0J5WU9PL2w1NHU1TzJQeE1lWCtBakFiNkF4bXEKbGl2SXVodz0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQ==" + } + }, + "CertificateRequest": { + "type": "object", + "description": "Request structure for parsing or upserting certificates with an optional private key.\n", + "required": [ + "content" + ], + "properties": { + "name": { + "description": "A name for the certificate, making it identifiable among others.", + "type": "string", + "minLength": 1, + "maxLength": 128 + }, + "content": { + "$ref": "#/components/schemas/CertificateContent" + } + }, + "example": { + "name": "example-ca-bundle", + "content": { + "public_certs": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUUzb3lkdWVPQU5KSGh2TDN5dkpkVHBob2V2NUdPN2dvK0J5WU9PL2w1NHU1TzJQeE1lWCtBakFiNkF4bXEKbGl2SXVodz0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQ==", + "private_key": "" + } + } + }, + "CertificateMetadata": { + "description": "A comprehensive list of all the metadata for a public certificate.", + "type": "object", + "required": [ + "status", + "serial_number", + "signature_algorithm", + "not_before", + "not_after", + "public_key_type", + "thumbprint" + ], + "properties": { + "status": { + "$ref": "#/components/schemas/CertificateStatus" + }, + "version": { + "type": "integer", + "format": "int64", + "example": 3, + "description": "The version of the certificate, typically 3 for X.509 certificates." + }, + "serial_number": { + "type": "string", + "example": "16469416336579571270", + "description": "A unique identifier for the certificate." + }, + "signature_algorithm": { + "type": "string", + "example": "SHA-256", + "description": "Identifies the algorithm used to sign the certificate." + }, + "issuer": { + "type": "string", + "example": "CN=Example CA, O=Certificate Authority Inc., OU=CA Department, L=City, ST=State, C=Country", + "description": "Identifies the entity who signed and issued the certificate." + }, + "not_before": { + "type": "string", + "format": "date-time", + "example": "2023-06-12T09:12:33.001Z", + "description": "The start of the validity period for the certificate." + }, + "not_after": { + "type": "string", + "format": "date-time", + "example": "2029-12-25T09:12:33.001Z", + "description": "The end of the validity period for the certificate." + }, + "subject": { + "type": "string", + "example": "CN=www.example.com, O=Example Inc., OU=IT Department, L=City, ST=State, C=Country", + "description": "Identifies the primary entity to which the certificate is issued. Typically, it contains information\nsuch as the Common Name (CN), Organization (O), Organizational Unit (OU), Country (C), etc.\n" + }, + "subject_alternative_name": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "DNS:www.example.com", + "DNS:example.com", + "email:info@example.com" + ], + "description": "Defines additional identifies bound to the subject of the certificate. \nFor example, the DNS name is used to add additional domain names to a certificate.\n" + }, + "public_key_type": { + "type": "string", + "example": "RSA (2048 Bits)", + "description": "Identifies the encryption algorithm used to create the public key for the certificate." + }, + "common_name": { + "type": "string", + "example": "www.example.com", + "description": "The Common Name (CN) for the certificate, used when DNS name is not present in the SAN extension.\n" + }, + "authority_key_identifier": { + "type": "string", + "example": "2B D0 69 47 94 76 09 FE F4 6B 8D 2E 40 A6 F7 47 4D 7F 08 5E", + "description": "The identifier of the signing authority for the certificate." + }, + "subject_key_identifier": { + "type": "string", + "example": "31 EA 76 A9 23 74 A5 DF D4 FD EE A0 C1 A6 9E C6 11 0E 11 EC", + "description": "A hash value of the SSL certificate that can be used to identify certificates that \ncontain a particular public key.\n" + }, + "thumbprint_algorithm": { + "type": "string", + "example": "SHA-1", + "description": "Defines the algorithm used to hash the certificate." + }, + "thumbprint": { + "type": "string", + "example": "E6 A7 87 96 E0 C7 A3 E5 43 78 35 CA 16 78 5B 48 5A A9 DD C4 5C CD 0A 65 AA 89 33 E3 C3 D0 89 71", + "description": "A hash to ensure that the certificate has not been modified." + } + }, + "example": { + "status": "valid", + "version": 3, + "serial_number": "71283929", + "signature_algorithm": "SHA256-RSA", + "issuer": "C=US, ST=WA, L=Seattle, O=F5 Networks, OU=nginx.test, CN=eg3bsriq_cert_bundle_CA", + "not_before": "2023-02-10T16:59:15Z", + "not_after": "2024-08-14T16:59:15Z", + "subject": "C=US, ST=WA, L=Seattle, O=F5 Networks, OU=nginx.test, CN=self_ca_signed", + "subject_alternative_name": [], + "public_key_type": "RSA (2048 bit)", + "common_name": "self_ca_signed", + "authority_key_identifier": "3A:79:E0:3E:61:CD:94:29:1D:BB:45:37:0B:E9:78:E9:2F:40:67:CA", + "subject_key_identifier": "93:35:2B:75:09:B9:FF:01:1B:63:F1:0E:50:71:9C:4E:B4:E2:02:BA", + "thumbprint_algorithm": "SHA-256", + "thumbprint": "C1:EB:E8:CE:35:77:63:75:D3:C0:E7:97:5F:02:8C:D3:D8:C4:12:34:40:45:D3:98:67:39:BE:8A:33:CE:1F:B2" + } + }, + "PrivateKeyMetadata": { + "type": "object", + "description": "Metadata for a private key.", + "properties": { + "key_size": { + "description": "Size of the private key in bits.", + "type": "integer", + "format": "int64" + }, + "encryption_algorithm": { + "description": "The encryption algorithm used for the private key.", + "type": "string" + } + }, + "example": { + "key_size": 512, + "encryption_algorithm": "RSA" + } + }, + "CertificateResponse": { + "type": "object", + "description": "Response structure containing details of the created, updated or retrieved SSL certificate. In general, \nthe response should contain:\n * an overview of all the public certificates\n * `warnings` whether any issue is found after parsing the certificates and key\n * `certs`\n * `key_metadata` if key provided in the request body\n * timestamps that represent when this cert object was created or modified\n", + "allOf": [ + { + "$ref": "#/components/schemas/CertificateOverviewMetadata" + }, + { + "type": "object", + "properties": { + "warnings": { + "type": "string", + "description": "Warnings indicate whether there are any issues with the stored cert object. Empty when no issues were found.\n" + }, + "certs": { + "description": "An array of metadata for all the public certificates under the cert object.", + "type": "array", + "items": { + "$ref": "#/components/schemas/CertificateMetadata" + } + }, + "key": { + "$ref": "#/components/schemas/PrivateKeyMetadata" + }, + "created_at": { + "type": "string", + "format": "date-time", + "description": "The date and time when the SSL certificate was created." + }, + "modified_at": { + "type": "string", + "format": "date-time", + "description": "The date and time when the SSL certificate was last modified." + } + } + } + ], + "example": { + "name": "example-cert_key", + "object_id": "cert_Tet21AeYTHCj7taOwVfzyw", + "management": "managed", + "type": "cert_key", + "status": "valid", + "subject_name": "www.example.com", + "not_before": "2023-08-10T16:59:15Z", + "not_after": "2024-08-14T16:59:15Z", + "warnings": "The provided private key does not match the certificate's signing key.", + "certs_count": 1, + "certs": [ + { + "status": "valid", + "version": 3, + "serial_number": "71283929", + "signature_algorithm": "SHA256-RSA", + "issuer": "C=US, ST=WA, L=Seattle, O=F5 Networks, OU=nginx.test, CN=eg3bsriq_cert_A", + "not_before": "2023-02-10T16:59:15Z", + "not_after": "2024-08-14T16:59:15Z", + "subject": "C=US, ST=WA, L=Seattle, O=F5 Networks, OU=nginx.test, CN=eg3bsriq_cert_B", + "subject_alternative_name": [], + "public_key_type": "RSA (2048 bit)", + "common_name": "eg3bsriq_cert_B", + "authority_key_identifier": "3A:79:E0:3E:61:CD:94:29:1D:BB:45:37:0B:E9:78:E9:2F:40:67:CA", + "subject_key_identifier": "93:35:2B:75:09:B9:FF:01:1B:63:F1:0E:50:71:9C:4E:B4:E2:02:BA", + "thumbprint_algorithm": "SHA-256", + "thumbprint": "C1:EB:E8:CE:35:77:63:75:D3:C0:E7:97:5F:02:8C:D3:D8:C4:12:34:40:45:D3:98:67:39:BE:8A:33:CE:1F:B2" + } + ], + "key": { + "key_size": 512, + "encryption_algorithm": "RSA" + }, + "modified_at": "2023-11-01T00:00:00Z", + "created_at": "2023-10-01T00:00:00Z" + } + }, + "PublicationBulkResponse": { + "description": "The publication bulk operation outcome.\n", + "type": "array", + "items": { + "$ref": "#/components/schemas/BulkRequestObjectStatus" + } + }, + "CertificateUpdateContent": { + "type": "object", + "description": "Defines the PEM-formatted certificate content which includes the certificates and corresponding private key, all encoded in base64.\n", + "properties": { + "public_certs": { + "type": "string", + "format": "base64", + "maxLength": 3145728, + "description": "Base64-encoded PEM-formatted certificate information. \nThis is used for updating an existing certificate object. The schema is the same as `CertificateContent`,\nthe only difference is that both `public_certs` and `private_key` fields are optional. There are three use\ncases for this schema:\n* the below update can be done on either a Cert Key Pair or a CA Bundle:\n * when only `public_certs` is populated, update the public certificates on a certificate object. \n The updated public certificates will be validated against the existing private key.\n* the below update can be done only on a Cert Key Pair:\n * when only `private_key` is populated, update only the private key on a certificate object. \n The updated private key will be validated against the existing public certificates.\n * when both `public_certs` and `private_key` fields are populated, update both of them on a certificate \n object.\n" + }, + "private_key": { + "type": "string", + "format": "base64", + "maxLength": 3145728, + "description": "Base64-encoded private key string for the leaf certificate, required only for certificate-key pairs to \nverify the certificate's authenticity.\n" + } + }, + "example": { + "private_key": "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFM295ZHVlT0FOSkhodkwzeXZKZFRwaG9ldjVHTzdnbytCeVlPTy9sNTR1NU8yUHhNZVgrQWpBYjZBeG1xCmxpdkl1aHc9Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0t" + } + }, + "CertificateUpdateRequest": { + "type": "object", + "description": "Request structure for updating a certificate object. If key provided, it will be validated against the \nexisting leaf certificate stored under the certificate object.\n* Update for an unmanaged certificate object:\n * This converts the unmanaged certificate object to managed.\n * `public_certs` should always be provided during the conversion.\n * When key is provided, this certificate object is converted to a managed Cert Key Pair. Otherwise, it is\n converted to a managed CA Bundle.\n", + "properties": { + "name": { + "description": "A name for the certificate, making it identifiable among others.", + "type": "string", + "minLength": 1, + "maxLength": 128 + }, + "content": { + "$ref": "#/components/schemas/CertificateUpdateContent" + } + }, + "example": { + "name": "example-cert-object", + "content": { + "public_certs": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUUzb3lkdWVPQU5KSGh2TDN5dkpkVHBob2V2NUdPN2dvK0J5WU9PL2w1NHU1TzJQeE1lWCtBakFiNkF4bXEKbGl2SXVodz0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQ==" + } + } + }, + "FilterNameCertificateDeployments": { + "type": "string", + "description": "Keywords for certificate deployment filters.\nWhen filtering on `association_type`, only the following `filter_values` are supported:\n * instance\n * config_sync_group\nWhen filtering on `deployment_status`, only the following `filter_values` are supported:\n * latest\n * stale\n", + "enum": [ + "name", + "association_type", + "deployment_status" + ], + "x-enum-varnames": [ + "filter_name_certificate_deployments_name", + "filter_name_certificate_deployments_association_type", + "filter_name_certificate_deployments_deployment_status" + ] + }, + "DeploymentAssociatedType": { + "type": "string", + "description": "The type of the deployment association, with the following values:\n * `instance`\n * `config_sync_group`\n", + "enum": [ + "instance", + "config_sync_group" + ], + "x-enum-varnames": [ + "deployment_associated_type_instance", + "deployment_associated_type_config_sync_group" + ] + }, + "DeploymentAssociatedName": { + "type": "string", + "description": "Based on deployment type:\n * `instance`\n * `config_sync_group`\n" + }, + "CertificateDeploymentStatus": { + "type": "string", + "description": "Certificate deployment status:\n * `latest` - This certificate deployment is up to date with the latest certificates and key.\n * `stale` - This certificate deployment is outdated and needs to deploy the latest certificates and key.\n * `unmanaged` - This certificate deployment is unmanaged by NGINX One Console.\n", + "enum": [ + "latest", + "stale", + "unmanaged" + ], + "x-enum-varnames": [ + "certificate_deployment_status_latest", + "certificate_deployment_status_stale", + "certificate_deployment_status_unmanaged" + ] + }, + "CertificateDeployment": { + "type": "object", + "description": "Response structure containing certificate deployment details for an SSL certificate, which include\n * `association_type` represents type of the object affected by this certificate deployment, which is either\n an instance or config sync group\n * `object_id` represents the object ID for the associated instance or config sync group\n * `name` for either the host name of an instance or the name of a config sync group\n * `deployment_status`:\n * `latest`: deployment is up to date with the latest updated certificate and key contents\n * `stale`: deployment for either certificates or key is outdated, requires a redeployment with the latest contents\n * `cert_paths` represents the file paths used for deploying public certificates of this certificate object\n * `key_paths` represents the file paths used for deploying the private key of this certificate object, if a\n private key is present\n", + "required": [ + "association_type", + "object_id", + "name", + "deployment_status" + ], + "properties": { + "association_type": { + "$ref": "#/components/schemas/DeploymentAssociatedType" + }, + "object_id": { + "$ref": "#/components/schemas/ObjectID" + }, + "name": { + "$ref": "#/components/schemas/DeploymentAssociatedName" + }, + "deployment_status": { + "$ref": "#/components/schemas/CertificateDeploymentStatus" + }, + "cert_paths": { + "description": "Deployment file paths for public certificates.", + "type": "array", + "items": { + "type": "string" + } + }, + "key_paths": { + "description": "Deployment file paths for the private key.", + "type": "array", + "items": { + "type": "string" + } + } + }, + "example": { + "association_type": "instance", + "name": "instance-host-name", + "object_id": "inst_-uvR3F2TQGm18jnl7bpaGw", + "deployment_status": "latest", + "cert_paths": [ + "/etc/nginx/example.crt", + "/etc/nginx/certs/cert.crt" + ], + "key_paths": [ + "/etc/nginx/example.key" + ] + } + }, + "CertificateDeploymentListResponse": { + "allOf": [ + { + "$ref": "#/components/schemas/PaginationResponse" + }, + { + "type": "object", + "description": "List of certificate deployments for a SSL certificate.", + "required": [ + "items" + ], + "properties": { + "items": { + "description": "An array of certificate deployments for an SSL certificate. If this certificate object represents a \nCA bundle, there will be only public certificate file paths in the certificate deployment details.\n", + "type": "array", + "items": { + "$ref": "#/components/schemas/CertificateDeployment" + } + } + } + } + ], + "example": { + "total": 10, + "count": 2, + "start_index": 1, + "items_per_page": 100, + "items": [ + { + "association_type": "instance", + "name": "instance-host-name", + "object_id": "inst_-uvR3F2TQGm18jnl7bpaGw", + "deployment_status": "latest", + "cert_paths": [ + "/etc/nginx/example.crt", + "/etc/nginx/certs/cert.crt" + ], + "key_paths": [ + "/etc/nginx/example.key" + ] + }, + { + "association_type": "config_sync_group", + "name": "group1", + "object_id": "csg_vfr5Oqv-AhxGzyqTXW-Ubw", + "deployment_status": "stale", + "cert_paths": [ + "/etc/nginx/cert.crt" + ], + "key_paths": [ + "/etc/nginx/server.key" + ] + } + ] + } + }, + "FilterNameConfigSyncGroups": { + "type": "string", + "description": "Keywords for config sync groups filters.\nWhen filtering on `config_status`, only the following `filter_values` are supported:\n * in_sync\n * out_of_sync\n * sync_in_progress\n * unknown\n", + "enum": [ + "name", + "config_status", + "object_id" + ], + "x-enum-varnames": [ + "filter_name_config_sync_group_name", + "filter_name_config_sync_group_config_status", + "filter_name_config_sync_group_object_id" + ] + }, + "ConfigSyncGroupObjectID": { + "description": "A globally unique identifier for the NGINX config sync group.", + "type": "string", + "format": "object_id", + "pattern": "^csg_.*", + "x-go-type": "objects.ID", + "x-go-type-import": { + "name": "objects", + "path": "gitlab.com/f5/nginx/one/saas/control-plane/pkg/collections/objects" + } + }, + "ConfigSyncStatus": { + "type": "string", + "description": "The current config sync status of the NGINX config sync group, with the following possible values:\n* `unknown` - The status cannot be determined at this moment.\n* `in_sync` - All NGINX instances in config sync group have same config as indicated by config_version.\n* `out_of_sync` - Some NGINX instances in config sync group have config different than indicated by config_version.\n* `sync_in_progress` - The operation of applying config_version to all NGINX instances in config sync group is in progress.\n", + "enum": [ + "unknown", + "in_sync", + "out_of_sync", + "sync_in_progress" + ], + "x-enum-varnames": [ + "nginx_config_sync_group_config_status_unknown", + "nginx_config_sync_group_config_status_in_sync", + "nginx_config_sync_group_config_status_out_of_sync", + "nginx_config_sync_group_config_status_in_progress" + ] + }, + "CertificateInstanceSummary": { + "description": "A breakdown and tally of certificates, detailing the total count, number of expired certificates, certificates nearing expiration, and those that are valid.", + "type": "object", + "required": [ + "total", + "expired", + "expiring", + "valid", + "not_ready" + ], + "properties": { + "total": { + "description": "Total count of certificates across the NGINX data plane.", + "type": "integer" + }, + "expired": { + "description": "The number of certificates that have expired and are no longer valid.", + "type": "integer" + }, + "expiring": { + "description": "The number of certificates due to expire in the next 30 days.", + "type": "integer" + }, + "valid": { + "description": "The number of certificates that are valid and in good standing.", + "type": "integer" + }, + "not_ready": { + "description": "The number of certificates that are not ready to be used.", + "type": "integer" + } + } + }, + "ListConfigSyncGroupObject": { + "type": "object", + "description": "Summary information of the NGINX config sync group.", + "required": [ + "object_id", + "name", + "created_at", + "instances_count", + "config_status" + ], + "properties": { + "object_id": { + "$ref": "#/components/schemas/ConfigSyncGroupObjectID" + }, + "name": { + "description": "Name of the NGINX config sync group.", + "type": "string" + }, + "created_at": { + "description": "The date and time when the config sync group was created.", + "type": "string", + "format": "date-time" + }, + "instances_count": { + "description": "Number of instances in the NGINX config sync group.", + "type": "integer" + }, + "config_status": { + "$ref": "#/components/schemas/ConfigSyncStatus" + }, + "cert_summary": { + "$ref": "#/components/schemas/CertificateInstanceSummary" + } + } + }, + "ConfigSyncGroupListResponse": { + "allOf": [ + { + "$ref": "#/components/schemas/PaginationResponse" + }, + { + "type": "object", + "description": "List of NGINX config sync groups.", + "required": [ + "items" + ], + "properties": { + "items": { + "description": "An array of Config Sync Group objects.", + "type": "array", + "items": { + "$ref": "#/components/schemas/ListConfigSyncGroupObject" + } + } + } + } + ], + "example": { + "total": 10, + "count": 1, + "start_index": 1, + "items_per_page": 100, + "items": [ + { + "object_id": "csg_-uvR3F2TQGm18jnl7bpaGw", + "name": "test-config-sync-group", + "created_at": "2023-12-05T22:30:20.220114Z", + "config_status": "in_sync", + "instances_count": 1 + } + ] + } + }, + "ConfigSyncGroupCreateRequest": { + "description": "Body to create a NGINX config sync group.", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "A name to uniquely identify the NGINX config sync group in a given tenant namespace.", + "minLength": 1, + "maxLength": 256 + } + }, + "example": { + "name": "my-nginx-config-sync-group" + } + }, + "ConfigSyncGroupCreateResponse": { + "description": "Response to a create NGINX config sync group request.", + "required": [ + "object_id", + "name" + ], + "properties": { + "object_id": { + "$ref": "#/components/schemas/ConfigSyncGroupObjectID" + }, + "name": { + "description": "Name of the NGINX config sync group.", + "type": "string" + } + }, + "example": { + "name": "my-nginx-config-sync-group", + "object_id": "csg_Tet21AeYTHCj7taOwVfzyw" + } + }, + "ConfigSyncGroupBulkRequestData": { + "type": "object", + "description": "Part of bulk operation on a config sync group, only `delete` is supported.", + "required": [ + "action", + "object_id" + ], + "properties": { + "object_id": { + "$ref": "#/components/schemas/ConfigSyncGroupObjectID" + }, + "action": { + "$ref": "#/components/schemas/BulkRequestAction" + } + }, + "example": { + "object_id": "csg_-uvR3F2TQGm18jnl7bpaGw", + "action": "delete" + } + }, + "ConfigSyncGroupBulkRequest": { + "type": "array", + "items": { + "$ref": "#/components/schemas/ConfigSyncGroupBulkRequestData" + }, + "minItems": 1, + "maxItems": 50, + "example": [ + { + "object_id": "csg_-uvR3F2TQGm18jnl7bpaGw", + "action": "delete" + }, + { + "object_id": "csg_PL0c1XodRemmzVEjiXSsTg", + "action": "delete" + } + ] + }, + "ConfigSyncGroupBulkResponse": { + "description": "The config sync group bulk outcome.", + "type": "array", + "items": { + "$ref": "#/components/schemas/BulkRequestObjectStatus" + } + }, + "ConfigSyncGroupMeta": { + "type": "object", + "description": "Meta information of the NGINX config sync group including:\n* NGINX config sync group object ID\n* unique name of the config sync group in the tenant namespace\n* last publication timestamp\n", + "required": [ + "object_id", + "name", + "created_at" + ], + "properties": { + "object_id": { + "$ref": "#/components/schemas/ConfigSyncGroupObjectID" + }, + "name": { + "description": "Name of the NGINX config sync group.", + "type": "string" + }, + "last_publication": { + "description": "The date and time of the most recent config sync group publication.", + "type": "string", + "format": "date-time" + }, + "created_at": { + "description": "The date and time when the config sync group was created.", + "type": "string", + "format": "date-time" + } + }, + "example": { + "object_id": "csg_-uvR3F2TQGm18jnl7bpaGw", + "name": "test-config-sync-group", + "last_publication": "2023-12-06T22:37:24.120114Z", + "created_at": "2023-12-05T22:30:20.220114Z" + } + }, + "InstanceObjectID": { + "description": "A globally unique identifier for the NGINX instance.", + "type": "string", + "format": "object_id", + "pattern": "^inst_.*", + "x-go-type": "objects.ID", + "x-go-type-import": { + "name": "objects", + "path": "gitlab.com/f5/nginx/one/saas/control-plane/pkg/collections/objects" + } + }, + "NginxBuild": { + "description": "The build details for the NGINX binary, including its configuration parameters.\n", + "type": "object", + "required": [ + "version" + ], + "properties": { + "version": { + "description": "The version number of the base open-source NGINX.", + "type": "string" + }, + "plus_release": { + "description": "The NGINX Plus release version, if applicable.", + "type": "string" + }, + "conf_path": { + "description": "The absolute path to the NGINX configuration, as set by the `--conf-path` option during build time.", + "type": "string" + } + } + }, + "NginxAppProtectVersions": { + "description": "Version information regarding NGINX App Protect.\n", + "type": "object", + "required": [ + "engine_version" + ], + "properties": { + "release_version": { + "description": "The release version of NGINX App Protect.", + "type": "string" + }, + "engine_version": { + "description": "The version of the App Protect enforcement engine.", + "type": "string" + } + } + }, + "NginxAppProtectDeploymentCounts": { + "type": "object", + "description": "Summary count of NAP policy version deployment statues.", + "required": [ + "total", + "deployed", + "deploying", + "failed" + ], + "properties": { + "total": { + "description": "Total count of NAP policy versions across the NGINX data plane.", + "type": "integer" + }, + "deployed": { + "description": "The number of NAP policy versions that have deployed.", + "type": "integer" + }, + "deploying": { + "description": "The number of NAP policy versions that are deploying.", + "type": "integer" + }, + "failed": { + "description": "The number of NAP policy versions that have failed deployment.", + "type": "integer" + } + } + }, + "NginxAppProtectSummary": { + "description": "Summary information regarding NGINX App Protect.\n", + "type": "object", + "allOf": [ + { + "$ref": "#/components/schemas/NginxAppProtectVersions" + }, + { + "type": "object", + "required": [ + "deployments" + ], + "properties": { + "deployments": { + "$ref": "#/components/schemas/NginxAppProtectDeploymentCounts" + } + } + } + ] + }, + "CveSeverityType": { + "type": "string", + "description": "Severity ratings:\n * `high` - High severity.\n * `medium` - Moderate severity.\n * `low` - Least severe.\n * `none` - Not severe.\n * `other` - Severity that does not fit the other categories.\n", + "enum": [ + "high", + "medium", + "low", + "none", + "other" + ], + "x-enum-varnames": [ + "cve_severity_type_high", + "cve_severity_type_medium", + "cve_severity_type_low", + "cve_severity_type_none", + "cve_severity_type_other" + ] + }, + "CveDetails": { + "description": "CVEs details, including the type and count.\n", + "type": "object", + "required": [ + "type", + "count" + ], + "properties": { + "type": { + "$ref": "#/components/schemas/CveSeverityType" + }, + "count": { + "description": "The total number of each CVE type.", + "type": "integer" + } + } + }, + "RecommendationType": { + "type": "string", + "description": "Types of configuration recommendations:\n * `best_practice` - Suggestions based on established best practices.\n * `security` - Recommendations related to security.\n * `optimization` - Advice for optimizing performance.\n * `other` - Recommendations that do not fit the above categories.\n", + "enum": [ + "best_practice", + "security", + "optimization", + "other" + ], + "x-enum-varnames": [ + "recommendation_type_best_practice", + "recommendation_type_security", + "recommendation_type_optimization", + "recommendation_type_other" + ] + }, + "IssueDetails": { + "description": "Issue details, including the type and count.\n", + "type": "object", + "required": [ + "type", + "count" + ], + "properties": { + "type": { + "$ref": "#/components/schemas/RecommendationType" + }, + "count": { + "description": "The total number of issues identified for the specific recommendation type.", + "type": "integer" + } + } + }, + "ControlPlaneObjectID": { + "description": "A globally unique identifier for the control plane.", + "type": "string", + "format": "object_id", + "pattern": "^ecp_.*", + "x-go-type": "objects.ID" + }, + "ControlPlaneBaseInfo": { + "type": "object", + "description": "Base information of a control plane, which includes name, product version and optionally an object ID.", + "required": [ + "name", + "product_version", + "created_at" + ], + "properties": { + "object_id": { + "$ref": "#/components/schemas/ControlPlaneObjectID" + }, + "name": { + "description": "Control plane name.", + "type": "string" + }, + "product_version": { + "description": "Control plane product name and version.", + "type": "string" + }, + "created_at": { + "type": "string", + "format": "date-time", + "description": "The date and time when the control plane was created." + } + } + }, + "Instance": { + "type": "object", + "description": "Summary information about a NGINX instance.", + "required": [ + "object_id", + "hostname", + "system_id", + "agent_version", + "registered_at", + "last_reported", + "status" + ], + "properties": { + "object_id": { + "$ref": "#/components/schemas/InstanceObjectID" + }, + "hostname": { + "description": "The name of the host system where the NGINX instance is running.", + "type": "string" + }, + "system_id": { + "description": "The unique identifier assigned to the host system by the NGINX Agent.", + "type": "string" + }, + "nginx_id": { + "description": "The unique identifier for the NGINX process on the host system, assigned by the NGINX Agent.", + "type": "string" + }, + "agent_version": { + "description": "The version of the NGINX Agent.", + "type": "string" + }, + "key_object_id": { + "$ref": "#/components/schemas/DataPlaneKeyObjectID" + }, + "nginx_build": { + "$ref": "#/components/schemas/NginxBuild" + }, + "os_version": { + "description": "The operating system's name and its and version or codename.\n", + "type": "string", + "example": "ubuntu_jammy" + }, + "nginx_app_protect": { + "$ref": "#/components/schemas/NginxAppProtectSummary" + }, + "registered_at": { + "description": "The date and time when the NGINX instance first registered with NGINX One.", + "type": "string", + "format": "date-time" + }, + "last_reported": { + "description": "The date and time of the most recent report received from the NGINX Agent.", + "type": "string", + "format": "date-time" + }, + "status": { + "type": "string", + "description": "The current operational status of the NGINX instance, with the following possible values:\n* `unknown` - The status of the NGINX instance cannot be determined at this moment.\n* `unavailable` - The NGINX Agent has lost connection to NGINX One, rendering the NGINX instance unavailable.\n* `offline` - The NGINX Agent is connected to NGINX One, but the NGINX instance is offline.\n* `online` - The NGINX Agent is connected to NGINX One, and the NGINX instance is online.\n", + "enum": [ + "unknown", + "unavailable", + "offline", + "online" + ] + }, + "cert_summary": { + "$ref": "#/components/schemas/CertificateInstanceSummary" + }, + "cve_severity": { + "type": "array", + "description": "An array summarizing identified Common Vulnerabilities and Exposures (CVEs) across the NGINX data plane.", + "items": { + "$ref": "#/components/schemas/CveDetails" + } + }, + "recommendations": { + "type": "array", + "description": "An array summarizing the suggestions from the configuration analysis report.", + "items": { + "$ref": "#/components/schemas/IssueDetails" + } + }, + "control_plane": { + "$ref": "#/components/schemas/ControlPlaneBaseInfo" + } + } + }, + "ConfigSyncGroupInstance": { + "allOf": [ + { + "$ref": "#/components/schemas/Instance" + }, + { + "type": "object", + "required": [ + "config_status", + "config_version" + ], + "properties": { + "config_status": { + "$ref": "#/components/schemas/ConfigSyncStatus" + }, + "config_version": { + "description": "A computed hash of current config on the config sync group.", + "type": "string" + } + } + } + ] + }, + "ConfigSyncGroupPublicationStatus": { + "type": "string", + "description": "The status on the last publication issued on this config sync group:\n* `pending` - The publication request has been accepted and is currently processing.\n* `failed` - The publication attempt failed.\n* `succeeded` - The publication was successful.\n* `partially_succeeded` - The publication attempt had one or more failures.\n", + "enum": [ + "pending", + "failed", + "succeeded", + "partially_succeeded" + ], + "x-enum-varnames": [ + "publication_config_sync_group_status_pending", + "publication_config_sync_group_status_failed", + "publication_config_sync_group_status_succeeded", + "publication_config_sync_group_status_partially_succeeded" + ] + }, + "CertAssociation": { + "type": "object", + "description": "Details for a certificate that's associated with an instance or a config sync group.", + "required": [ + "name", + "object_id", + "cert_type", + "subject_name", + "not_before", + "not_after", + "cert_status", + "deployment_status" + ], + "properties": { + "name": { + "type": "string", + "description": "A friendly name for the certificate." + }, + "object_id": { + "$ref": "#/components/schemas/CertificateObjectID" + }, + "cert_type": { + "$ref": "#/components/schemas/CertificateType" + }, + "cert_paths": { + "type": "array", + "description": "The list of file system paths where the certificate file is installed. \nSince a single certificate file may be applied in multiple contexts, all relevant paths are included.\n", + "example": [ + "/etc/ssl/cert.pem", + "/etc/ssl/cert.crt" + ], + "items": { + "type": "string" + } + }, + "key_paths": { + "type": "array", + "description": "The list of file system paths where the private key file is installed.\nSince a single key file may be applied in multiple contexts, all relevant paths are included.\n", + "example": [ + "/etc/nginx/key.pem", + "/etc/ssl/server.key" + ], + "items": { + "type": "string" + } + }, + "deployment_status": { + "$ref": "#/components/schemas/CertificateDeploymentStatus" + }, + "subject_name": { + "type": "string", + "description": "Hostname or domain for the certificate. Usually the subject-alt-name (SAN) value for the certificate.\nif SAN is not present, this will be the certificate subject's common name.\n", + "example": "nginx.com" + }, + "cert_status": { + "$ref": "#/components/schemas/CertificateStatus" + }, + "not_before": { + "type": "string", + "format": "date-time", + "description": "the effective date of the certificate." + }, + "not_after": { + "type": "string", + "format": "date-time", + "description": "The expiration date for the certificate." + } + } + }, + "NapPolicyObjectID": { + "description": "A globally unique identifier for the App Protect policy.", + "type": "string", + "format": "object_id", + "pattern": "^pol_.*", + "x-go-type": "objects.ID", + "x-go-type-import": { + "name": "objects", + "path": "gitlab.com/f5/nginx/one/saas/control-plane/pkg/collections/objects" + } + }, + "NapPolicyVersionObjectID": { + "description": "A globally unique identifier for the App Protect policy version.", + "type": "string", + "format": "object_id", + "pattern": "^pv_.*", + "x-go-type": "objects.ID", + "x-go-type-import": { + "name": "objects", + "path": "gitlab.com/f5/nginx/one/saas/control-plane/pkg/collections/objects" + } + }, + "PublicationObjectID": { + "description": "A globally unique identifier for the publication.", + "type": "string", + "format": "object_id", + "example": "pub_72pGHoGsSICL_THZrs964g", + "pattern": "^pub_.*", + "x-go-type": "objects.ID", + "x-go-type-import": { + "name": "objects", + "path": "gitlab.com/f5/nginx/one/saas/control-plane/pkg/collections/objects" + } + }, + "NapPolicyEnforcementMode": { + "description": "The current enforcement mode of the NGINX App Protect policy, with the following possible values:\n* `blocking` - Any illegal or suspicious requests are logged and blocked.\n* `transparent` - Any illegal or suspicious requests are logged but not blocked.\n", + "type": "string", + "enum": [ + "blocking", + "transparent" + ], + "x-enum-varnames": [ + "nap_enforcement_mode_blocking", + "nap_enforcement_mode_transparent" + ] + }, + "NapDeploymentStatus": { + "description": "The current enforcement mode of the NGINX App Protect policy, with the following possible values:\n* `deployed` - The NGINX App Protect policy has been deployed.\n* `not_deployed` - The NGINX App Protect policy has not been deployed.\n* `deploying` - The NGINX App Protect policy is currently being deployed.\n* `failed` - The NGINX App Protect policy failed deploying.\n", + "type": "string", + "enum": [ + "deployed", + "not_deployed", + "deploying", + "failed" + ], + "x-enum-varnames": [ + "nap_deployment_status_deployed", + "nap_deployment_status_not_deployed", + "nap_deployment_status_deploying", + "nap_deployment_status_failed" + ] + }, + "NapAssociation": { + "description": "Details for a NGINX App Protect policy version that's associated with an instance or a config sync group.", + "required": [ + "name", + "version", + "policy_object_id", + "policy_version_object_id", + "paths", + "deployment_status", + "publication_object_id", + "deployed_on", + "enforcement_mode" + ], + "properties": { + "name": { + "type": "string", + "description": "Name of the policy at the time of the deployment." + }, + "version": { + "type": "string", + "description": "Version of the policy at the time of the deployment." + }, + "policy_object_id": { + "$ref": "#/components/schemas/NapPolicyObjectID" + }, + "policy_version_object_id": { + "$ref": "#/components/schemas/NapPolicyVersionObjectID" + }, + "publication_object_id": { + "$ref": "#/components/schemas/PublicationObjectID" + }, + "enforcement_mode": { + "$ref": "#/components/schemas/NapPolicyEnforcementMode" + }, + "paths": { + "type": "array", + "description": "The list of file system paths where the compiled NAP policy version bundle file is installed. \nSince a single compiled NAP policy version bundle file may be applied in multiple contexts, all relevant paths are included.\n", + "example": [ + "/etc/nginx/default_policy.tgz", + "/etc/nginx/default_policy_server_2.tgz" + ], + "items": { + "type": "string" + } + }, + "deployment_status": { + "$ref": "#/components/schemas/NapDeploymentStatus" + }, + "deployed_on": { + "description": "Date and time of the deployment.", + "type": "string", + "format": "date-time" + } + }, + "example": { + "name": "default_policy", + "version": "2025.05.01", + "policy_object_id": "pol_panEdeY-Sh2rWm365y7wsw", + "policy_version_object_id": "pv_kem7SCosTTOL9mMlNyY2GQ", + "publication_object_id": "pub_72pGHoGsSICL_THZrs964g", + "paths": [ + "/etc/nginx/default_policy.tgz" + ], + "deployment_status": "deployed", + "enforcement_mode": "transparent", + "deployed_on": "2023-12-06T22:37:24.120114Z" + } + }, + "ConfigSyncGroup": { + "allOf": [ + { + "$ref": "#/components/schemas/ConfigSyncGroupMeta" + }, + { + "type": "object", + "description": "Additional information of the NGINX config sync group including:\n* config sync status\n* config checksum\n* instances\n* last known publication status\n* certs associated with this config sync group\n", + "properties": { + "config_status": { + "$ref": "#/components/schemas/ConfigSyncStatus" + }, + "config_version": { + "description": "A computed hash of current config on the config sync group.", + "type": "string" + }, + "instances": { + "description": "An array of Instance objects.", + "type": "array", + "items": { + "$ref": "#/components/schemas/ConfigSyncGroupInstance" + } + }, + "last_publication_status": { + "$ref": "#/components/schemas/ConfigSyncGroupPublicationStatus" + }, + "certs": { + "description": "An array detailing each certificate's information, including its friendly name, unique identifier, applicable file system paths, subject name, and validity dates. \nIt provides insights into the operational status of each certificate, such as whether it's currently valid, nearing expiration, is not ready to be used, or has already expired.\nThe deployment status indicates whether the latest certs and key managed by NGINX One Console are deployed onto the data plane instances that are part of this config sync group.\n", + "type": "array", + "items": { + "$ref": "#/components/schemas/CertAssociation" + } + }, + "nginx_app_protect": { + "type": "object", + "required": [ + "deployments" + ], + "properties": { + "deployments": { + "type": "array", + "items": { + "$ref": "#/components/schemas/NapAssociation" + } + } + } + } + } + } + ], + "example": { + "object_id": "csg_-uvR3F2TQGm18jnl7bpaGw", + "name": "test-config-sync-group", + "created_at": "2023-12-06T22:37:24.120114Z", + "config_status": "in_sync", + "config_version": "uvR3F2TQGm18jnl7bpaGw", + "instances": [ + { + "object_id": "inst_-uvR3F2TQGm18jnl7bpaGw", + "hostname": "816e3c194d59", + "system_id": "6066aad2-211e-3718-be5d-fcc01ffc5cc8", + "agent_version": "v2.33.0", + "registered_at": "2024-05-16T18:26:40.556048Z", + "last_reported": "2023-12-06T22:37:24.120114Z", + "status": "unavailable", + "nginx_build": { + "conf_path": "/etc/nginx/nginx.conf", + "version": "1.25.3" + }, + "os_version": "Ubuntu 22.04", + "nginx_id": "b636d4376dea15405589692d3c5d3869ff3a9b26b0e7bb4bb1aa7e658ace1437", + "config_status": "in_sync", + "config_version": "abc123def456" + } + ], + "certs": [ + { + "subject_name": "test.com", + "name": "client", + "cert_type": "cert_key", + "not_after": "2024-01-06T00:01:30Z", + "not_before": "2023-12-07T00:01:30Z", + "cert_paths": [ + "/etc/nginx/client.pem" + ], + "cert_status": "expiring", + "deployment_status": "latest", + "object_id": "cert_Tet21AeYTHCj7taOwVfzyw" + } + ] + } + }, + "ConfigSyncGroupDetails": { + "type": "object", + "description": "Detailed information of the NGINX config sync group.", + "allOf": [ + { + "$ref": "#/components/schemas/ConfigSyncGroup" + } + ] + }, + "ConfigPath": { + "type": "string", + "minLength": 1, + "maxLength": 4096, + "description": "The full path to the main NGINX configuration file. This corresponds to the `--conf-path` parameter used in the NGINX binary.\n", + "example": "/etc/nginx/nginx.conf." + }, + "FileData": { + "type": "object", + "description": "Details about a file, including its path, content, size, and last modified time.", + "required": [ + "name", + "contents", + "size", + "mtime" + ], + "properties": { + "name": { + "type": "string", + "description": "The file's relative path to the parent directory.", + "minLength": 1, + "maxLength": 4096 + }, + "contents": { + "type": "string", + "format": "byte", + "description": "The base64-encoded contents of the file.", + "maxLength": 3145728 + }, + "size": { + "type": "integer", + "description": "The size of the file, in bytes." + }, + "mtime": { + "type": "string", + "format": "date-time", + "description": "Timestamp of the last modification made to the file." + } + } + }, + "DirectoryWithFileContent": { + "type": "object", + "description": "Represents a directory and its contents, detailing the directory's full path, assigned permissions, last modified time, and the files within it.", + "required": [ + "name", + "files" + ], + "properties": { + "name": { + "type": "string", + "description": "The complete path of the directory." + }, + "permissions": { + "type": "string", + "description": "The permissions for the directory." + }, + "mtime": { + "type": "string", + "description": "The date and time when the directory was last modified.", + "format": "date-time" + }, + "files": { + "type": "array", + "description": "The list of files in the directory.", + "items": { + "$ref": "#/components/schemas/FileData" + } + } + } + }, + "NginxConfigObject": { + "type": "object", + "description": "Details of an NGINX configuration, the main configuration path, and the configuration directories.\n", + "required": [ + "conf_path", + "configs" + ], + "properties": { + "config_version": { + "type": "string", + "description": "A hash that uniquely identifies the contents of the config object. Can be used to detect change when updating the NginxConfig.\n" + }, + "conf_path": { + "$ref": "#/components/schemas/ConfigPath" + }, + "configs": { + "type": "array", + "description": "An array of directories containing NGINX configuration files.", + "items": { + "$ref": "#/components/schemas/DirectoryWithFileContent" + } + }, + "aux": { + "type": "array", + "description": "An array of auxiliary directory contents related to the NGINX configuration.", + "items": { + "$ref": "#/components/schemas/DirectoryWithFileContent" + } + } + }, + "example": { + "aux": [], + "conf_path": "/etc/nginx/nginx.conf", + "configs": [ + { + "files": [ + { + "contents": "Cm1hcCAkdXJpICRtYXBwZWRfc2VydmljZSB7CiAgICBkZWZhdWx0IFVOTUFUQ0hFRDsKICAgICJ+Xi9hcGkvdjEvbmFtZXNwYWNlcy9cdysvaW5zdGFuY2VzIiAgICAgICAgaW5zdGFuY2VzLXN2YzsKICAgICJ+Xi9hcGkvdjEvbmFtZXNwYWNlcy9cdysvZGF0YS1wbGFuZS1rZXlzIiAga2V5cy1zdmM7CiAgICAifl4vYXBpL3YxL25hbWVzcGFjZXMvXHcrL21vbml0b3IiICAgICAgICAgIG1vbml0b3Itc3ZjOwp9Cgp1cHN0cmVhbSBpbnN0YW5jZXMtc3ZjIHsKICAgIHNlcnZlciBpbnN0YW5jZXMtc3ZjOjgwODA7Cn0KCnVwc3RyZWFtIGtleXMtc3ZjIHsKICAgIHNlcnZlciBrZXlzLXN2Yzo4MDkwOwp9Cgp1cHN0cmVhbSBkYXRhcGxhbmUtY3RybCB7CiAgICBzZXJ2ZXIgZGF0YXBsYW5lLWN0cmw6ODA4MDsKfQoKdXBzdHJlYW0gbW9uaXRvci1zdmMgewogICAgc2VydmVyIG1vbml0b3Itc3ZjOjgwODA7Cn0KCnVwc3RyZWFtIG1ldHJpY3MtaW5nZXN0IHsKICAgIHNlcnZlciBtZXRyaWNzLWluZ2VzdDo4MDgwOwp9CgpzZXJ2ZXIgewogICAgbGlzdGVuIDg4ODg7CiAgICBzZXJ2ZXJfbmFtZSBfOwogICAgaHR0cDIgb247CgogICAgcHJveHlfcGFzc19yZXF1ZXN0X2hlYWRlcnMgb247CiAgICByZXdyaXRlICJeL2FwaS8obmdpbngvb25lfHYxKS8oLiopJCIgIi9hcGkvdjEvJDIiIGJyZWFrOwogICAgbG9jYXRpb24gL2FwaS92MS8gewogICAgICAgIGlmICgkbWFwcGVkX3NlcnZpY2UgPSAiVU5NQVRDSEVEIikgewogICAgICAgICAgICByZXR1cm4gNDA0ICd7ImVycm9yOiAiTm90IGZvdW5kIn0nOwogICAgICAgIH0KICAgICAgICBwcm94eV9wYXNzX2hlYWRlciBYLVZvbHRlcnJhLUFwaWd3LVRlbmFudDsKICAgICAgICBwcm94eV9wYXNzIGh0dHA6Ly8kbWFwcGVkX3NlcnZpY2U7CiAgICB9CgogICAgIyBnUlBDIHNlcnZpY2UgZm9yIGRhdGFwbGFuZS1jdHJsCiAgICBsb2NhdGlvbiAvZjUubmdpbnguYWdlbnQuc2RrLkNvbW1hbmRlciB7CiAgICAgICAgZ3JwY19zb2NrZXRfa2VlcGFsaXZlIG9uOwogICAgICAgIGdycGNfcmVhZF90aW1lb3V0IDVtOwogICAgICAgIGdycGNfc2VuZF90aW1lb3V0IDVtOwogICAgICAgIGNsaWVudF9ib2R5X3RpbWVvdXQgMTBtOwogICAgICAgIGdycGNfcGFzcyBncnBjOi8vZGF0YXBsYW5lLWN0cmw7CiAgICB9CgogICAgIyBnUlBDIHNlcnZpY2UgZm9yIG1ldHJpY3MgaW5nZXN0aW9uCiAgICBsb2NhdGlvbiAvZjUubmdpbnguYWdlbnQuc2RrLk1ldHJpY3NTZXJ2aWNlIHsKICAgICAgICBncnBjX3NvY2tldF9rZWVwYWxpdmUgb247CiAgICAgICAgZ3JwY19yZWFkX3RpbWVvdXQgNW07CiAgICAgICAgZ3JwY19zZW5kX3RpbWVvdXQgNW07CiAgICAgICAgY2xpZW50X2JvZHlfdGltZW91dCAxMG07CiAgICAgICAgY2xpZW50X21heF9ib2R5X3NpemUgMDsKICAgICAgICBncnBjX3Bhc3MgZ3JwYzovL21ldHJpY3MtaW5nZXN0OwogICAgfQp9CgojIHByb3h5IHRvIHRoZSBtYW5hZ2VtZW50IHNlcnZlcnMKc2VydmVyIHsKICAgIGxpc3RlbiAxNTAwMDsKICAgIHNlcnZlcl9uYW1lIF87CiAgICAjIHVzZSBkb2NrZXIgRE5TCiAgICByZXNvbHZlciAxMjcuMC4wLjExIHZhbGlkPTMwczsKCiAgICAjIG1hdGNoIC88c2VydmljZT4vPG1nbXQgZW5kcG9pbnQ+CiAgICBsb2NhdGlvbiB+Xi8oW14vXSspLyguKykkIHsKICAgICAgICBwcm94eV9wYXNzIGh0dHA6Ly8kMToxNTAwMC8kMjsKICAgIH0KCiAgICBsb2NhdGlvbiAvIHsKICAgICAgICBhZGRfaGVhZGVyICJDb250ZW50LVR5cGUiICJ0ZXh0L2h0bWwiOwogICAgICAgIHJldHVybiAyMDAgIjxwPkFjY2VzcyB0aGUgbWFuYWdlbWVudCBzZXJ2ZXIgb2YgYW55IHNlcnZpY2Ugd2l0aCBVUkxzIGxpa2UgPGNvZGU+aHR0cDovL2xvY2FsaG9zdDoxNTAwMC8mbHQ7U0VSVklDRV9OQU1FJmd0Oy9tZXRyaWNzPC9jb2RlPjwvcD4iOwogICAgfQp9Cg==", + "mtime": "1970-01-01T00:00:00Z", + "name": "default.conf", + "size": 1942 + } + ], + "name": "/etc/nginx/conf.d" + }, + { + "files": [ + { + "contents": "CnVzZXIgIG5naW54Owp3b3JrZXJfcHJvY2Vzc2VzICBhdXRvOwoKZXJyb3JfbG9nICAvdmFyL2xvZy9uZ2lueC9lcnJvci5sb2cgbm90aWNlOwpwaWQgICAgICAgIC92YXIvcnVuL25naW54LnBpZDsKCgpldmVudHMgewogICAgd29ya2VyX2Nvbm5lY3Rpb25zICAxMDI0Owp9CgoKaHR0cCB7CiAgICBpbmNsdWRlICAgICAgIC9ldGMvbmdpbngvbWltZS50eXBlczsKICAgIGRlZmF1bHRfdHlwZSAgYXBwbGljYXRpb24vb2N0ZXQtc3RyZWFtOwoKICAgIGxvZ19mb3JtYXQgIG1haW4gICckcmVtb3RlX2FkZHIgLSAkcmVtb3RlX3VzZXIgWyR0aW1lX2xvY2FsXSAiJHJlcXVlc3QiICcKICAgICAgICAgICAgICAgICAgICAgICckc3RhdHVzICRib2R5X2J5dGVzX3NlbnQgIiRodHRwX3JlZmVyZXIiICcKICAgICAgICAgICAgICAgICAgICAgICciJGh0dHBfdXNlcl9hZ2VudCIgIiRodHRwX3hfZm9yd2FyZGVkX2ZvciInOwoKICAgIGFjY2Vzc19sb2cgIC92YXIvbG9nL25naW54L2FjY2Vzcy5sb2cgIG1haW47CgogICAgc2VuZGZpbGUgICAgICAgIG9uOwogICAgI3RjcF9ub3B1c2ggICAgIG9uOwoKICAgIGtlZXBhbGl2ZV90aW1lb3V0ICA2NTsKCiAgICAjZ3ppcCAgb247CgogICAgaW5jbHVkZSAvZXRjL25naW54L2NvbmYuZC8qLmNvbmY7Cn0K", + "mtime": "1970-01-01T00:00:00Z", + "name": "nginx.conf", + "size": 648 + }, + { + "contents": "CnR5cGVzIHsKICAgIHRleHQvaHRtbCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBodG1sIGh0bSBzaHRtbDsKICAgIHRleHQvY3NzICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBjc3M7CiAgICB0ZXh0L3htbCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgeG1sOwogICAgaW1hZ2UvZ2lmICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGdpZjsKICAgIGltYWdlL2pwZWcgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBqcGVnIGpwZzsKICAgIGFwcGxpY2F0aW9uL2phdmFzY3JpcHQgICAgICAgICAgICAgICAgICAgICAgICAgICBqczsKICAgIGFwcGxpY2F0aW9uL2F0b20reG1sICAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdG9tOwogICAgYXBwbGljYXRpb24vcnNzK3htbCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJzczsKCiAgICB0ZXh0L21hdGhtbCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgbW1sOwogICAgdGV4dC9wbGFpbiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHR4dDsKICAgIHRleHQvdm5kLnN1bi5qMm1lLmFwcC1kZXNjcmlwdG9yICAgICAgICAgICAgICAgICBqYWQ7CiAgICB0ZXh0L3ZuZC53YXAud21sICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgd21sOwogICAgdGV4dC94LWNvbXBvbmVudCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGh0YzsKCiAgICBpbWFnZS9hdmlmICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXZpZjsKICAgIGltYWdlL3BuZyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBwbmc7CiAgICBpbWFnZS9zdmcreG1sICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgc3ZnIHN2Z3o7CiAgICBpbWFnZS90aWZmICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGlmIHRpZmY7CiAgICBpbWFnZS92bmQud2FwLndibXAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2JtcDsKICAgIGltYWdlL3dlYnAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJwOwogICAgaW1hZ2UveC1pY29uICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGljbzsKICAgIGltYWdlL3gtam5nICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBqbmc7CiAgICBpbWFnZS94LW1zLWJtcCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgYm1wOwoKICAgIGZvbnQvd29mZiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB3b2ZmOwogICAgZm9udC93b2ZmMiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdvZmYyOwoKICAgIGFwcGxpY2F0aW9uL2phdmEtYXJjaGl2ZSAgICAgICAgICAgICAgICAgICAgICAgICBqYXIgd2FyIGVhcjsKICAgIGFwcGxpY2F0aW9uL2pzb24gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBqc29uOwogICAgYXBwbGljYXRpb24vbWFjLWJpbmhleDQwICAgICAgICAgICAgICAgICAgICAgICAgIGhxeDsKICAgIGFwcGxpY2F0aW9uL21zd29yZCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBkb2M7CiAgICBhcHBsaWNhdGlvbi9wZGYgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgcGRmOwogICAgYXBwbGljYXRpb24vcG9zdHNjcmlwdCAgICAgICAgICAgICAgICAgICAgICAgICAgIHBzIGVwcyBhaTsKICAgIGFwcGxpY2F0aW9uL3J0ZiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBydGY7CiAgICBhcHBsaWNhdGlvbi92bmQuYXBwbGUubXBlZ3VybCAgICAgICAgICAgICAgICAgICAgbTN1ODsKICAgIGFwcGxpY2F0aW9uL3ZuZC5nb29nbGUtZWFydGgua21sK3htbCAgICAgICAgICAgICBrbWw7CiAgICBhcHBsaWNhdGlvbi92bmQuZ29vZ2xlLWVhcnRoLmtteiAgICAgICAgICAgICAgICAga216OwogICAgYXBwbGljYXRpb24vdm5kLm1zLWV4Y2VsICAgICAgICAgICAgICAgICAgICAgICAgIHhsczsKICAgIGFwcGxpY2F0aW9uL3ZuZC5tcy1mb250b2JqZWN0ICAgICAgICAgICAgICAgICAgICBlb3Q7CiAgICBhcHBsaWNhdGlvbi92bmQubXMtcG93ZXJwb2ludCAgICAgICAgICAgICAgICAgICAgcHB0OwogICAgYXBwbGljYXRpb24vdm5kLm9hc2lzLm9wZW5kb2N1bWVudC5ncmFwaGljcyAgICAgIG9kZzsKICAgIGFwcGxpY2F0aW9uL3ZuZC5vYXNpcy5vcGVuZG9jdW1lbnQucHJlc2VudGF0aW9uICBvZHA7CiAgICBhcHBsaWNhdGlvbi92bmQub2FzaXMub3BlbmRvY3VtZW50LnNwcmVhZHNoZWV0ICAgb2RzOwogICAgYXBwbGljYXRpb24vdm5kLm9hc2lzLm9wZW5kb2N1bWVudC50ZXh0ICAgICAgICAgIG9kdDsKICAgIGFwcGxpY2F0aW9uL3ZuZC5vcGVueG1sZm9ybWF0cy1vZmZpY2Vkb2N1bWVudC5wcmVzZW50YXRpb25tbC5wcmVzZW50YXRpb24KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBwcHR4OwogICAgYXBwbGljYXRpb24vdm5kLm9wZW54bWxmb3JtYXRzLW9mZmljZWRvY3VtZW50LnNwcmVhZHNoZWV0bWwuc2hlZXQKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB4bHN4OwogICAgYXBwbGljYXRpb24vdm5kLm9wZW54bWxmb3JtYXRzLW9mZmljZWRvY3VtZW50LndvcmRwcm9jZXNzaW5nbWwuZG9jdW1lbnQKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBkb2N4OwogICAgYXBwbGljYXRpb24vdm5kLndhcC53bWxjICAgICAgICAgICAgICAgICAgICAgICAgIHdtbGM7CiAgICBhcHBsaWNhdGlvbi93YXNtICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2FzbTsKICAgIGFwcGxpY2F0aW9uL3gtN3otY29tcHJlc3NlZCAgICAgICAgICAgICAgICAgICAgICA3ejsKICAgIGFwcGxpY2F0aW9uL3gtY29jb2EgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBjY287CiAgICBhcHBsaWNhdGlvbi94LWphdmEtYXJjaGl2ZS1kaWZmICAgICAgICAgICAgICAgICAgamFyZGlmZjsKICAgIGFwcGxpY2F0aW9uL3gtamF2YS1qbmxwLWZpbGUgICAgICAgICAgICAgICAgICAgICBqbmxwOwogICAgYXBwbGljYXRpb24veC1tYWtlc2VsZiAgICAgICAgICAgICAgICAgICAgICAgICAgIHJ1bjsKICAgIGFwcGxpY2F0aW9uL3gtcGVybCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBwbCBwbTsKICAgIGFwcGxpY2F0aW9uL3gtcGlsb3QgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBwcmMgcGRiOwogICAgYXBwbGljYXRpb24veC1yYXItY29tcHJlc3NlZCAgICAgICAgICAgICAgICAgICAgIHJhcjsKICAgIGFwcGxpY2F0aW9uL3gtcmVkaGF0LXBhY2thZ2UtbWFuYWdlciAgICAgICAgICAgICBycG07CiAgICBhcHBsaWNhdGlvbi94LXNlYSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2VhOwogICAgYXBwbGljYXRpb24veC1zaG9ja3dhdmUtZmxhc2ggICAgICAgICAgICAgICAgICAgIHN3ZjsKICAgIGFwcGxpY2F0aW9uL3gtc3R1ZmZpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBzaXQ7CiAgICBhcHBsaWNhdGlvbi94LXRjbCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGNsIHRrOwogICAgYXBwbGljYXRpb24veC14NTA5LWNhLWNlcnQgICAgICAgICAgICAgICAgICAgICAgIGRlciBwZW0gY3J0OwogICAgYXBwbGljYXRpb24veC14cGluc3RhbGwgICAgICAgICAgICAgICAgICAgICAgICAgIHhwaTsKICAgIGFwcGxpY2F0aW9uL3hodG1sK3htbCAgICAgICAgICAgICAgICAgICAgICAgICAgICB4aHRtbDsKICAgIGFwcGxpY2F0aW9uL3hzcGYreG1sICAgICAgICAgICAgICAgICAgICAgICAgICAgICB4c3BmOwogICAgYXBwbGljYXRpb24vemlwICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHppcDsKCiAgICBhcHBsaWNhdGlvbi9vY3RldC1zdHJlYW0gICAgICAgICAgICAgICAgICAgICAgICAgYmluIGV4ZSBkbGw7CiAgICBhcHBsaWNhdGlvbi9vY3RldC1zdHJlYW0gICAgICAgICAgICAgICAgICAgICAgICAgZGViOwogICAgYXBwbGljYXRpb24vb2N0ZXQtc3RyZWFtICAgICAgICAgICAgICAgICAgICAgICAgIGRtZzsKICAgIGFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbSAgICAgICAgICAgICAgICAgICAgICAgICBpc28gaW1nOwogICAgYXBwbGljYXRpb24vb2N0ZXQtc3RyZWFtICAgICAgICAgICAgICAgICAgICAgICAgIG1zaSBtc3AgbXNtOwoKICAgIGF1ZGlvL21pZGkgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBtaWQgbWlkaSBrYXI7CiAgICBhdWRpby9tcGVnICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgbXAzOwogICAgYXVkaW8vb2dnICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIG9nZzsKICAgIGF1ZGlvL3gtbTRhICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBtNGE7CiAgICBhdWRpby94LXJlYWxhdWRpbyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgcmE7CgogICAgdmlkZW8vM2dwcCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDNncHAgM2dwOwogICAgdmlkZW8vbXAydCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRzOwogICAgdmlkZW8vbXA0ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIG1wNDsKICAgIHZpZGVvL21wZWcgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBtcGVnIG1wZzsKICAgIHZpZGVvL3F1aWNrdGltZSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBtb3Y7CiAgICB2aWRlby93ZWJtICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2VibTsKICAgIHZpZGVvL3gtZmx2ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBmbHY7CiAgICB2aWRlby94LW00diAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgbTR2OwogICAgdmlkZW8veC1tbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIG1uZzsKICAgIHZpZGVvL3gtbXMtYXNmICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBhc3ggYXNmOwogICAgdmlkZW8veC1tcy13bXYgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdtdjsKICAgIHZpZGVvL3gtbXN2aWRlbyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdmk7Cn0K", + "mtime": "1970-01-01T00:00:00Z", + "name": "mime.types", + "size": 5349 + } + ], + "name": "/etc/nginx" + } + ] + } + }, + "NginxConfigObjectID": { + "description": "A globally unique identifier for the NGINX Config object.", + "type": "string", + "format": "object_id", + "pattern": "^nc_.*", + "x-go-type": "objects.ID", + "x-go-type-import": { + "name": "objects", + "path": "gitlab.com/f5/nginx/one/saas/control-plane/pkg/collections/objects" + } + }, + "PayloadObjectID": { + "description": "A globally unique identifier for the valid payload object reference.", + "type": "string", + "format": "object_id", + "pattern": "^(cert|pv)_.*", + "x-go-type": "objects.ID", + "x-go-type-import": { + "name": "objects", + "path": "gitlab.com/f5/nginx/one/saas/control-plane/pkg/collections/objects" + } + }, + "NginxConfigPayload": { + "type": "object", + "description": "Details of Aux File Payload that goes with an NGINX configuration. Provide hints for the backend system on \nadditional file contents that should be part of the NGINX Config Publication.\nCan be used to deploy files related to SSL certificates, to a data plane instance.\n", + "required": [ + "type", + "paths" + ], + "properties": { + "type": { + "type": "string", + "description": "Types of Aux File Payload:\n - inline_secret - indicates the provided content for the payload should be stored in a secret location, and removed after the publication is done.\n - inline_content - indicates the provided content for the payload should be stored, and removed after the publication is done. Note, the contents may end up in the `aux` content if used in this NGINX configuration.\n - unmanaged_certificate - indicates certificate content for an unmanaged certificate detected from a data plane instance through NGINX configurations. Will be filtered and ignored in the payload deployment.\n - managed_certificate - indicates public certificates managed by NGINX One Console.\n - managed_key - indicates a private key managed by NGINX One Console.\n - nap_policy_version - indicates a version of NAP policy managed by NGINX One Console. A valid policy_version object\n", + "enum": [ + "inline_secret", + "inline_content", + "unmanaged_certificate", + "managed_certificate", + "managed_key", + "nap_policy_version" + ], + "x-enum-varnames": [ + "nginx_config_payload_inline_secret", + "nginx_config_payload_inline_content", + "nginx_config_payload_unmanaged_certificate", + "nginx_config_payload_managed_certificate", + "nginx_config_payload_managed_key", + "nginx_config_payload_nap_policy_version" + ] + }, + "contents": { + "type": "string", + "format": "base64", + "description": "The base64-encoded contents of the file.", + "maxLength": 3145728 + }, + "object_id": { + "$ref": "#/components/schemas/PayloadObjectID" + }, + "paths": { + "type": "array", + "items": { + "type": "string" + } + } + }, + "example": { + "type": "inline_content", + "contents": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURUVENDQWpXZ0F3SUJBZ0lVVkcycitidUwwRk83U1FVeUtoVkNTN3YyRHZZd0RRWUpLb1pJaHZjTkFRRUwKQlFBd05qRVNNQkFHQTFVRUF3d0piRzlqWVd4b2IzTjBNUk13RVFZRFZRUUtEQXBPUjBsT1dDQkpibU11TVFzdwpDUVlEVlFRR0V3SlZVekFlRncweU5EQTBNall5TURVeE5ERmFGdzB5TkRBME1qY3lNRFV4TkRGYU1EWXhFakFRCkJnTlZCQU1NQ1d4dlkyRnNhRzl6ZERFVE1CRUdBMVVFQ2d3S1RrZEpUbGdnU1c1akxqRUxNQWtHQTFVRUJoTUMKVlZNd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUUMyb0FJVU9HMkxGMFVGclpMeQp5aWhZRjBZWjdYTWFYZnZ4dWJMYVZZdUdJNjlYN1FQRUJtUXp2OXdod25aUktDUExDZHVCNG04Y0o3Q3BGenRHCldPYVFMbmNxVVA4RFU1aHlQeFBSbmZUdFFBcUdiMDJRZ1RVQXY1QkpJMFZheGhCcnNaemd0KzgyM3ZoTTZTUHcKMGdSc1NZRlFpKzVDWW9MMWZNSWdhS0N2Ri9zZGl5cHZFQ0JDZVZyTWZFZ0pGSVJBQ1kvdFBzdEsvTkxwKzlmawppZ3hFMlYxcldoSGdvRmhZRm5YYnVqM2RIMHJLai9DVlM5anZMMk9vRTlvenM5MkRVLytySGJ6eFR3QndVQjBzCmVPS2hPY2d2cENyTVlSUWxUUlhmWVJmV0NLN2Q2Mk1JR3kvajcvV1VieDFOYzl4MjJzUitydVRlZkxnRTA2NWgKMldDZkFnTUJBQUdqVXpCUk1CMEdBMVVkRGdRV0JCUnZnamkxWlByZlVBMnRlWlRMUGE0djlzdHFXakFmQmdOVgpIU01FR0RBV2dCUnZnamkxWlByZlVBMnRlWlRMUGE0djlzdHFXakFQQmdOVkhSTUJBZjhFQlRBREFRSC9NQTBHCkNTcUdTSWIzRFFFQkN3VUFBNElCQVFCNC9VM3lrMFYzMTFNRFQvaEttbFJ4MWRqalRyMlhIQnVEcXZYY3BIRTQKVDJwZ0xnWURwN2tmUTQrdnlHWUt1cndEc0F1VDhEZCtUUUZLZEIraEFGRzMyazlxS1RyY1ZCZ2tNSjIwQitvWQp4T2diWW5zVnpiTDhXL0hOR3BlbDkrbThwYURtMGRXNzhMUit5UnJleDVlY2pjYWlZMDg3b0dHNlJDeWhyUVd4CkpkdkFvNlU1ejl3TnVhNmMyNlY2cy84Yit6SkJWektGZ0tQNVVGL2lIcGJVNW1QcVMwWlk4ckhRLzZPTHRGRjgKZ1J2UUlRZjZLSjRmOXlUOFBYSHBIdGJCMzEzaWh2Z09wWW9la3lIWTZaSmllTWhkd0J4MzB1N3d2Uy9POEluYwpsZWZzTkxUcWFTM2JWdldLeUFaVlZyenFtU043aGh4QWZrc0RZelBFbkF3OAotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0t", + "paths": [ + "/etc/nginx/ssl/server.crt" + ] + } + }, + "NginxConfigPayloads": { + "type": "array", + "description": "An array of payloads that track the file paths of each SSL certificates and key, indicating where to deploy\nthem onto the data plane instance.\n* If the `type` is `managed_certificate` or `managed_key`, you need to specify an `object_id`.\n * The `object_id` must represent a managed certificate object, or a `400 Bad Request` is returned. \n * The `contents` field is optional and is ignored if included.\n* The NGINX One Console manages deployed file paths only for managed certificates and keys. If you don't want \nthem to be managed by NGINX One Console, `inline_content` and `inline_secret` can be used for certificates or \nkeys, respectively. When you retrieve certificate deployment details, only the file paths of managed \ncertificates and keys will be shown.\n* If you use `inline_content` and `inline_secret` in your NGINX configuration, the NGINX One Console \nwill detect them. When they are used as SSL directives of the NGINX configuration \nfor certificates and keys, the certificates will be listed as `unmanaged_certificate` in the certificate \ndeployment details.\n", + "items": { + "$ref": "#/components/schemas/NginxConfigPayload" + }, + "example": [ + { + "type": "managed_certificate", + "object_id": "cert_rto8NYiCQputrIasNx2NOA", + "paths": [ + "/etc/nginx/cert.pem" + ] + }, + { + "type": "managed_key", + "object_id": "cert_rto8NYiCQputrIasNx2NOA", + "paths": [ + "/etc/nginx/key.pem" + ] + }, + { + "type": "inline_content", + "contents": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURUVENDQWpXZ0F3SUJBZ0lVVkcycitidUwwRk83U1FVeUtoVkNTN3YyRHZZd0RRWUpLb1pJaHZjTkFRRUwKQlFBd05qRVNNQkFHQTFVRUF3d0piRzlqWVd4b2IzTjBNUk13RVFZRFZRUUtEQXBPUjBsT1dDQkpibU11TVFzdwpDUVlEVlFRR0V3SlZVekFlRncweU5EQTBNall5TURVeE5ERmFGdzB5TkRBME1qY3lNRFV4TkRGYU1EWXhFakFRCkJnTlZCQU1NQ1d4dlkyRnNhRzl6ZERFVE1CRUdBMVVFQ2d3S1RrZEpUbGdnU1c1akxqRUxNQWtHQTFVRUJoTUMKVlZNd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUUMyb0FJVU9HMkxGMFVGclpMeQp5aWhZRjBZWjdYTWFYZnZ4dWJMYVZZdUdJNjlYN1FQRUJtUXp2OXdod25aUktDUExDZHVCNG04Y0o3Q3BGenRHCldPYVFMbmNxVVA4RFU1aHlQeFBSbmZUdFFBcUdiMDJRZ1RVQXY1QkpJMFZheGhCcnNaemd0KzgyM3ZoTTZTUHcKMGdSc1NZRlFpKzVDWW9MMWZNSWdhS0N2Ri9zZGl5cHZFQ0JDZVZyTWZFZ0pGSVJBQ1kvdFBzdEsvTkxwKzlmawppZ3hFMlYxcldoSGdvRmhZRm5YYnVqM2RIMHJLai9DVlM5anZMMk9vRTlvenM5MkRVLytySGJ6eFR3QndVQjBzCmVPS2hPY2d2cENyTVlSUWxUUlhmWVJmV0NLN2Q2Mk1JR3kvajcvV1VieDFOYzl4MjJzUitydVRlZkxnRTA2NWgKMldDZkFnTUJBQUdqVXpCUk1CMEdBMVVkRGdRV0JCUnZnamkxWlByZlVBMnRlWlRMUGE0djlzdHFXakFmQmdOVgpIU01FR0RBV2dCUnZnamkxWlByZlVBMnRlWlRMUGE0djlzdHFXakFQQmdOVkhSTUJBZjhFQlRBREFRSC9NQTBHCkNTcUdTSWIzRFFFQkN3VUFBNElCQVFCNC9VM3lrMFYzMTFNRFQvaEttbFJ4MWRqalRyMlhIQnVEcXZYY3BIRTQKVDJwZ0xnWURwN2tmUTQrdnlHWUt1cndEc0F1VDhEZCtUUUZLZEIraEFGRzMyazlxS1RyY1ZCZ2tNSjIwQitvWQp4T2diWW5zVnpiTDhXL0hOR3BlbDkrbThwYURtMGRXNzhMUit5UnJleDVlY2pjYWlZMDg3b0dHNlJDeWhyUVd4CkpkdkFvNlU1ejl3TnVhNmMyNlY2cy84Yit6SkJWektGZ0tQNVVGL2lIcGJVNW1QcVMwWlk4ckhRLzZPTHRGRjgKZ1J2UUlRZjZLSjRmOXlUOFBYSHBIdGJCMzEzaWh2Z09wWW9la3lIWTZaSmllTWhkd0J4MzB1N3d2Uy9POEluYwpsZWZzTkxUcWFTM2JWdldLeUFaVlZyenFtU043aGh4QWZrc0RZelBFbkF3OAotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0t", + "paths": [ + "/etc/nginx/inline_cert.crt" + ] + } + ] + }, + "NginxConfig": { + "description": "Details of an NGINX configuration, including its unique identifier, the main configuration path, the \nconfiguration directories, and the NGINX configuration payloads that indicate where managed SSL certificates\nand keys were deployed to on the data plane instance.\n", + "allOf": [ + { + "$ref": "#/components/schemas/NginxConfigObject" + }, + { + "type": "object", + "required": [ + "object_id" + ], + "properties": { + "object_id": { + "$ref": "#/components/schemas/NginxConfigObjectID" + }, + "payloads": { + "$ref": "#/components/schemas/NginxConfigPayloads" + } + } + } + ] + }, + "FileDataRequest": { + "type": "object", + "description": "Details about a file, name, and content.", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "The file's relative path to the parent directory, absolute path also accepted.", + "minLength": 1, + "maxLength": 4096 + }, + "contents": { + "type": "string", + "format": "byte", + "description": "The base64-encoded contents of the file.", + "maxLength": 3145728 + } + } + }, + "DirectoryRequestWithFileContent": { + "type": "object", + "description": "Represents a directory and its contents, detailing the directory's full path, and the files within it.", + "required": [ + "name", + "files" + ], + "properties": { + "name": { + "type": "string", + "minLength": 1, + "description": "The complete path of the directory." + }, + "files": { + "type": "array", + "description": "The list of files in the directory.", + "items": { + "$ref": "#/components/schemas/FileDataRequest" + } + } + } + }, + "NginxConfigObjectRequest": { + "type": "object", + "description": "Details of an NGINX configuration, the main configuration path, and the configuration directories.\n", + "required": [ + "conf_path", + "configs" + ], + "properties": { + "config_version": { + "type": "string", + "description": "A hash that uniquely identifies the contents of the config object. Can be used to detect change when updating the NginxConfig.\n" + }, + "conf_path": { + "$ref": "#/components/schemas/ConfigPath" + }, + "configs": { + "type": "array", + "description": "An array of directories containing NGINX configuration files.", + "items": { + "$ref": "#/components/schemas/DirectoryRequestWithFileContent" + } + }, + "aux": { + "type": "array", + "description": "An array of auxiliary directory contents related to the NGINX configuration. When auxiliary contents are\nprovided, they become the authoritative source of non-NGINX configuration content. Please ensure the\nprovided contents are complete, missing files that are referenced in the NGINX configuration can cause\nNGINX reload failure. When not provided, the previous known auxiliary contents will be used as part of\npublish.\n", + "items": { + "$ref": "#/components/schemas/DirectoryRequestWithFileContent" + } + } + } + }, + "NginxConfigRequest": { + "allOf": [ + { + "$ref": "#/components/schemas/NginxConfigObjectRequest" + }, + { + "type": "object", + "properties": { + "payloads": { + "$ref": "#/components/schemas/NginxConfigPayloads" + } + } + } + ] + }, + "PublicationStatusCause": { + "description": "Cause of the failure, provided only if the status is `failed`.", + "type": "object", + "properties": { + "cause": { + "description": "Cause of the failure, detailed as follows:\n* `unknown` - The reason for the failure is not known.\n* `timeout` - The publication request reached its time limit without receiving a response from the NGINX Agent.\n* `remote` - The NGINX Agent reported a failure when trying to apply the configuration. See the message for more details.\n", + "type": "string", + "enum": [ + "unknown", + "timeout", + "remote" + ], + "x-enum-varnames": [ + "publication_instance_status_cause_unknown", + "publication_instance_status_cause_timeout", + "publication_instance_status_cause_remote" + ] + }, + "message": { + "type": "string", + "description": "more specific failure message from the agent." + } + } + }, + "ConfigSyncGroupPublicationStatusReason": { + "allOf": [ + { + "$ref": "#/components/schemas/PublicationStatusCause" + }, + { + "type": "object", + "required": [ + "object_id" + ], + "properties": { + "object_id": { + "$ref": "#/components/schemas/InstanceObjectID" + } + } + } + ] + }, + "ConfigSyncGroupPublication": { + "description": "Details of a publication request for the NGINX config sync group.", + "required": [ + "status", + "created_at", + "modified_at" + ], + "properties": { + "object_id": { + "$ref": "#/components/schemas/PublicationObjectID" + }, + "status": { + "$ref": "#/components/schemas/ConfigSyncGroupPublicationStatus" + }, + "created_at": { + "type": "string", + "format": "date-time", + "description": "The date and time when the publication was created for the instance." + }, + "modified_at": { + "type": "string", + "format": "date-time", + "description": "The date and time when the publication was last modified for the instance." + }, + "status_reasons": { + "description": "Detailed failure reasons on each instance's publication, when 'status' is in 'failed' or 'partially_succeeded'", + "type": "array", + "items": { + "$ref": "#/components/schemas/ConfigSyncGroupPublicationStatusReason" + } + }, + "config_version": { + "type": "string", + "description": "A hash that uniquely identifies the contents of the config object in the publication.\n" + } + }, + "example": { + "config_version": "fc3bb4b50c145b3ca5c5d1342be5ec0718eeb9bb84f8d53c5734b6b8", + "created_at": "2024-05-23T21:57:13.048285Z", + "modified_at": "2024-05-23T21:57:13.048285Z", + "object_id": "pub_UPV8jXFwSgm1vHQJCvLD1w", + "status": "failed", + "status_reasons": [ + { + "cause": "remote", + "message": "Config apply failed (write): error running nginx -t -c /etc/nginx/nginx.conf:\n error running nginx -t -c /etc/nginx/nginx.conf:\nnginx: [emerg] invalid number of arguments in \"worker_processes\" directive in /etc/nginx/nginx.conf:7\nnginx: configuration file /etc/nginx/nginx.conf test failed\n", + "object_id": "inst_QBBobKIAQ_21grAwV83VYw" + } + ] + } + }, + "PublicationInstance": { + "description": "Details of a publication request for an NGINX instance.", + "required": [ + "status", + "created_at", + "modified_at" + ], + "properties": { + "object_id": { + "$ref": "#/components/schemas/PublicationObjectID" + }, + "config_version": { + "type": "string", + "description": "A hash that uniquely identifies the contents of the config object in the publication.\n" + }, + "status": { + "description": "Publication status for the NGINX instance:\n* `pending` - The publication request has been accepted and is currently processing.\n* `failed` - The publication attempt failed.\n* `succeeded` - The publication was successful.\n", + "type": "string", + "enum": [ + "pending", + "failed", + "succeeded" + ], + "x-enum-varnames": [ + "publication_instance_status_pending", + "publication_instance_status_failed", + "publication_instance_status_succeeded" + ] + }, + "status_cause": { + "$ref": "#/components/schemas/PublicationStatusCause" + }, + "created_at": { + "type": "string", + "format": "date-time", + "description": "The date and time when the publication was created for the instance." + }, + "modified_at": { + "type": "string", + "format": "date-time", + "description": "The date and time when the publication was last modified for the instance." + } + }, + "example": { + "config_version": "c039fbbd5d7f73d894390fb446bd3690da099ed8862b2527299bc2ba", + "created_at": "2024-05-14T20:36:06.272704Z", + "modified_at": "2024-05-14T20:36:06.272704Z", + "object_id": "pub_vfr5Oqv-AhxGzyqTXW-Ubw", + "status": "pending" + } + }, + "NginxConfigProblem": { + "type": "object", + "description": "Representation of a problem found during NGINX configuration analysis.", + "properties": { + "directive": { + "description": "Directive in the NGINX configuration where the issue is identified.", + "type": "string" + }, + "file": { + "description": "File where the issue is detected.", + "type": "string" + }, + "line": { + "description": "Line number in the configuration where the issue is found.", + "type": "integer" + } + } + }, + "NginxConfigReport": { + "type": "object", + "description": "An analysis of the NGINX configuration, highlighting issues and their severity, and offering recommendations.", + "properties": { + "rule": { + "description": "The name of the configuration rule that was violated.", + "type": "string" + }, + "info": { + "description": "A detailed description of the issue.", + "type": "string" + }, + "severity": { + "description": "The severity level of the issue.", + "type": "string" + }, + "category": { + "description": "Classification category of the issue.", + "type": "string" + }, + "documentation": { + "description": "Links to documentation that can assist in resolving the identified issue.", + "type": "array", + "items": { + "type": "string" + } + }, + "where": { + "description": "Specific locations in the configuration where issues were detected.", + "type": "array", + "items": { + "$ref": "#/components/schemas/NginxConfigProblem" + } + } + } + }, + "NginxConfigReports": { + "type": "array", + "items": { + "$ref": "#/components/schemas/NginxConfigReport" + } + }, + "NginxConfigMeta": { + "type": "object", + "description": "Meta data of an NGINX configuration, including its unique identifier, the config_version.\n", + "required": [ + "object_id", + "config_version", + "created_at", + "modified_at", + "config_source" + ], + "properties": { + "object_id": { + "$ref": "#/components/schemas/NginxConfigObjectID" + }, + "config_version": { + "type": "string", + "description": "A hash that uniquely identifies the contents of the config object.\n" + }, + "created_at": { + "type": "string", + "format": "date-time", + "description": "The date and time when the NGINX configuration object was created for the instance." + }, + "modified_at": { + "type": "string", + "format": "date-time", + "description": "The date and time when the NGINX configuration object was last modified for the instance." + }, + "config_source": { + "type": "string", + "enum": [ + "NGINX One", + "Other", + "Unspecified" + ], + "x-enum-varnames": [ + "config_source_nginx_one", + "config_source_other", + "config_source_unspecified" + ], + "description": "The source from which the config was created:\n- `NGINX One`: The config was created from NGINX One.\n- `Other`: The config was created from data plane.\n- `Unspecified`: The source of the config is unspecified.\n" + } + }, + "example": { + "object_id": "nc_AamgWtYSSb6OWGljx3wNDA", + "config_version": "Cm1hcCAkdXJpICRtYXBwZWRfc2V", + "created_at": "2023-08-10T16:59:15Z", + "modified_at": "2023-08-10T16:59:15Z", + "config_source": "NGINX One" + } + }, + "FilterNameControlPlanes": { + "type": "string", + "description": "Keywords for control plane filters.\nWhen filtering on `product`, only the following `filter_values` are supported:\n * nic\n", + "enum": [ + "name", + "product_version", + "object_id" + ], + "x-enum-varnames": [ + "filter_name_control_plane_name", + "filter_name_control_plane_product_version", + "filter_name_control_plane_object_id" + ] + }, + "ListControlPlaneObject": { + "allOf": [ + { + "$ref": "#/components/schemas/ControlPlaneBaseInfo" + }, + { + "type": "object", + "description": "Summary information about a control plane.", + "required": [ + "object_id", + "instances_count", + "online_instances_count" + ], + "properties": { + "object_id": { + "$ref": "#/components/schemas/ControlPlaneObjectID" + }, + "instances_count": { + "description": "Total number of instances in the control plane.", + "type": "integer" + }, + "online_instances_count": { + "description": "Total number of online instances in the control plane.", + "type": "integer" + }, + "cve_severity": { + "type": "array", + "description": "An array summarizing identified Common Vulnerabilities and Exposures (CVEs) across the NGINX control plane.", + "items": { + "$ref": "#/components/schemas/CveDetails" + } + } + } + } + ] + }, + "ControlPlaneListResponse": { + "allOf": [ + { + "$ref": "#/components/schemas/PaginationResponse" + }, + { + "type": "object", + "description": "List of control planes.", + "required": [ + "items" + ], + "properties": { + "items": { + "description": "An array of control plane objects.", + "type": "array", + "items": { + "$ref": "#/components/schemas/ListControlPlaneObject" + } + } + } + } + ], + "example": { + "total": 10, + "count": 1, + "start_index": 1, + "items_per_page": 100, + "items": [ + { + "object_id": "ecp_tgfVM3KQTxCyiDXgV38G7A", + "name": "nginx-ingress-001", + "product_version": "nginx-ingress-controller-4.0.1", + "created_at": "2023-12-06T22:37:24.120114Z", + "instances_count": 5, + "online_instances_count": 3, + "cve_severity": [ + { + "count": 6, + "type": "medium" + }, + { + "count": 1, + "type": "high" + } + ] + }, + { + "object_id": "ecp_-bRQlhscTKmbUIdJaYhGJA", + "name": "nginx-ingress-002", + "created_at": "2023-12-06T22:37:24.120114Z", + "product_version": "nginx-ingress-controller-4.0.1", + "instances_count": 3, + "online_instances_count": 1, + "cve_severity": [ + { + "count": 2, + "type": "medium" + }, + { + "count": 3, + "type": "high" + } + ] + } + ] + } + }, + "StatusSummary": { + "description": "An overview of the status for each NGINX instance, indicating availability.", + "type": "object", + "required": [ + "online", + "offline", + "unavailable" + ], + "properties": { + "online": { + "description": "The number of NGINX instances reporting as `online`.\nThe NGINX Agent is connected to NGINX One, and the NGINX instance is online.\n", + "type": "integer" + }, + "offline": { + "description": "The number of NGINX instances reporting as `offline`.\nThe NGINX Agent is connected to NGINX One, but the NGINX instance is offline.\n", + "type": "integer" + }, + "unavailable": { + "description": "The number of NGINX instances reporting as `unavailable`.\nThe NGINX Agent has lost connection to NGINX One, rendering the NGINX instance unavailable.\n", + "type": "integer" + } + } + }, + "ControlPlane": { + "type": "object", + "description": "Information on control plane including:\n* Control plane object ID\n* Cluster UUID\n* Deployment UUID\n* Kubernetes namespace\n* Data plane key object ID\n* Certificate summary\n* Instance status summary\n", + "required": [ + "object_id", + "cluster_uuid", + "deployment_uuid", + "kubernetes_namespace" + ], + "properties": { + "object_id": { + "$ref": "#/components/schemas/ControlPlaneObjectID" + }, + "cluster_uuid": { + "description": "The Kubernetes UID assigned to the cluster that the product is running in.", + "type": "string" + }, + "deployment_uuid": { + "description": "The Kubernetes UID assigned to the control plane.", + "type": "string" + }, + "key_object_id": { + "$ref": "#/components/schemas/DataPlaneKeyObjectID" + }, + "kubernetes_namespace": { + "description": "The kubernetes namespace that the product is running in.", + "type": "string" + }, + "cert_summary": { + "$ref": "#/components/schemas/CertificateInstanceSummary" + }, + "statuses": { + "$ref": "#/components/schemas/StatusSummary" + } + } + }, + "ControlPlaneDetails": { + "type": "object", + "description": "Detailed information of control plane.", + "allOf": [ + { + "$ref": "#/components/schemas/ControlPlaneBaseInfo" + }, + { + "$ref": "#/components/schemas/ControlPlane" + } + ], + "example": { + "name": "foo", + "object_id": "ecp_-uvR3F2TQGm18jnl7bpaGw", + "product_version": "nginx-ingress-controller-1.0.0", + "cluster_uuid": "d1ced6c7-8980-467e-a1db-dcdfec16b1f7", + "deployment_uuid": "b9b00e37-5ee4-4361-8c61-1329f3828dd3", + "key_object_id": "key_6AT9LXyUQHyhC8kF7bVMgg", + "kubernetes_namespace": "nginx-ingress-controller", + "created_at": "2023-12-06T22:37:24.120114Z", + "cert_summary": { + "total": 9, + "valid": 1, + "expired": 5, + "expiring": 3, + "not_ready": 0 + }, + "statuses": { + "offline": 0, + "online": 3, + "unavailable": 0 + } + } + }, + "SummaryDisplayCount": { + "description": "The name, the total count, and an optional user-friendly display name of the resource being summarized.", + "type": "object", + "required": [ + "name", + "count" + ], + "properties": { + "name": { + "description": "Identifies the category of data being reported, such as an operating system, NGINX version, or another type.", + "type": "string" + }, + "count": { + "description": "The number of resources matching the given type.", + "type": "integer" + }, + "display": { + "description": "A user-friendly label for the category count, intended for display purposes where a more descriptive or readable format is preferred.", + "type": "string" + } + } + }, + "ControlPlaneProductVersionSummary": { + "description": "An array of control plane product names/versions.", + "type": "array", + "items": { + "$ref": "#/components/schemas/SummaryDisplayCount" + } + }, + "CveControlPlaneSummary": { + "description": "A summary of Common Vulnerabilities and Exposures (CVEs) across the NGINX control plane.", + "type": "object", + "required": [ + "severity", + "count", + "affected_control_planes" + ], + "properties": { + "severity": { + "$ref": "#/components/schemas/CveSeverityType" + }, + "count": { + "description": "The number of CVEs at each severity level.", + "type": "integer" + }, + "affected_control_planes": { + "description": "The number of control planes affected by each CVE.", + "type": "integer" + } + } + }, + "ControlPlaneSummary": { + "description": "A summary of control planes including their product names/version details.", + "type": "object", + "properties": { + "product_versions": { + "$ref": "#/components/schemas/ControlPlaneProductVersionSummary" + }, + "cves": { + "description": "An array summarizing identified Common Vulnerabilities and Exposures (CVEs) across the NGINX control plane.", + "type": "array", + "items": { + "$ref": "#/components/schemas/CveControlPlaneSummary" + } + } + }, + "example": { + "product_versions": [ + { + "count": 10, + "name": "nginx-ingress-controller-1.0.0" + } + ], + "cves": [ + { + "affected_control_planes": 3, + "count": 13, + "severity": "medium" + }, + { + "affected_control_planes": 2, + "count": 2, + "severity": "high" + } + ] + } + }, + "NginxCVEObject": { + "type": "object", + "required": [ + "id", + "severity", + "info", + "published_at" + ], + "description": "Details about a specific NGINX security advisory, including the number of instances impacted by it, its severity, and a brief description.", + "properties": { + "id": { + "description": "The security advisory's unique identifier.", + "type": "string" + }, + "severity": { + "$ref": "#/components/schemas/CveSeverityType" + }, + "info": { + "description": "A brief description of security advisory.", + "type": "string" + }, + "instances_impacted": { + "description": "Number of instances impacted by the security advisory", + "type": "integer" + }, + "control_planes_impacted": { + "description": "Number of control planes impacted by the security advisory", + "type": "integer" + }, + "published_at": { + "description": "The date and time when the cve was published", + "type": "string", + "format": "date-time" + } + } + }, + "CVEListResponse": { + "allOf": [ + { + "$ref": "#/components/schemas/PaginationResponse" + }, + { + "type": "object", + "description": "List of all CVEs.", + "required": [ + "items" + ], + "properties": { + "items": { + "description": "An array of CVE objects.", + "type": "array", + "items": { + "$ref": "#/components/schemas/NginxCVEObject" + } + } + } + } + ] + }, + "NginxProduct": { + "type": "string", + "description": "NGINX product :\n * `noss` - NGINX Open Source.\n * `nplus` - NGINX PLUS.\n * `nic` - NGINX Ingress Controller.\n", + "enum": [ + "noss", + "nplus", + "nic", + "unknown" + ], + "x-enum-varnames": [ + "nginx_product_noss", + "nginx_product_nplus", + "nginx_product_nic", + "nginx_product_unknown" + ] + }, + "CveImpactedNginxProduct": { + "type": "object", + "required": [ + "versions", + "name" + ], + "description": "security advisory impacted NGINX product and its version.", + "properties": { + "versions": { + "description": "List of impacted NGINX product versions.", + "type": "array", + "items": { + "type": "string" + } + }, + "name": { + "$ref": "#/components/schemas/NginxProduct" + } + } + }, + "NginxCVEDetailsResponse": { + "allOf": [ + { + "$ref": "#/components/schemas/NginxCVEObject" + }, + { + "type": "object", + "required": [ + "detail", + "impacted_products" + ], + "description": "Details about a specific NGINX security advisory, including its severity, detail,\npublished date and time, description and impacted products.\n", + "properties": { + "impacted_products": { + "type": "array", + "items": { + "$ref": "#/components/schemas/CveImpactedNginxProduct" + } + }, + "detail": { + "description": "the details about security advisory", + "type": "string" + } + }, + "example": { + "detail": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-ID", + "id": "CVE-ID", + "impacted_products": [ + { + "name": "nplus", + "versions": [ + "r1", + "r2" + ] + }, + { + "name": "noss", + "versions": [ + "1.11.1", + "1.20.2", + "1.19.9" + ] + }, + { + "name": "nic", + "versions": [ + "1.0.0", + "2.1.0" + ] + } + ], + "info": "Memory disclosure in the ngx_http_mp4_module", + "published_at": "2022-10-19T00:00:00Z", + "severity": "medium" + } + } + ] + }, + "NginxProductInfo": { + "type": "object", + "description": "Information about an NGINX product type and its version", + "required": [ + "name", + "version" + ], + "properties": { + "name": { + "$ref": "#/components/schemas/NginxProduct" + }, + "version": { + "description": "version of the NGINX product installed on the instance.", + "type": "string" + } + } + }, + "CVEImpactedInstance": { + "type": "object", + "description": "Summary information about a NGINX instance.", + "required": [ + "object_id", + "hostname", + "status" + ], + "properties": { + "object_id": { + "$ref": "#/components/schemas/InstanceObjectID" + }, + "hostname": { + "description": "The name of the host system where the NGINX instance is running.", + "type": "string" + }, + "products": { + "description": "List of NGINX products in the instance", + "type": "array", + "items": { + "$ref": "#/components/schemas/NginxProductInfo" + } + }, + "status": { + "type": "string", + "description": "The current operational status of the NGINX instance, with the following possible values:\n* `unknown` - The status of the NGINX instance cannot be determined at this moment.\n* `unavailable` - The NGINX Agent has lost connection to NGINX One, rendering the NGINX instance unavailable.\n* `offline` - The NGINX Agent is connected to NGINX One, but the NGINX instance is offline.\n* `online` - The NGINX Agent is connected to NGINX One, and the NGINX instance is online.\n", + "enum": [ + "unknown", + "unavailable", + "offline", + "online" + ] + } + } + }, + "CVEImpactedInstancesListResponse": { + "allOf": [ + { + "$ref": "#/components/schemas/PaginationResponse" + }, + { + "type": "object", + "description": "List of instances affected by a CVE.", + "required": [ + "items" + ], + "properties": { + "items": { + "description": "An array of Instance objects.", + "type": "array", + "items": { + "$ref": "#/components/schemas/CVEImpactedInstance" + } + } + }, + "example": { + "total": 10, + "count": 1, + "start_index": 1, + "items_per_page": 100, + "items": [ + { + "object_id": "inst_8Iwn7dT7RF-PRLxkSt5EYQ", + "hostname": "4d116619f106", + "products": [ + { + "name": "noss", + "version": "1.18.0" + } + ], + "status": "unknown" + } + ] + } + } + ] + }, + "FilterNameEvents": { + "type": "string", + "description": "Keywords for events filters.\n", + "enum": [ + "object_id" + ], + "x-enum-varnames": [ + "filter_name_events_object_id" + ] + }, + "EventObjectID": { + "description": "A globally unique identifier for a NGINX One system event.", + "type": "string", + "format": "object_id", + "pattern": "^event_.*", + "x-go-type": "objects.ID", + "x-go-type-import": { + "name": "objects", + "path": "gitlab.com/f5/nginx/one/saas/control-plane/pkg/collections/objects" + } + }, + "Event": { + "type": "object", + "description": "An Event is a system message.", + "required": [ + "type", + "timestamp", + "object_id", + "message" + ], + "properties": { + "timestamp": { + "description": "time of the event", + "type": "string", + "format": "date-time", + "example": "2019-08-07T09:57:36.088757764Z" + }, + "type": { + "type": "string", + "description": "type of event, indication for affected object type.", + "enum": [ + "instance_cleanup", + "certificates", + "publications", + "nap_compilation_jobs" + ], + "x-enum-varnames": [ + "event_type_instance_cleanup", + "event_type_certificates", + "event_type_publications", + "event_type_nap_compilation_jobs" + ] + }, + "object_id": { + "$ref": "#/components/schemas/EventObjectID" + }, + "affected_object_id": { + "$ref": "#/components/schemas/ObjectID" + }, + "hostname": { + "type": "string", + "description": "hostname of the affected instance, if any." + }, + "message": { + "type": "string", + "description": "Details regarding the event.", + "example": "Instance \"demo-1\" deleted by instance cleanup after \"unavailable\" for 25 hours." + } + }, + "example": { + "timestamp": "2024-02-04T09:57:36.088757764Z", + "type": "instance_cleanup", + "object_id": "event_-uvR3F2TQGm18jnl7bpaGw", + "affected_object_id": "inst_-uvR3F2TQGm18jnl7bpaGw", + "message": "ip-170.0.1 deleted after age out period of 3 hours, last seen 2023-08-07T09:57:36.088757764Z" + } + }, + "EventsListResponse": { + "allOf": [ + { + "$ref": "#/components/schemas/PaginationResponse" + }, + { + "type": "object", + "description": "List of Events.", + "required": [ + "items" + ], + "properties": { + "items": { + "description": "An array of Event objects.", + "type": "array", + "items": { + "$ref": "#/components/schemas/Event" + } + } + } + } + ] + }, + "FilterNameInstances": { + "type": "string", + "description": "Keywords for instance filters.\n\nWhen filtering on `instance_status`, only the following `filter_values` are supported:\n * online\n * offline\n * unavailable\n * unknown\nWhen filtering base on `cert_status`, only the following `filter_values` are supported:\n * valid\n * expiring\n * expired\n * not_ready\n", + "enum": [ + "hostname", + "nginx_version", + "os_version", + "instance_status", + "cert_status", + "cve_severity", + "config_recommendation", + "key_object_id", + "system_id", + "object_id" + ], + "x-enum-varnames": [ + "filter_name_instances_hostname", + "filter_name_instances_nginx_version", + "filter_name_instances_os_version", + "filter_name_instances_instance_status", + "filter_name_instances_cert_status", + "filter_name_instances_cve_severity", + "filter_name_instances_config_recommendation", + "filter_name_instances_key_object_id", + "filter_name_instances_system_id", + "filter_name_instances_object_id" + ] + }, + "InstanceListResponse": { + "allOf": [ + { + "$ref": "#/components/schemas/PaginationResponse" + }, + { + "type": "object", + "description": "List of data plane instances.", + "required": [ + "items" + ], + "properties": { + "items": { + "description": "An array of Instance objects.", + "type": "array", + "items": { + "$ref": "#/components/schemas/Instance" + } + } + } + } + ], + "example": { + "total": 10, + "count": 1, + "start_index": 1, + "items_per_page": 100, + "items": [ + { + "agent_version": "v2.30.3", + "hostname": "4d116619f106", + "key": "key_Tet21AeYTHCj7taOwVfzyw", + "last_reported": "2023-12-06T22:37:24.120114Z", + "nginx_build": { + "conf_path": "/etc/nginx/nginx.conf", + "version": "1.25.3" + }, + "nginx_id": "b636d4376dea15405589692d3c5d3869ff3a9b26b0e7bb4bb1aa7e658ace1437", + "registered_at": "2023-12-06T22:37:24.120114Z", + "status": "unknown", + "system_id": "b2c0b6a8-8b6a-3a8f-a541-17d8899c119a", + "object_id": "inst_-uvR3F2TQGm18jnl7bpaGw" + } + ] + } + }, + "InstanceBulkRequestData": { + "type": "object", + "description": "Part of bulk operation on a NGINX instance, only `delete` is supported.", + "required": [ + "action" + ], + "properties": { + "object_id": { + "$ref": "#/components/schemas/InstanceObjectID" + }, + "action": { + "$ref": "#/components/schemas/BulkRequestAction" + } + }, + "example": { + "object_id": "inst_-uvR3F2TQGm18jnl7bpaGw", + "action": "delete" + } + }, + "InstanceBulkRequest": { + "type": "array", + "items": { + "$ref": "#/components/schemas/InstanceBulkRequestData" + }, + "maxItems": 50, + "example": [ + { + "object_id": "inst_-uvR3F2TQGm18jnl7bpaGw", + "action": "delete" + }, + { + "object_id": "inst_PL0c1XodRemmzVEjiXSsTg", + "action": "delete" + } + ] + }, + "InstanceBulkResponse": { + "description": "The NGINX instance bulk outcome.", + "type": "array", + "items": { + "$ref": "#/components/schemas/BulkRequestObjectStatus" + } + }, + "OperatingSystem": { + "description": "Release details for the operating system.", + "type": "object", + "required": [ + "name", + "id", + "codename", + "version", + "version_id" + ], + "properties": { + "name": { + "description": "The official name of the operating system release.", + "type": "string" + }, + "id": { + "description": "The distinctive identifier for the operating system release.", + "type": "string" + }, + "codename": { + "description": "The codename assigned to the operating system release.", + "type": "string" + }, + "version": { + "description": "The version label for the operating system, which may include the name and version number or codename.", + "type": "string" + }, + "version_id": { + "description": "The specific version number of the operating system release.", + "type": "string" + } + }, + "example": { + "name": "Ubuntu", + "id": "ubuntu", + "codename": "bionic", + "version": "18.04.5 LTS (Bionic Beaver)", + "version_id": "18.04" + } + }, + "ConfigSyncGroupInstanceMeta": { + "allOf": [ + { + "$ref": "#/components/schemas/ConfigSyncGroupMeta" + }, + { + "type": "object", + "description": "Additional details on instance in the NGINX config sync group including:\n* config sync status\n", + "properties": { + "instance_config_status": { + "$ref": "#/components/schemas/ConfigSyncStatus" + } + } + } + ] + }, + "NapSignatureVersion": { + "description": "The version of the NGINX App Protect resource.", + "type": "string", + "example": "2023.12.06" + }, + "NapInstanceAssociation": { + "allOf": [ + { + "$ref": "#/components/schemas/NapAssociation" + }, + { + "type": "object", + "required": [ + "threat_campaign_version", + "attack_signature_version", + "bot_signature_version" + ], + "properties": { + "threat_campaign_version": { + "$ref": "#/components/schemas/NapSignatureVersion" + }, + "attack_signature_version": { + "$ref": "#/components/schemas/NapSignatureVersion" + }, + "bot_signature_version": { + "$ref": "#/components/schemas/NapSignatureVersion" + } + } + } + ], + "example": { + "name": "default_policy", + "version": "2025.05.01", + "policy_object_id": "pol_panEdeY-Sh2rWm365y7wsw", + "policy_version_object_id": "pv_kem7SCosTTOL9mMlNyY2GQ", + "publication_object_id": "pub_72pGHoGsSICL_THZrs964g", + "paths": [ + "/etc/nginx/default_policy.tgz" + ], + "deployment_status": "deployed", + "enforcement_mode": "transparent", + "deployed_on": "2023-12-06T22:37:24.120114Z", + "threat_campaign_version": "2025.01.23", + "attack_signature_version": "2025.01.19", + "bot_signature_version": "2025.01.19" + } + }, + "NginxAppProtectDetails": { + "description": "Information regarding NGINX App Protect. Includes version and deployments.\n", + "type": "object", + "required": [ + "engine_version", + "deployments" + ], + "properties": { + "release_version": { + "description": "The release version of NGINX App Protect.", + "type": "string" + }, + "engine_version": { + "description": "The version of the App Protect enforcement engine.", + "type": "string" + }, + "deployments": { + "type": "array", + "items": { + "$ref": "#/components/schemas/NapInstanceAssociation" + } + } + } + }, + "InstanceDetails": { + "type": "object", + "description": "Detailed information about an NGINX instance.", + "allOf": [ + { + "$ref": "#/components/schemas/Instance" + }, + { + "type": "object", + "properties": { + "certs": { + "description": "An array detailing each certificate's information, including its friendly name, unique identifier, applicable file system paths, subject name, and validity dates. \nIt provides insights into the operational status of each certificate, such as whether it's currently valid, nearing expiration, is not ready to be used, or has already expired.\nThe deployment status indicates whether the latest certs and key managed by NGINX One Console are deployed onto this data plane instance.\n", + "type": "array", + "items": { + "$ref": "#/components/schemas/CertAssociation" + } + }, + "os": { + "$ref": "#/components/schemas/OperatingSystem" + }, + "config_sync_group": { + "$ref": "#/components/schemas/ConfigSyncGroupInstanceMeta" + }, + "nginx_app_protect": { + "$ref": "#/components/schemas/NginxAppProtectDetails" + }, + "control_plane": { + "$ref": "#/components/schemas/ControlPlaneBaseInfo" + } + } + } + ], + "example": { + "agent_version": "v2.30.3", + "certs": [ + { + "subject_name": "test.com", + "name": "client", + "cert_type": "cert_key", + "not_after": "2024-01-06T00:01:30Z", + "not_before": "2023-12-07T00:01:30Z", + "cert_paths": [ + "/etc/nginx/client.pem" + ], + "cert_status": "expiring", + "deployment_status": "latest", + "object_id": "cert_Tet21AeYTHCj7taOwVfzyw" + } + ], + "hostname": "4d116619f106", + "key": "key_wN3IhLCmR3qmwybG_6ptEg", + "control_plane": { + "object_id": "ecp_CO1DdBxZToWmr3pTcaQ8QA", + "name": "nginx-ingress-001", + "product_version": "nginx-ingress-controller-4.0.1", + "created_at": "2023-12-06T22:37:24.120114Z" + }, + "last_reported": "2023-12-06T22:37:24.120114Z", + "nginx_build": { + "conf_path": "/etc/nginx/nginx.conf", + "version": "1.25.3" + }, + "nginx_id": "b636d4376dea15405589692d3c5d3869ff3a9b26b0e7bb4bb1aa7e658ace1437", + "os": { + "codename": "jammy", + "id": "ubuntu", + "name": "Ubuntu", + "version": "22.04.3 LTS (Jammy Jellyfish)", + "version_id": "22.04" + }, + "registered_at": "2023-12-06T22:37:24.120114Z", + "status": "unknown", + "system_id": "b2c0b6a8-8b6a-3a8f-a541-17d8899c119a", + "object_id": "inst_-uvR3F2TQGm18jnl7bpaGw" + } + }, + "NginxSecurityAdvisory": { + "type": "object", + "description": "Details about a specific NGINX security advisory, including its severity, a link to more information, and a brief description.", + "required": [ + "id", + "severity", + "advisory", + "info" + ], + "properties": { + "id": { + "description": "The security advisory's unique identifier.", + "type": "string" + }, + "severity": { + "$ref": "#/components/schemas/CveSeverityType" + }, + "advisory": { + "description": "The URL to detailed information about the security advisory.", + "type": "string" + }, + "info": { + "description": "A brief description of security advisory.", + "type": "string" + } + } + }, + "CertificateSummaryItem": { + "description": "summary information for certificate with certain status.", + "type": "object", + "required": [ + "status", + "count", + "affected_instances" + ], + "properties": { + "status": { + "$ref": "#/components/schemas/CertificateStatus" + }, + "count": { + "description": "The total number of SSL certificates for each status category.", + "type": "integer" + }, + "affected_instances": { + "description": "Indicates the total number of SSL/TLS certificates corresponding to the status provided.", + "type": "integer" + } + } + }, + "OperatingSystemVersionSummary": { + "description": "An array of operating systems and their versions on the NGINX data plane.", + "type": "array", + "items": { + "$ref": "#/components/schemas/SummaryDisplayCount" + } + }, + "NGINXVersionSummary": { + "description": "An array of NGINX versions installed across the NGINX data plane.", + "type": "array", + "items": { + "$ref": "#/components/schemas/SummaryDisplayCount" + } + }, + "CveSummary": { + "description": "A summary of Common Vulnerabilities and Exposures (CVEs) across the NGINX data plane.", + "type": "object", + "required": [ + "severity", + "count", + "affected_instances" + ], + "properties": { + "severity": { + "$ref": "#/components/schemas/CveSeverityType" + }, + "count": { + "description": "The number of CVEs at each severity level.", + "type": "integer" + }, + "affected_instances": { + "description": "The number of NGINX instances affected by each CVE.", + "type": "integer" + } + } + }, + "IssueSummary": { + "description": "A summary of issue details from the configuration analysis report.", + "type": "object", + "required": [ + "type", + "count", + "affected_instances" + ], + "properties": { + "type": { + "$ref": "#/components/schemas/RecommendationType" + }, + "count": { + "description": "The number of times this recommendation appears in the configuration analysis report.", + "type": "integer" + }, + "affected_instances": { + "description": "The number of instances affected by this issue.", + "type": "integer" + } + } + }, + "InstanceSummary": { + "description": "A summary of NGINX instances, including certificates, OS versions, NGINX versions, and status details.", + "type": "object", + "properties": { + "certs": { + "description": "An array detailing each certificate's status across all NGINX instances.", + "type": "array", + "items": { + "$ref": "#/components/schemas/CertificateSummaryItem" + } + }, + "os": { + "$ref": "#/components/schemas/OperatingSystemVersionSummary" + }, + "nginx_versions": { + "$ref": "#/components/schemas/NGINXVersionSummary" + }, + "statuses": { + "$ref": "#/components/schemas/StatusSummary" + }, + "cves": { + "description": "An array summarizing identified Common Vulnerabilities and Exposures (CVEs) across the NGINX data plane.", + "type": "array", + "items": { + "$ref": "#/components/schemas/CveSummary" + } + }, + "recommendations": { + "description": "An array summarizing the suggestions from the configuration analysis report.", + "type": "array", + "items": { + "$ref": "#/components/schemas/IssueSummary" + } + } + } + }, + "FilterStagedConfigs": { + "type": "string", + "description": "Keywords for staged configs filters.\n", + "enum": [ + "name", + "object_id" + ], + "x-enum-varnames": [ + "filter_name_staged_config_name", + "filter_name_staged_config_object_id" + ] + }, + "StagedConfigObjectID": { + "description": "A globally unique identifier for the NGINX staged config.", + "type": "string", + "format": "object_id", + "pattern": "^sc_.*", + "x-go-type": "objects.ID", + "x-go-type-import": { + "name": "objects", + "path": "gitlab.com/f5/nginx/one/saas/control-plane/pkg/collections/objects" + } + }, + "StagedConfigCertificateSummary": { + "type": "object", + "description": "Provides a summary of the current status of certificates used in NGINX configurations. It includes the total number of certificates, as well as the counts of expired certificates, those nearing expiration, valid certificates, certificates that are not found, and those that are not ready for use.", + "required": [ + "total", + "expired", + "expiring", + "valid", + "not_found", + "not_ready" + ], + "properties": { + "total": { + "description": "Total count of certificates used as `payloads` in NGINX config.", + "type": "integer" + }, + "expired": { + "description": "The number of certificates that have expired and are no longer valid.", + "type": "integer" + }, + "expiring": { + "description": "The number of certificates due to expire in the next 30 days.", + "type": "integer" + }, + "valid": { + "description": "The number of certificates that are valid and in good standing.", + "type": "integer" + }, + "not_found": { + "description": "The number of certificates that are not found on NGINX One Console.", + "type": "integer" + }, + "not_ready": { + "description": "The number of certificates that are not ready to be used.", + "type": "integer" + } + } + }, + "StagedConfigMeta": { + "type": "object", + "description": "Summary information of the NGINX staged config.", + "required": [ + "object_id", + "name", + "created_at", + "modified_at" + ], + "properties": { + "object_id": { + "$ref": "#/components/schemas/StagedConfigObjectID" + }, + "name": { + "description": "Name of the NGINX staged config", + "type": "string" + }, + "created_at": { + "type": "string", + "format": "date-time", + "description": "The date and time when the NGINX configuration object was created for the instance." + }, + "modified_at": { + "type": "string", + "format": "date-time", + "description": "The date and time when the NGINX configuration object was last modified for the instance." + }, + "cert_summary": { + "$ref": "#/components/schemas/StagedConfigCertificateSummary" + } + } + }, + "StagedConfigListResponse": { + "allOf": [ + { + "$ref": "#/components/schemas/PaginationResponse" + }, + { + "type": "object", + "description": "List of NGINX staged configs.", + "required": [ + "items" + ], + "properties": { + "items": { + "description": "An array of Staged Config objects.", + "type": "array", + "items": { + "$ref": "#/components/schemas/StagedConfigMeta" + } + } + } + } + ], + "example": { + "total": 10, + "count": 1, + "start_index": 1, + "items_per_page": 100, + "items": [ + { + "object_id": "sc_Tet21AeYTHCj7taOwVfzyw", + "name": "my-nginx-staged-config", + "created_at": "2023-08-10T16:59:15Z", + "modified_at": "2023-08-10T16:59:15Z" + } + ] + } + }, + "StagedConfigName": { + "type": "string", + "description": "A name to identify the NGINX staged config.", + "minLength": 1, + "maxLength": 256, + "pattern": "^[^\\s]+$" + }, + "StagedConfigCreateRequest": { + "description": "Body to create a NGINX staged config. A staged config can be empty; config payload is optional.", + "required": [ + "name" + ], + "properties": { + "name": { + "$ref": "#/components/schemas/StagedConfigName" + }, + "config": { + "$ref": "#/components/schemas/NginxConfigRequest" + } + }, + "example": { + "name": "my-nginx-staged-config", + "config": { + "aux": [], + "conf_path": "/etc/nginx/nginx.conf", + "configs": [ + { + "files": [ + { + "contents": "string", + "name": "default.conf" + } + ], + "name": "/etc/nginx/conf.d" + } + ] + } + } + }, + "StagedConfigCreateResponse": { + "description": "Response to a create NGINX staged config request.", + "required": [ + "object_id", + "name" + ], + "properties": { + "object_id": { + "$ref": "#/components/schemas/StagedConfigObjectID" + }, + "name": { + "description": "Name of the NGINX staged config.", + "type": "string" + } + }, + "example": { + "name": "my-nginx-staged-config", + "object_id": "sc_Tet21AeYTHCj7taOwVfzyw" + } + }, + "StagedConfigResponse": { + "description": "Get an NGINX staged config.", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "Name of the NGINX staged config." + }, + "config": { + "$ref": "#/components/schemas/NginxConfig" + } + } + }, + "StagedConfigUpdateRequest": { + "description": "Body to update a NGINX staged config name and config contents.", + "required": [ + "name", + "config" + ], + "properties": { + "name": { + "$ref": "#/components/schemas/StagedConfigName" + }, + "config": { + "$ref": "#/components/schemas/NginxConfigRequest" + } + }, + "example": { + "name": "my-nginx-staged-config", + "config": { + "aux": [], + "conf_path": "/etc/nginx/nginx.conf", + "config_version": "c039fbbd5d7f73d894390fb446bd3690da099ed8862b2527299bc2ba", + "configs": [ + { + "files": [ + { + "contents": "string", + "name": "default.conf" + } + ], + "name": "/etc/nginx/conf.d" + } + ] + } + } + }, + "StagedConfigChangeRequest": { + "description": "Update an NGINX staged config.", + "properties": { + "name": { + "$ref": "#/components/schemas/StagedConfigName" + }, + "config": { + "$ref": "#/components/schemas/NginxConfigRequest" + } + }, + "example": { + "config": { + "aux": [], + "conf_path": "/etc/nginx/nginx.conf", + "config_version": "c039fbbd5d7f73d894390fb446bd3690da099ed8862b2527299bc2ba", + "configs": [ + { + "files": [ + { + "contents": "string", + "name": "default.conf" + } + ], + "name": "/etc/nginx/conf.d" + } + ] + } + } + }, + "MetricQueryResultEx": { + "type": "object", + "required": [ + "query_metadata", + "metrics" + ], + "properties": { + "query_metadata": { + "$ref": "#/components/schemas/MetricQueryMetadata" + }, + "metrics": { + "description": "An array of Metric objects, each including the name of the metric resource, aggregate function, and series details.", + "type": "array", + "items": { + "$ref": "#/components/schemas/MetricEx" + } + } + } + }, + "MetricQueryMetadata": { + "description": "This object includes details about the time period and resolution (granularity) used in the metrics query.\n", + "type": "object", + "properties": { + "start_time": { + "description": "The beginning of the time period for the metrics query (inclusive).", + "type": "string", + "format": "date-time", + "example": "2019-08-07T09:57:36.088757764Z" + }, + "end_time": { + "description": "The end point for the time period for the metrics query (non-inclusive).", + "type": "string", + "format": "date-time", + "example": "2019-08-07T09:57:36.088757764Z" + }, + "resolution": { + "description": "The level of granularity for the time series data.", + "type": "string", + "example": "30m" + } + } + }, + "MetricEx": { + "type": "object", + "required": [ + "metric", + "series" + ], + "description": "This object represents a metric, including the name of the metric resource, aggregate function, and series details.\n", + "properties": { + "metric": { + "$ref": "#/components/schemas/MetricName" + }, + "aggregate": { + "$ref": "#/components/schemas/MetricAggregation" + }, + "series": { + "description": "An array of data points aligned along one or more dimensions from the Dimensions Catalog.\n", + "type": "array", + "items": { + "$ref": "#/components/schemas/SeriesEx" + }, + "example": [ + { + "dimensions": { + "nginx_id": "some-instance-obj-1", + "parent_hostname": "hostname-for-instance-1" + }, + "data": [ + { + "timestamp": "2019-08-07T09:57:30Z", + "value": 10 + } + ] + }, + { + "dimensions": { + "nginx_id": "some-instance-obj-2", + "parent_hostname": "hostname-for-instance-2" + }, + "data": [ + { + "timestamp": "2019-08-07T09:58:30Z", + "value": 5 + } + ] + } + ] + } + } + }, + "SeriesEx": { + "description": "This object represents a set of data points aligned along one or more dimensions from the Dimensions Catalog.", + "type": "object", + "required": [ + "dimensions", + "data" + ], + "properties": { + "dimensions": { + "description": "This object represents a set of data points aligned along one or more dimensions.\n", + "type": "object", + "additionalProperties": { + "description": "The name(s) of the dimensions used in the metrics query.\n", + "type": "string" + }, + "example": { + "nginx_id": "some-instance-object-id", + "parent_hostname": "hostname-for-instance" + } + }, + "data": { + "description": "Array of data points for a metric.\n", + "type": "array", + "items": { + "$ref": "#/components/schemas/MetricData" + }, + "example": [ + { + "timestamp": "2019-08-07T09:57:30Z", + "value": 10 + } + ] + } + } + }, + "MetricData": { + "type": "object", + "required": [ + "timestamp", + "value" + ], + "properties": { + "timestamp": { + "type": "string", + "description": "A date-time string that represent when the data point in the series was recorded.\n", + "format": "date-time" + }, + "value": { + "type": "number", + "format": "double", + "nullable": true, + "description": "A value for the data, where `null` indicates a gap.\n" + } + } + }, + "StartTime": { + "description": "Sets the beginning of the time period for your metrics query (inclusive).\n\nUsage:\n* `start_time` is required if `end_time` is specified.\n* If `start_time` isn't provided, the API returns the latest metrics.\n* `start_time` is required for aggregated metrics in order to calculate the `resolution` (granularity).\n\nTime can be specified in two ways:\n* Using ISO 8601 format. For example, \"2019-08-07T09:57:36.088757764Z\".\n* As an offset from the current time. For the offset, use `+` or `-`, followed by a number and the appropriate time unit. The time unit can can be `y` (years), `M` (months), `w` (weeks), `d` (days), `h` (hours), `m` (minutes), or `s` (seconds). \nExample of an offset: \"now-3h\" (3 hours before now).\n", + "type": "string", + "example": "2019-08-07T09:57:36.088757764Z" + }, + "EndTime": { + "description": "Sets the end point for the time period for your metrics query (non-inclusive).\n\nUsage:\n* Must be greater than `start_time`.\n* If `start_time` is specified and `end_time` is not, `end_time` defaults to the current time.\n\nTime can be specified in two ways:\n* Using ISO 8601 format. For example, \"2019-08-07T09:57:36.088757764Z\".\n* As an offset from the current time. For the offset, use `+` or `-`, followed by a number and the appropriate time unit. The time unit can can be `y` (years), `M` (months), `w` (weeks), `d` (days), `h` (hours), `m` (minutes), or `s` (seconds). \nExample of an offset: \"now-3h\" (3 hours before now).\n", + "type": "string", + "example": "2019-08-07T09:57:36.088757764Z" + }, + "MetricAggregation": { + "type": "string", + "description": "Static list of aggregation functions that can be applied to a compatible metric.\n * min\n * max\n * sum\n * avg\n * rate\n", + "enum": [ + "min", + "max", + "sum", + "avg", + "rate" + ], + "x-enum-varnames": [ + "metric_aggregation_min", + "metric_aggregation_max", + "metric_aggregation_sum", + "metric_aggregation_avg", + "metric_aggregation_rate" + ] + }, + "MetricDimensions": { + "type": "array", + "description": "List the dimensions to include in the response for each metric series.\n\nUsage:\n\n* Specify the list of dimensions. Dimensions not specified in this parameter will be hidden in the results.\n* If you specify dimensions in `group_by`, you don't need to list them again in `dimensions`. \nHowever, if you are using `group_by`, then any dimensions you list in `dimensions` must also be included in `group_by`.\n * To return a single series, specify the metric name with aggregation (for example, `{ \"name\": \"agent.cpu.system\", \"aggregate\": \"avg\" }`) and leave the `dimensions` parameter empty.\n", + "items": { + "$ref": "#/components/schemas/MetricDimension" + } + }, + "GroupByDimensions": { + "type": "array", + "description": "Group the query results by the specified dimension(s).\n\nUsage:\n* Specify the list of dimensions.\n* For `group_by` to work, all metrics in the `names` parameter must be aggregated.\n", + "items": { + "$ref": "#/components/schemas/MetricDimension" + } + }, + "TopXMetricDimensions": { + "type": "array", + "description": "List additional dimensions to include in the response for each metric series. The dimension specified by `group_series_by` will be included by default.\n", + "items": { + "$ref": "#/components/schemas/MetricDimension" + } + }, + "MetricDimension": { + "type": "string", + "default": "display_name", + "description": "Static list of all metric dimensions.\n * `display_name` - The display name of the NGINX instance.\n * `file_path` - Path to a desired file.\n * `parent_hostname` - The hostname of the NGINX Plus instance.\n * `instance_object_id` - Instance Object ID is the unique identifier for an Instance registered with NGINX One Console.\n * `location_zone` - The name of an HTTP location zone.\n * `mount_point` - A filesystem mount point.\n * `namespace` - The Namespace associated with the metric data.\n * `network_interface` - A server network interface.\n * `nginx_id` - The unique identifier of an nginx instance running on the data plane.\n * `server_zone` - The name of an HTTP or Stream server zone.\n * `system_id` - The unique identifier of the the operating system where nginx-agent is running.\n * `tenant` - The Tenant associated with the metric data.\n * `csg_object_id` - Config Sync Group Object ID is the unique identifier for a Config Sync Group registered with NGINX One Console.\n * `mode` - Variant value associated with metric `system.cpu.utilization`.\n * `state` - Variant value associated with metrics `system.filesystem.usage`, `system.memory.usage`.\n * `io_direction` - Variant value associated with metric `system.network.io`.\n * `status_range` - Variant value associated with metric `nginx.http.response.count`.\n", + "enum": [ + "display_name", + "file_path", + "parent_hostname", + "instance_object_id", + "location_zone", + "mount_point", + "namespace", + "network_interface", + "nginx_id", + "server_zone", + "system_id", + "tenant", + "csg_object_id", + "mode", + "state", + "io_direction", + "status_range" + ], + "x-enum-varnames": [ + "metric_dimension_display_name", + "metric_dimension_file_path", + "metric_dimension_hostname", + "metric_dimension_instance_object_id", + "metric_dimension_location_zone", + "metric_dimension_mount_point", + "metric_dimension_namespace", + "metric_dimension_network_interface", + "metric_dimension_nginx_id", + "metric_dimension_server_zone", + "metric_dimension_system_id", + "metric_dimension_tenant", + "metric_dimension_csg_object_id", + "metric_dimension_mode", + "metric_dimension_state", + "metric_dimension_io_direction", + "metric_dimension_status_range" + ] + }, + "BaseMetricQueryRequest": { + "type": "object", + "required": [ + "metrics" + ], + "properties": { + "metrics": { + "$ref": "#/components/schemas/MetricNames" + }, + "filter": { + "$ref": "#/components/schemas/MetricFilters" + }, + "start_time": { + "$ref": "#/components/schemas/StartTime" + }, + "end_time": { + "$ref": "#/components/schemas/EndTime" + }, + "resolution": { + "type": "string", + "description": "Specifies the level of granularity for time series data in your results. Applicable only for endpoints that return time series data.\n\nUsage: \n* Specify as a string with a number followed by a unit of time, such as `y` (years), `M` (months), `w` (weeks), `d` (days), `h` (hours), `m` (minutes) or `s` (seconds).\n* Metrics in `names` must be aggregated.\n* `start_time` is required.\n* If `resolution` is not set, the API returns the maximum resolution (`end_time` - `start_time`).\n", + "example": "30s" + } + } + }, + "MetricQueryRequest": { + "type": "object", + "allOf": [ + { + "$ref": "#/components/schemas/BaseMetricQueryRequest" + }, + { + "type": "object", + "properties": { + "dimensions": { + "$ref": "#/components/schemas/MetricDimensions" + }, + "group_by": { + "$ref": "#/components/schemas/GroupByDimensions" + }, + "order_by": { + "description": "List the order by for dimension(s).\n\nUsage:\n\n* Must be a dimension included by `dimensions` or `group_by`.\n", + "type": "array", + "items": { + "$ref": "#/components/schemas/OrderBy" + } + } + } + } + ] + }, + "MetricTopXQueryRequest": { + "type": "object", + "allOf": [ + { + "$ref": "#/components/schemas/BaseMetricQueryRequest" + }, + { + "type": "object", + "required": [ + "series_limit", + "group_series_by" + ], + "properties": { + "dimensions": { + "$ref": "#/components/schemas/TopXMetricDimensions" + }, + "series_limit": { + "type": "integer", + "example": 25, + "description": "Sets the maximum number of series that can be returned. \n\nNotes:\n* Always returns an additional series with a dimension named `all`, aggregating the values of all metrics included in the results.\n* A series with a dimension named `other` may be returned, aggregating the values of metrics not included in the results.\n" + }, + "group_series_by": { + "$ref": "#/components/schemas/MetricDimension" + }, + "order_series_by": { + "$ref": "#/components/schemas/OrderSeriesBy" + } + } + } + ] + }, + "MetricNames": { + "type": "array", + "description": "Specify the metrics you want details for.\n\nUsage: \n* List multiple metrics as json objects.\n * You can aggregate metrics with `avg`, `sum`, `min`, `max`, `rate`.\n* Metrics with aggregates require a `start_time`.\n* If you combine aggregated and non-aggregated metrics in a single query, any `group_by` clause applies only to the aggregated metrics.\n", + "items": { + "$ref": "#/components/schemas/MetricQuery" + }, + "example": [ + { + "name": "system.cpu.utilization", + "aggregate": "avg", + "filter": [ + { + "filterSet": [ + { + "dimension": "mode", + "operator": "=", + "values": [ + "system" + ] + } + ] + } + ] + } + ] + }, + "MetricQuery": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "$ref": "#/components/schemas/MetricName" + }, + "aggregate": { + "$ref": "#/components/schemas/MetricAggregation" + } + } + }, + "MetricFilterPredicate": { + "type": "string", + "enum": [ + "AND", + "OR" + ], + "x-enum-varnames": [ + "metric_filter_predicate_and", + "metric_filter_predicate_or" + ] + }, + "MetricFilters": { + "type": "array", + "description": "Filter results based on dimension operations against one or more values.\n\nUsage:\n* Format as one or more predicates by providing all required elements.\n * `dimension`: The dimension name you want to filter on.\n * `operator`: The possible operators (`=`, `!=`, `<`, `<=`, `>`, `>=`, `in`, `not`) you can use for comparison or condition checking.\n * `value`: Case sensitive value of the dimension to filter against.\n\nFor more complex filtering:\n\n* Specify a `predicate` for logical expressions (`AND`,`OR`). \n* Use a wildcard `*` in the `value` for matching partial values.\n", + "items": { + "$ref": "#/components/schemas/MetricFilterSet" + }, + "example": [ + { + "filterSet": [ + { + "dimension": "server_zone", + "operator": "!=", + "values": [ + "server_zone_1" + ] + }, + { + "predicate": "OR", + "dimension": "server_zone", + "operator": "=", + "values": [ + "server_zone_2" + ] + } + ] + }, + { + "predicate": "AND", + "filterSet": [ + { + "dimension": "nginx_id", + "operator": "in", + "values": [ + "id1", + "id2" + ] + } + ] + } + ] + }, + "MetricFilterSet": { + "type": "object", + "description": "Encapsulates one or more `MetricFilter` object(s) to be grouped together.\n", + "required": [ + "filterSet" + ], + "properties": { + "predicate": { + "$ref": "#/components/schemas/MetricFilterPredicate" + }, + "filterSet": { + "type": "array", + "items": { + "$ref": "#/components/schemas/MetricFilter" + } + } + } + }, + "MetricFilter": { + "type": "object", + "required": [ + "dimension", + "operator", + "values" + ], + "properties": { + "dimension": { + "$ref": "#/components/schemas/MetricDimension" + }, + "operator": { + "type": "string", + "description": "Static list of all operations supported by filtering\n\n* The `=`, `!=` only use the first element of the `values` array. Wildcards for partial matching is supported.\n* The `in` and `not` both use all elements in the `values` array. Wildcards for partial matching is NOT supported.\n", + "enum": [ + "=", + "!=", + "in", + "not" + ], + "x-enum-varnames": [ + "metric_filter_equal", + "metric_filter_not_equal", + "metric_filter_in", + "metric_filter_not" + ] + }, + "values": { + "type": "array", + "description": "Single value used for all operators except `in` and `not`.", + "items": { + "type": "string" + } + }, + "predicate": { + "$ref": "#/components/schemas/MetricFilterPredicate" + } + } + }, + "OrderDirection": { + "type": "string", + "enum": [ + "asc", + "desc" + ], + "x-enum-varnames": [ + "order_by_asc", + "order_by_desc" + ], + "default": "desc" + }, + "OrderBy": { + "type": "object", + "description": "Sort order of the metric series in your results.\n\nUsage:\n* Provide all required elements. \n * `direction`: The sorting direction either `desc` or `asc`.\n * `dimension`: The dimension for ordering.\n", + "required": [ + "direction", + "dimension" + ], + "properties": { + "direction": { + "$ref": "#/components/schemas/OrderDirection" + }, + "dimension": { + "$ref": "#/components/schemas/MetricDimension" + } + } + }, + "OrderSeriesBy": { + "type": "object", + "description": "Sort order of the metric series in your results.\n\nUsage:\n* Provide all required elements. \n * `direction`: The sorting direction either `desc` or `asc`.\n * `aggregate`: The aggregating function.\n", + "required": [ + "direction", + "aggregate" + ], + "properties": { + "direction": { + "$ref": "#/components/schemas/OrderDirection" + }, + "aggregate": { + "$ref": "#/components/schemas/MetricAggregation", + "default": "sum" + } + } + }, + "MetricName": { + "type": "string", + "description": "Metric names available for querying.\n", + "example": "nginx.http.request.count", + "oneOf": [ + { + "$ref": "#/components/schemas/MetricSystemCpuUtilization" + }, + { + "$ref": "#/components/schemas/MetricSystemFilesystemUsage" + }, + { + "$ref": "#/components/schemas/MetricSystemMemoryUsage" + }, + { + "$ref": "#/components/schemas/MetricSystemCpuLogicalCount" + }, + { + "$ref": "#/components/schemas/MetricSystemNetworkIo" + }, + { + "$ref": "#/components/schemas/MetricNginxHttpRequestCount" + }, + { + "$ref": "#/components/schemas/MetricNginxHttpResponseCount" + } + ] + }, + "MetricSystemCpuUtilization": { + "type": "string", + "description": "Total system CPU utilization for 'system' or 'user', percentage. A filter differentiator is needed for specific mode(s).\n\nReplacement for depreciated variant(s):\n * system.cpu.system\n * system.cpu.user\n\nAggregation(s) supported:\n * min\n * max\n * sum\n * avg\n * rate\n\nCatalog dimension filter differentiator:\n * mode (applicable filter values: 'system', 'user')\n\nCatalog dimension(s) supported:\n * instance_object_id\n * csg_object_id\n * system_id\n * parent_hostname\n * display_name\n * nginx_id\n", + "enum": [ + "system.cpu.utilization" + ] + }, + "MetricSystemFilesystemUsage": { + "type": "string", + "description": "System disk usage statistic, percentage. A filter differentiator is needed for specific state(s).\n\nReplacement for depreciated variant(s):\n * system.disk.in_use\n * system.disk.total\n * system.disk.used\n\nAggregation(s) supported:\n * min\n * max\n * sum\n * avg\n * rate\n\nCatalog dimension filter differentiator:\n * state (applicable filter values: 'used', 'free', 'in_use')\n\nCatalog dimension(s) supported:\n * instance_object_id\n * csg_object_id\n * system_id\n * parent_hostname\n * display_name\n * nginx_id\n * mount_point\n", + "enum": [ + "system.filesystem.usage" + ] + }, + "MetricSystemMemoryUsage": { + "type": "string", + "description": "Total available statistic about system memory usage, bytes. A filter differentiator is needed for specific state(s).\n\nReplacement for depreciated variant(s):\n * system.mem.pct_used\n * system.mem.total\n * system.mem.used\n\nAggregation(s) supported:\n * min\n * max\n * sum\n * avg\n * rate \n\nCatalog dimension filter differentiator:\n * state (applicable filter values: 'used', 'free', 'total', 'pct_used')\n\nCatalog dimension(s) supported:\n * instance_object_id\n * csg_object_id\n * system_id\n * parent_hostname\n * display_name\n * nginx_id\n", + "enum": [ + "system.memory.usage" + ] + }, + "MetricSystemCpuLogicalCount": { + "type": "string", + "description": "Number of logical (virtual) processor cores created by the operating system.\n\nAggregation(s) supported:\n * min\n * max\n * sum\n * avg\n * rate \n\nCatalog dimension(s) supported:\n * instance_object_id\n * csg_object_id\n * system_id\n * parent_hostname\n * display_name\n * nginx_id\n", + "enum": [ + "system.cpu.logical.count" + ] + }, + "MetricSystemNetworkIo": { + "type": "string", + "description": "Network I/O statistics. Number of bytes sent or received per network interface. A filter differentiator is needed for specific I/O direction(s).\n\nReplacement for depreciated variant(s):\n * system.net.bytes_rcvd\n * system.net.bytes_sent\n\nAggregation(s) supported:\n * min\n * max\n * sum\n * avg\n * rate\n\nCatalog dimension filter differentiator:\n * io_direction (applicable filter values: 'transmit', 'receive')\n\nCatalog dimension(s) supported:\n * instance_object_id\n * csg_object_id\n * system_id\n * parent_hostname\n * display_name\n * nginx_id\n * network_interface\n", + "enum": [ + "system.network.io" + ] + }, + "MetricNginxHttpRequestCount": { + "type": "string", + "description": "The current number of client requests received from clients.\n\nReplacement for depreciated variant(s):\n * nginx.http.request.count\n * plus.http.request.count\n\nAggregation(s) supported:\n * min\n * max\n * sum\n * avg\n * rate\n\nCatalog dimension(s) supported:\n * instance_object_id\n * csg_object_id\n * system_id\n * parent_hostname\n * display_name\n * nginx_id\n * server_zone\n * location_zone\n", + "enum": [ + "nginx.http.request.count" + ] + }, + "MetricNginxHttpResponseCount": { + "type": "string", + "description": "The current number of responses, grouped by status code range. A filter differentiator is needed for specific status range(s).\n\nReplacement for depreciated variant(s):\n * nginx.http.status.4xx\n * plus.http.status.4xx\n\nAggregation(s) supported:\n * min\n * max\n * sum\n * avg\n * rate\n\nCatalog dimension filter differentiator:\n * status_range (applicable filter values: '4xx', '5xx')\n\nCatalog dimension(s) supported:\n * instance_object_id\n * csg_object_id\n * system_id\n * parent_hostname\n * display_name\n * nginx_id \n * server_zone\n * location_zone\n", + "enum": [ + "nginx.http.response.count" + ] + }, + "SettingsInstanceCleanup": { + "type": "object", + "description": "Preferences for automatic cleanup of stale NGINX One Instances.", + "required": [ + "age_out_duration" + ], + "properties": { + "age_out_duration": { + "type": "integer", + "format": "int32", + "description": "Specify the age of `unavailable` NGINX instances for clean up. NGINX instances older than this value in hours will be deleted automatically. Events related to automatically deleted NGINX instances will show up in `/events` API. '0' value disables the automatic clean up of `unavailable` NGINX instances.", + "default": 3, + "minimum": 0, + "maximum": 720 + } + }, + "example": { + "age_out_duration": 3 + } + }, + "HttpUsage": { + "type": "object", + "properties": { + "client": { + "allOf": [ + { + "$ref": "#/components/schemas/UsageMetrics" + }, + { + "type": "object", + "properties": { + "requests": { + "type": "integer", + "description": "Total requests handled by an NGINX Instance", + "minimum": 0 + } + } + } + ] + }, + "upstream": { + "$ref": "#/components/schemas/UsageMetrics" + } + } + }, + "StreamUsage": { + "type": "object", + "properties": { + "client": { + "$ref": "#/components/schemas/UsageMetrics" + }, + "upstream": { + "$ref": "#/components/schemas/UsageMetrics" + } + } + }, + "UsageMetrics": { + "type": "object", + "properties": { + "received": { + "type": "integer", + "description": "Total bytes received by an NGINX Instance from clients/upstreams", + "minimum": 0 + }, + "sent": { + "type": "integer", + "description": "Total bytes sent by the NGINX Instance to clients/upstreams", + "minimum": 0 + }, + "connections": { + "type": "integer", + "description": "Total connections of the NGINX Instance with clients/upstreams", + "minimum": 0 + } + } + }, + "NginxUsageHttp": { + "$ref": "#/components/schemas/HttpUsage" + }, + "NginxUsageStream": { + "$ref": "#/components/schemas/StreamUsage" + }, + "MetricStartTime": { + "description": "The start time of your metrics query.\n\nUsage:\n* `start_time` is required if `end_time` is specified.\n* If `start_time` and `end_time` isn't provided, the API returns metrics from the current time to the month before the current time.\n* The `start_time` cannot be older than 120 days before the current time.\n\nYou can set the `start_time` in these ways:\n* In ISO 8601 format. For example, \"2019-08-07T09:57:36.088757764Z\".\n* As an offset from the current time. For the offset, use `+` or `-`, followed by a number and unit [`y` (years), `M` (months), `w` (weeks), `d` (days), `h` (hours), `m` (minutes), or `s` (seconds)]. \n* Example of an offset: \"now-3h\" (3 hours before now).\n", + "type": "string", + "example": "2019-08-07T09:57:36.088757764Z" + }, + "MetricEndTime": { + "description": "The end time of your metrics query.\n\nUsage:\n* Must be greater than `start_time`.\n* The time difference between `start_time` and `end_time` should be greater than an hour.\n* The default `end_time` is the current time.\n* The `end_time` cannot be older than 120 days before the current time.\n\nYou can set the `end_time` in these ways:\n* In ISO 8601 format. For example, \"2019-08-07T09:57:36.088757764Z\".\n* As an offset from the current time. For the offset, use `+` or `-`, followed by a number and unit [`y` (years), `M` (months), `w` (weeks), `d` (days), `h` (hours), `m` (minutes), or `s` (seconds)]. \n* Example of an offset: \"now-3h\" (3 hours before now).\n", + "type": "string", + "example": "2019-08-07T09:57:36.088757764Z" + }, + "InventoryMetricAggregation": { + "type": "string", + "description": "Static list of aggregation functions that can be applied to a compatible metric.\n * count\n * sum\n * avg\n * min\n * max\n", + "enum": [ + "count", + "sum", + "avg", + "min", + "max" + ], + "x-enum-varnames": [ + "metric_aggregation_count", + "metric_aggregation_sum", + "metric_aggregation_avg", + "metric_aggregation_min", + "metric_aggregation_max" + ] + }, + "BaseInventoryQueryRequest": { + "type": "object", + "required": [ + "metrics" + ], + "properties": { + "metrics": { + "$ref": "#/components/schemas/InventoryMetricNames" + }, + "start_time": { + "$ref": "#/components/schemas/MetricStartTime" + }, + "end_time": { + "$ref": "#/components/schemas/MetricEndTime" + } + } + }, + "InventoryMetricQueryRequest": { + "type": "object", + "allOf": [ + { + "$ref": "#/components/schemas/BaseInventoryQueryRequest" + } + ] + }, + "InventoryMetricNames": { + "type": "array", + "description": "Specify the metrics to collect.\n\nUsage: \n* List multiple metrics as JSON objects.\n* You can aggregate metrics with `count`, `sum`, `avg`, `min`, `max`.\n", + "items": { + "$ref": "#/components/schemas/InventoryMetricQuery" + }, + "example": [ + { + "name": "nginx.plus.instances", + "aggregate": [ + "count" + ] + } + ] + }, + "InventoryMetricQuery": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "$ref": "#/components/schemas/InventoryMetricName" + }, + "aggregate": { + "type": "array", + "items": { + "$ref": "#/components/schemas/InventoryMetricAggregation" + } + } + } + }, + "InventoryMetricName": { + "type": "string", + "description": "Metric names available for querying.\n", + "example": "nginx.plus.instances", + "oneOf": [ + { + "$ref": "#/components/schemas/MetricNginxInstancesPlus" + }, + { + "$ref": "#/components/schemas/MetricK8sClusterNodes" + } + ] + }, + "MetricNginxInstancesPlus": { + "type": "string", + "description": "Total number of nginx plus instances.\n\nAggregation(s) supported:\n * count\n * sum\n * avg\n * min\n * max\n", + "enum": [ + "nginx.plus.instances" + ] + }, + "MetricK8sClusterNodes": { + "type": "string", + "description": "Sum of the Kubernetes worker nodes where nginx plus instances are deployed in a Kubernetes cluster.\n\nAggregation(s) supported:\n * count\n * sum\n * avg\n * min\n * max\n", + "enum": [ + "k8s.cluster.nodes" + ] + }, + "VersionsList": { + "type": "object", + "required": [ + "items" + ], + "properties": { + "items": { + "description": "An array of versions.", + "type": "array", + "items": { + "$ref": "#/components/schemas/NapSignatureVersion" + } + } + } + }, + "ThreatCampaignVersionsListResponse": { + "$ref": "#/components/schemas/VersionsList" + }, + "AttackSignatureVersionsListResponse": { + "$ref": "#/components/schemas/VersionsList" + }, + "BotSignatureVersionsListResponse": { + "$ref": "#/components/schemas/VersionsList" + }, + "NapPolicy": { + "description": "The base64-encoded contents of the NGINX App Protect policy.", + "type": "object", + "required": [ + "policy" + ], + "properties": { + "policy": { + "type": "string", + "format": "base64", + "maxLength": 3145728 + } + } + }, + "NapPolicyObject": { + "allOf": [ + { + "$ref": "#/components/schemas/NapPolicyMetadata" + }, + { + "$ref": "#/components/schemas/NapPolicyDeployments" + } + ] + }, + "NapPolicyMetadata": { + "description": "Summary information about NGINX App Protect policy.", + "type": "object", + "required": [ + "object_id", + "name", + "latest" + ], + "properties": { + "object_id": { + "$ref": "#/components/schemas/NapPolicyObjectID" + }, + "name": { + "description": "The name of the NGINX App Protect policy.", + "type": "string" + }, + "description": { + "type": "string", + "description": "Some detail on the NGINX App Protect policy." + }, + "latest": { + "$ref": "#/components/schemas/NapPolicyVersionMetadata" + } + } + }, + "NapPolicyListResponse": { + "description": "List of all NGINX App Protect policies.", + "allOf": [ + { + "$ref": "#/components/schemas/PaginationResponse" + }, + { + "description": "List of NGINX App Protect policies.", + "type": "object", + "required": [ + "items" + ], + "properties": { + "items": { + "description": "An array of NGINX App Protect policy objects.", + "type": "array", + "items": { + "$ref": "#/components/schemas/NapPolicyObject" + } + } + }, + "example": { + "items": [ + { + "object_id": "pol_-uvR3F2TQGm18jnl7bpaGw", + "name": "test-policy", + "description": "test policy", + "deployments": [ + { + "publication_object_id": "pub_-uvR3F2TQGm18jnl7bpaGw", + "associated_name": "test-instance", + "associated_type": "instance", + "associated_object_id": "inst_-uvR3F2TQGm18jnl7bpaGw", + "status": "deployed", + "enforcement_mode": "blocking", + "policy_version": "2023-12-06 22:37:24", + "policy_version_object_id": "pv_-abc3F2TQGm18jnl7bpaGw", + "deployed_on": "2023-12-06T22:37:24.120114Z" + } + ], + "latest": { + "object_id": "pv_-uvR3F2TQGm18jnl7bpaGw", + "version": "2023-12-06 22:37:24", + "created_at": "2023-12-06T22:37:24.120114Z", + "deployment_status": "deployed", + "enforcement_mode": "blocking" + } + } + ] + } + } + ] + }, + "NapPolicyVersionDeployments": { + "type": "object", + "properties": { + "deployments": { + "type": "array", + "items": { + "$ref": "#/components/schemas/NapPolicyVersionDeployment" + } + } + } + }, + "NapDeploymentAssociation": { + "type": "object", + "required": [ + "associated_type", + "associated_object_id", + "associated_name" + ], + "properties": { + "associated_type": { + "$ref": "#/components/schemas/DeploymentAssociatedType" + }, + "associated_object_id": { + "$ref": "#/components/schemas/ObjectID" + }, + "associated_name": { + "$ref": "#/components/schemas/DeploymentAssociatedName" + } + } + }, + "NapPolicyVersionDeployment": { + "allOf": [ + { + "$ref": "#/components/schemas/NapDeploymentAssociation" + }, + { + "type": "object", + "description": "Information about a NGINX App Protect policy deployment.\n", + "required": [ + "publication_object_id", + "status", + "deployed_on" + ], + "properties": { + "publication_object_id": { + "$ref": "#/components/schemas/PublicationObjectID" + }, + "status": { + "$ref": "#/components/schemas/NapDeploymentStatus" + }, + "deployed_on": { + "description": "Date and time of the deployment.", + "type": "string", + "format": "date-time" + } + }, + "example": { + "publication_object_id": "pub_-uvR3F2TQGm18jnl7bpaGw", + "associated_name": "test-instance", + "associated_type": "instance", + "associated_object_id": "inst_-uvR3F2TQGm18jnl7bpaGw", + "status": "deployed", + "deployed_on": "2023-12-06T22:37:24.120114Z" + } + } + ] + }, + "NapPolicyDeployments": { + "type": "object", + "required": [ + "deployments" + ], + "properties": { + "deployments": { + "type": "array", + "items": { + "$ref": "#/components/schemas/NapPolicyDeployment" + } + } + } + }, + "NapPolicyDeployment": { + "description": "detailed information about a NGINX App Protect policy deployment.", + "type": "object", + "required": [ + "publication_object_id", + "associated_object_id", + "associated_name", + "associated_type", + "enforcement_mode", + "status", + "policy_version", + "policy_version_object_id", + "deployed_on" + ], + "allOf": [ + { + "$ref": "#/components/schemas/NapPolicyVersionDeployment" + }, + { + "type": "object", + "required": [ + "enforcement_mode", + "policy_version", + "policy_version_object_id" + ], + "properties": { + "enforcement_mode": { + "$ref": "#/components/schemas/NapPolicyEnforcementMode" + }, + "policy_version": { + "description": "The version associated with the NGINX App Protect policy.", + "type": "string" + }, + "policy_version_object_id": { + "$ref": "#/components/schemas/NapPolicyVersionObjectID" + } + } + } + ], + "example": { + "publication_object_id": "pub_-uvR3F2TQGm18jnl7bpaGw", + "associated_name": "test-instance", + "associated_type": "instance", + "associated_object_id": "inst_-uvR3F2TQGm18jnl7bpaGw", + "status": "deployed", + "deployed_on": "2023-12-06T22:37:24.120114Z", + "enforcement_mode": "blocking", + "policy_version": "2023-12-06 22:37:24", + "policy_version_object_id": "pv_-abc3F2TQGm18jnl7bpaGw" + } + }, + "NapPolicyDeploymentDetails": { + "type": "object", + "required": [ + "publication_object_id", + "associated_object_id", + "associated_name", + "associated_type", + "enforcement_mode", + "status", + "policy_version", + "policy_version_object_id", + "deployed_on", + "threat_campaign_version", + "attack_signature_version", + "bot_signature_version" + ], + "allOf": [ + { + "$ref": "#/components/schemas/NapPolicyDeployment" + }, + { + "type": "object", + "properties": { + "threat_campaign_version": { + "$ref": "#/components/schemas/NapSignatureVersion" + }, + "attack_signature_version": { + "$ref": "#/components/schemas/NapSignatureVersion" + }, + "bot_signature_version": { + "$ref": "#/components/schemas/NapSignatureVersion" + } + } + } + ], + "example": { + "publication_object_id": "pub_-uvR3F2TQGm18jnl7bpaGw", + "associated_name": "test-instance", + "associated_type": "instance", + "associated_object_id": "inst_-uvR3F2TQGm18jnl7bpaGw", + "status": "deployed", + "policy_version": "2023-12-06 22:37:24", + "policy_version_object_id": "pv_-abc3F2TQGm18jnl7bpaGw", + "deployed_on": "2023-12-06T22:37:24.120114Z", + "enforcement_mode": "blocking", + "threat_campaign_version": "2023.12.06", + "attack_signature_version": "2023.12.06", + "bot_signature_version": "2023.12.06" + } + }, + "NapPolicyDeploymentsListResponse": { + "description": "List of all NGINX App Protect deployments.", + "allOf": [ + { + "$ref": "#/components/schemas/PaginationResponse" + }, + { + "type": "object", + "required": [ + "items" + ], + "properties": { + "items": { + "description": "An array of NGINX App Protect deployments.", + "type": "array", + "items": { + "$ref": "#/components/schemas/NapPolicyDeploymentDetails" + } + } + }, + "example": { + "items": [ + { + "publication_object_id": "pub_-uvR3F2TQGm18jnl7bpaGw", + "associated_name": "test-instance", + "associated_type": "instance", + "associated_object_id": "inst_-uvR3F2TQGm18jnl7bpaGw", + "status": "deployed", + "policy_version": "2023-12-06 22:37:24", + "policy_version_object_id": "pv_-abc3F2TQGm18jnl7bpaGw", + "deployed_on": "2023-12-06T22:37:24.120114Z", + "enforcement_mode": "blocking", + "threat_campaign_version": "2023.12.06", + "attack_signature_version": "2023.12.06", + "bot_signature_version": "2023.12.06" + } + ] + } + } + ] + }, + "NapPolicyVersionMetadata": { + "type": "object", + "description": "Summary information about the specific NGINX App Protect policy version.", + "required": [ + "object_id", + "version", + "enforcement_mode", + "created_at" + ], + "properties": { + "object_id": { + "$ref": "#/components/schemas/NapPolicyVersionObjectID" + }, + "version": { + "$ref": "#/components/schemas/NapSignatureVersion" + }, + "enforcement_mode": { + "$ref": "#/components/schemas/NapPolicyEnforcementMode" + }, + "created_at": { + "description": "The date and time when the NGINX App Protect policy version was created.", + "type": "string", + "format": "date-time" + } + } + }, + "NapPolicyVersionDetails": { + "description": "Detailed information about NGINX App Protect policy version.", + "type": "object", + "required": [ + "policy", + "object_id", + "version", + "enforcement_mode", + "created_at" + ], + "allOf": [ + { + "$ref": "#/components/schemas/NapPolicyVersionMetadata" + }, + { + "$ref": "#/components/schemas/NapPolicy" + }, + { + "$ref": "#/components/schemas/NapPolicyVersionDeployments" + } + ] + }, + "NapPolicyVersionObject": { + "description": "Summary information about NGINX App Protect policy version.", + "allOf": [ + { + "$ref": "#/components/schemas/NapPolicyVersionMetadata" + }, + { + "$ref": "#/components/schemas/NapPolicyVersionDeployments" + }, + { + "type": "object", + "required": [ + "latest" + ], + "properties": { + "latest": { + "description": "Indicates whether the NGINX App Protect policy version is latest. Default (`false`) returns the current policy. \nWhen set to `true`, returns the latest policy.\n", + "type": "boolean", + "default": false + } + } + } + ] + }, + "NapPolicyVersionsListResponse": { + "description": "List of all NGINX App Protect versions.", + "allOf": [ + { + "$ref": "#/components/schemas/PaginationResponse" + }, + { + "type": "object", + "required": [ + "items" + ], + "properties": { + "items": { + "description": "An array of NGINX App Protect version objects.", + "type": "array", + "items": { + "$ref": "#/components/schemas/NapPolicyVersionObject" + } + } + }, + "example": { + "items": [ + { + "version": "2023-12-06 22:37:24", + "object_id": "pv_-uvR3F2TQGm18jnl7bpaGw", + "created_at": "2023-12-06T22:37:24.120114Z", + "enforcement_mode": "blocking", + "latest": false + } + ] + } + } + ] + }, + "NapLogProfileListResponse": { + "allOf": [ + { + "$ref": "#/components/schemas/PaginationResponse" + }, + { + "type": "object", + "required": [ + "items" + ], + "properties": { + "items": { + "description": "An array of NGINX App Protect log profiles.", + "type": "array", + "items": { + "$ref": "#/components/schemas/NapLogProfileMetadata" + } + } + } + } + ] + }, + "NapLogProfileGetResponse": { + "allOf": [ + { + "$ref": "#/components/schemas/NapLogProfileMetadata" + }, + { + "type": "object", + "required": [ + "config" + ], + "properties": { + "config": { + "description": "The NGINX App Protect log profile configuration.", + "type": "string" + } + } + } + ] + }, + "NapLogProfileMetadata": { + "type": "object", + "required": [ + "name", + "object_id" + ], + "properties": { + "name": { + "type": "string", + "description": "The name of the NGINX App Protect log profile." + }, + "object_id": { + "$ref": "#/components/schemas/NapLogProfileObjectID" + }, + "description": { + "description": "Optional field to describe the NGINX App Protect log profile.", + "type": "string", + "minLength": 5, + "maxLength": 256 + } + } + }, + "NapGlobalSettingsListResponse": { + "allOf": [ + { + "$ref": "#/components/schemas/PaginationResponse" + }, + { + "type": "object", + "required": [ + "items" + ], + "properties": { + "items": { + "description": "An array of NGINX App Protect global settings.", + "type": "array", + "items": { + "$ref": "#/components/schemas/NapGlobalSettingMetadata" + } + } + } + } + ] + }, + "NapGlobalSettingGetResponse": { + "allOf": [ + { + "$ref": "#/components/schemas/NapGlobalSettingMetadata" + }, + { + "type": "object", + "required": [ + "config" + ], + "properties": { + "config": { + "description": "The NGINX App Protect global setting configuration.", + "type": "string" + } + } + } + ] + }, + "NapGlobalSettingMetadata": { + "type": "object", + "required": [ + "name", + "object_id" + ], + "properties": { + "name": { + "type": "string", + "description": "The name of the NGINX App Protect global setting object." + }, + "description": { + "description": "Optional field to describe the NGINX App Protect global setting object.", + "type": "string", + "minLength": 5, + "maxLength": 256 + }, + "object_id": { + "$ref": "#/components/schemas/NapGlobalSettingObjectID" + } + } + }, + "NapPolicyBulkRequest": { + "type": "array", + "items": { + "$ref": "#/components/schemas/NapPolicyBulkRequestData" + }, + "minItems": 1, + "maxItems": 50, + "example": [ + { + "object_id": "pol_-uvR3F2TQGm18jnl7bpaGw", + "action": "delete" + }, + { + "object_id": "pol_PL0c1XodRemmzVEjiXSsTg", + "action": "delete" + } + ] + }, + "NapPolicyBulkRequestData": { + "type": "object", + "description": "Part of bulk operation on a Nap policy, only `delete` is supported.", + "required": [ + "action", + "object_id" + ], + "properties": { + "object_id": { + "$ref": "#/components/schemas/NapPolicyObjectID" + }, + "action": { + "$ref": "#/components/schemas/BulkRequestAction" + } + }, + "example": { + "object_id": "pol_-uvR3F2TQGm18jnl7bpaGw", + "action": "delete" + } + }, + "NapBulkResponse": { + "description": "The Nap policy bulk outcome.", + "type": "array", + "items": { + "$ref": "#/components/schemas/BulkRequestObjectStatus" + } + }, + "FilterNameNapPolicy": { + "type": "string", + "description": "Keywords for NGINX App Protect policy filters.\nWhen filtering on `enforcement_mode`, only the following `filter_values` are supported:\n * blocking\n * transparent\nWhen filtering on `object_id`, both NAP Policy and NAP Policy version object id prefixes are supported.\n", + "enum": [ + "name", + "enforcement_mode", + "object_id", + "deployment_enforcement_mode", + "deployment_status" + ], + "x-enum-varnames": [ + "filter_name_nap_policy_name", + "filter_name_nap_policy_enforcement_mode", + "filter_name_nap_policy_object_id", + "filter_name_nap_policy_deployment_enforcement_mode", + "filter_name_nap_policy_deployment_status" + ] + }, + "FilterNameNapPolicyDeployment": { + "type": "string", + "description": "Keywords for NGINX App Protect deployment filters.\nWhen filtering on `type`, only the following `filter_values` are supported:\n * instance\n * config_sync_group\nWhen filtering on `status`, only the following `filter_values` are supported:\n * deployed\n * deploying\n * failed\n", + "enum": [ + "name", + "type", + "policy_version", + "status", + "object_id" + ], + "x-enum-varnames": [ + "filter_name_nap_deployment_name", + "filter_name_nap_deployment_type", + "filter_name_nap_deployment_policy_version", + "filter_name_nap_deployment_status", + "filter_name_nap_deployment_object_id" + ] + }, + "FilterNameNapPolicyVersion": { + "type": "string", + "description": "Keywords for NGINX App Protect policy version filters.\nWhen filtering on `deployment_status`, only the following `filter_values` are supported:\n * deployed\n * not_deployed\n * deploying\n * failed\nWhen filtering on `enforcement_mode`, only the following `filter_values` are supported:\n * blocking\n * transparent\n", + "enum": [ + "deployment_status", + "enforcement_mode", + "object_id" + ], + "x-enum-varnames": [ + "filter_name_nap_policy_version_deployment_status", + "filter_name_nap_policy_version_enforcement_mode", + "filter_name_nap_policy_version_object_id" + ] + }, + "NapLogProfileObjectID": { + "description": "A globally unique identifier for the App Protect log profile.", + "type": "string", + "format": "object_id", + "pattern": "^lp_.*", + "x-go-type": "objects.ID", + "x-go-type-import": { + "name": "objects", + "path": "gitlab.com/f5/nginx/one/saas/control-plane/pkg/collections/objects" + } + }, + "NapGlobalSettingObjectID": { + "description": "A globally unique identifier for the App Protect global settings object.", + "type": "string", + "format": "object_id", + "pattern": "^gs_.*", + "x-go-type": "objects.ID", + "x-go-type-import": { + "name": "objects", + "path": "gitlab.com/f5/nginx/one/saas/control-plane/pkg/collections/objects" + } + } + }, + "examples": { + "DataPlaneKeys": { + "value": { + "total": 10, + "count": 2, + "start_index": 1, + "items_per_page": 100, + "items": [ + { + "expires_at": "2023-12-01T00:00:00Z", + "modified_at": "2023-11-01T00:00:00Z", + "created_at": "2023-10-01T00:00:00Z", + "revoked": false, + "name": "my-data-plane-key", + "object_id": "key_wN3IhLCmR3qmwybG_6ptEg", + "instances_count": 3, + "control_planes_count": 1 + }, + { + "expires_at": "2023-12-01T00:00:00Z", + "modified_at": "2023-11-01T00:00:00Z", + "created_at": "2023-10-01T00:00:00Z", + "revoked": false, + "name": "my-data-plane-key", + "object_id": "key_Tet21AeYTHCj7taOwVfzyw", + "instances_count": 3, + "control_planes_count": 1 + } + ] + } + }, + "DataPlaneKeyRequest": { + "value": { + "name": "my-data-plane-key", + "expires_at": "2023-12-01T00:00:00Z" + } + }, + "DataPlaneKeyResponse": { + "value": { + "expires_at": "2023-12-01T00:00:00Z", + "key": "", + "name": "my-data-plane-key", + "object_id": "key_Tet21AeYTHCj7taOwVfzyw" + } + }, + "DataPlaneKey": { + "value": { + "expires_at": "2023-12-01T00:00:00Z", + "modified_at": "2023-11-01T00:00:00Z", + "created_at": "2023-10-01T00:00:00Z", + "revoked": false, + "name": "my-data-plane-key", + "object_id": "key_wN3IhLCmR3qmwybG_6ptEg", + "instances_count": 3, + "control_planes_count": 1 + } + }, + "ConfigSyncGroupDetails": { + "value": { + "object_id": "csg_-uvR3F2TQGm18jnl7bpaGw", + "name": "test-config-sync-group", + "config_status": "in_sync", + "config_version": "uvR3F2TQGm18jnl7bpaGw", + "created_at": "2023-12-06T22:37:24.120114Z", + "instances": [ + { + "object_id": "inst_-uvR3F2TQGm18jnl7bpaGw", + "hostname": "816e3c194d59", + "system_id": "6066aad2-211e-3718-be5d-fcc01ffc5cc8", + "agent_version": "v2.33.0", + "registered_at": "2024-05-16T18:26:40.556048Z", + "last_reported": "2023-12-06T22:37:24.120114Z", + "status": "unavailable", + "nginx_build": { + "conf_path": "/etc/nginx/nginx.conf", + "version": "1.25.3" + }, + "os_version": "Ubuntu 22.04", + "nginx_id": "b636d4376dea15405589692d3c5d3869ff3a9b26b0e7bb4bb1aa7e658ace1437", + "config_status": "in_sync", + "config_version": "abc123def456" + } + ], + "certs": [ + { + "subject_name": "test.com", + "name": "client", + "cert_type": "cert_key", + "not_after": "2024-01-06T00:01:30Z", + "not_before": "2023-12-07T00:01:30Z", + "cert_paths": [ + "/etc/nginx/client.pem" + ], + "cert_status": "expiring", + "deployment_status": "latest", + "object_id": "cert_Tet21AeYTHCj7taOwVfzyw" + } + ] + } + } + }, + "responses": { + "Unauthorized": { + "description": "Client is not authorized to perform the requested operation.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "InternalServerErr": { + "description": "An unexpected error occurred on the server. Please try the request again later.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "NotFound": { + "description": "Requested resource was not found.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + }, + "InvalidRequest": { + "description": "Request cannot be processed due to invalid input or parameters. Verify the request format and provided data.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Error" + } + } + } + } + }, + "securitySchemes": { + "BearerAuth": { + "type": "http", + "scheme": "bearer", + "bearerFormat": "JWT" + } + } + }, + "x-tagGroups": [ + { + "name": "Manage Data Plane Keys", + "tags": [ + "Data Plane Key" + ] + }, + { + "name": "Manage NGINX Instances", + "tags": [ + "Instances", + "Config Sync Groups", + "Certificates", + "CVEs", + "Events", + "Staged Configs", + "Control Planes" + ] + }, + { + "name": "Monitor NGINX Instances", + "tags": [ + "Metrics" + ] + }, + { + "name": "Manage NGINX One Settings", + "tags": [ + "Settings" + ] + }, + { + "name": "NGINX One App Protect", + "tags": [ + "NGINX App Protect" + ] + } + ] + } \ No newline at end of file diff --git a/layouts/_default/baseof.html b/layouts/_default/baseof.html index 4046f384..f5625a9e 100644 --- a/layouts/_default/baseof.html +++ b/layouts/_default/baseof.html @@ -54,9 +54,9 @@ {{ block "main" . }}{{ end }} diff --git a/layouts/redoc/single.html b/layouts/redoc/single.html index 81248520..e649159f 100644 --- a/layouts/redoc/single.html +++ b/layouts/redoc/single.html @@ -1,15 +1,11 @@ {{ define "main" }} - -
+
{{ partial "breadcrumb" . }}
{{ .Content}}
-
- - -{{if .Params.script}} - {{ $script := (delimit (slice "scripts" .Params.script) "/")}} - {{ partial (string $script) .}} -{{end }} - - +
+ + {{ if .Params.script }} + {{ $script := (delimit (slice "scripts" .Params.script) "/")}} + {{ partial (string $script) .}} + {{ end }} {{ end }}