Neutron shared routines and utilities.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 

5985 lines
155 KiB

# variables in header
# variables in path
address_scope_id-path:
description: |
The ID of the address scope.
in: path
required: true
type: string
agent_id-path:
description: |
The ID of the agent.
in: path
required: true
type: string
bgpvpn-id-path:
description: |
The ID of the BGP VPN.
in: path
required: true
type: string
bgpvpn-network_association_id-path:
description: |
The ID of an association between a network and a BGP VPN.
in: path
required: true
type: string
bgpvpn-port_association_id-path:
description: |
The ID of an association between a port and a BGP VPN.
in: path
required: true
type: string
bgpvpn-router_association_id-path:
description: |
The ID of an association between a router and a BGP VPN.
in: path
required: true
type: string
connection_id-path:
description: |
The ID of the IPsec site-to-site connection.
in: path
required: true
type: string
conntrack_helper_id-path:
description: |
The ID of the conntrack helper.
in: path
required: true
type: string
dscp_rule_id:
description: |
The ID of the DSCP rule.
in: path
required: true
type: string
endpoint_group_id-path:
description: |
The ID of the VPN endpoint group.
in: path
required: true
type: string
extensions-alias-path:
description: |
The alias of an extension.
in: path
required: true
type: string
fip_port_forwarding_id-path:
description: |
The ID of the floating IP port forwarding.
in: path
required: true
type: string
firewall_group_id-path-required:
description: |
The ID of the firewall group.
in: path
required: true
type: string
firewall_id:
description: |
The ID of the firewall.
in: path
required: true
type: string
firewall_log_id:
description: |
The ID of the firewall log resource.
in: path
required: true
type: string
firewall_policy_id-path:
description: |
The ID of the firewall policy.
in: path
required: true
type: string
firewall_policy_id-path-required:
description: |
The ID of the firewall policy.
in: path
required: true
type: string
firewall_rule_id:
description: |
The ID for the firewall rule.
in: path
required: true
type: string
firewall_rule_id-path-required:
description: |
The ID for the firewall rule.
in: path
required: true
type: string
flavor_id:
description: |
The UUID of the flavor.
in: path
required: true
type: string
floatingip-id-path:
description: |
The ID of the floating IP address.
in: path
required: true
type: string
ikepolicy_id-path:
description: |
The ID of the IKE policy.
in: path
required: true
type: string
ipsecpolicy_id-path:
description: |
The ID of the IPsec policy.
in: path
required: true
type: string
log_id-path:
description: |
The ID of the log resource.
in: path
required: true
type: string
logging_resource_id:
description: |
The ID of the logging resource.
in: path
required: true
type: string
metering_label-id-path:
description: |
The ID of the metering label.
in: path
required: true
type: string
metering_label_rule-id-path:
description: |
The ID of the metering label rule.
in: path
required: true
type: string
network_id-path:
description: |
The ID of the network.
in: path
required: true
type: string
network_segment_range_id-path:
description: |
The ID of the network segment range.
in: path
required: true
type: string
port_id-path:
description: |
The ID of the port.
in: path
required: true
type: string
profile_id:
description: |
The UUID of the service profile.
in: path
required: true
type: string
project_id-path:
description: |
The ID of the project.
in: path
required: true
type: string
qos-policy-id-path:
description: |
The ID of the QoS policy.
in: path
required: true
type: string
qos-rule_id:
description: |
The ID of the QoS rule.
in: path
required: true
type: string
qos-rule_type:
description: |
The name of the QoS rule type. It should be one of the types
returned by the List QoS rule types API, for example
``bandwidth_limit`` or ``dscp_marking``.
in: path
required: true
type: string
rbac_policy_id-path:
description: |
The ID of the RBAC policy.
in: path
required: true
type: string
resource_id:
description: |
The ID of resource which the tag is set on.
in: path
required: true
type: string
resource_type:
description: |
The type of resource which the tag is set on.
in: path
required: true
type: string
router_id:
description: |
The ID of the router.
in: path
required: true
type: string
router_name:
description: |
The name of the router.
in: path
required: true
type: string
security_group-id-path:
description: |
The ID of the security group.
in: path
required: true
type: string
security_group_rule-id-path:
description: |
The ID of the security group rule.
in: path
required: true
type: string
segment_id-path:
description: |
The UUID of the segment.
in: path
required: true
type: string
subnet_id-path:
description: |
The ID of the subnet.
in: path
required: true
type: string
subnetpool_id:
description: |
The UUID of the subnet pool.
in: path
required: true
type: string
tag:
description: |
The name for the tag.
in: path
required: true
type: string
trunk_id:
description: |
The ID of the trunk.
in: path
required: true
type: string
vpnservice_id-path:
description: |
The ID of the VPN service.
in: path
required: true
type: string
# variables in query
address_scope-sort_key:
description: |
Sorts by an address scope attribute. You can specify multiple pairs of sort
key and sort direction query parameters. The sort keys are limited to:
- ``id``
- ``ip_version``
- ``name``
- ``project_id``
- ``shared``
- ``tenant_id``
in: query
required: false
type: string
address_scope_id-query:
description: |
Filter the subnet pool list result by the address scope that is assigned
to the subnet pool.
in: query
required: false
type: string
admin_state_up-query:
description: |
Filter the list result by the administrative state of the resource,
which is up (``true``) or down (``false``).
in: query
required: false
type: boolean
admin_state_up_trunk-query:
description: |
Filter the trunk list result by the administrative state of the trunk,
which is up (``true``) or down (``false``).
in: query
required: false
type: boolean
agent_type-query:
description: |
Filter the list result by the type of agent such as ``Open vSwitch agent``
or ``DHCP agent``.
in: query
required: false
type: string
alive-query:
description: |
Filter the list result based on whether the agent is alive and running.
in: query
required: false
type: boolean
availability_zone-query:
description: |
Filter the list result by the availability zone of the agent.
in: query
required: false
type: string
binary-query:
description: |
Filter the list result by the executable command used to start the agent
such as ``neutron-openvswitch-agent`` or ``neutron-dhcp-agent``.
in: query
required: false
type: string
binding:host_id-query:
description: |
Filter the port list result by the ID of the host where the port resides.
in: query
required: false
type: string
cidr-query:
description: |
Filter the subnet list result by the CIDR of the subnet.
in: query
required: false
type: string
conntrack_helper-sort_key:
description: |
Sorts by a conntrack helper ID attribute. You can specify multiple pairs of
sort key and sort direction query parameters. The sort keys are limited to:
- ``id``
- ``helper``
- ``port``
- ``protocol``
in: query
required: false
type: string
conntrack_helper_helper-query:
description: |
Filter the list result by the used helper.
in: query
required: false
type: string
conntrack_helper_port-query:
description: |
Filter the list result by the used port.
in: query
required: false
type: integer
conntrack_helper_protocol-query:
description: |
Filter the list result by the used protocol.
in: query
required: false
type: string
default_prefixlen-query:
description: |
Filter the subnet pool list result by the size of the prefix to allocate
when the ``cidr`` or ``prefixlen`` attributes are omitted when you create
the subnet. Default is ``min_prefixlen``.
in: query
required: false
type: integer
default_quota-query:
description: |
Filter the subnet pool list result by the quota on the prefix space
that can be allocated from the subnet pool for project subnets.
in: query
required: false
type: integer
description-query:
description: |
Filter the list result by the human-readable description of the resource.
in: query
required: false
type: string
device_id-query:
description: |
Filter the port list result by the ID of the device that uses this port.
For example, a server instance or a logical router.
in: query
required: false
type: string
device_owner-query:
description: |
Filter the port result list by the entity type that uses this port.
For example, ``compute:nova`` (server instance), ``network:dhcp``
(DHCP agent) or ``network:router_interface`` (router interface).
in: query
required: false
type: string
direction-query:
description: |
Filter the security group rule list result by the direction in which
the security group rule is applied, which is ``ingress`` or ``egress``.
in: query
required: false
type: string
dscp_mark-query:
description: |
Filter the list result by the DSCP mark value.
in: query
required: false
type: integer
ethertype-query:
description: |
Filter the security group rule list result by the ethertype of
network traffic. The value must be ``IPv4`` or ``IPv6``.
in: query
required: false
type: string
excluded-query:
description: |
Filter the metering rule list result based on whether the metering
rule exclude the traffic of a specific IP address with the
``remote_ip_prefix`` value.
in: query
required: false
type: boolean
external_port-query:
description: |
Filter the list result by the TCP/UDP/other protocol port number of the
floating IP.
in: query
required: false
type: integer
fields:
description: |
The fields that you want the server to return.
If no ``fields`` query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using ``fields`` parameter, the API returns only the requested set of
attributes. ``fields`` parameter can be specified multiple times.
For example, if you specify ``fields=id&fields=name`` in the request URL,
only ``id`` and ``name`` attributes will be returned.
in: query
required: false
type: string
fip_port_forwarding-sort_key:
description: |
Sorts by a floating IP port forwarding attribute. You can specify multiple
pairs of sort key and sort direction query parameters. The sort keys are
limited to:
- ``id``
- ``internal_port_id``
- ``external_port``
- ``protocol``
in: query
required: false
type: string
fip_port_forwarding_protocol-query:
description: |
Filter the list result by the used protocol.
in: query
required: false
type: string
fixed_ips-query:
description: |
Filter the port list result by the IP addresses for the port.
This field has one or multiple entries.
Each entry consists of IP address (``ip_address``), IP address substring
(``ip_address_substr``) and/or the subnet ID from which
the IP address is assigned (``subnet_id``).
in: query
required: false
type: array
flavor-enabled-query:
description: |
Filter the flavor list result based on whether the flavor is enabled or
not.
in: query
required: false
type: boolean
flavor-service_type-query:
description: |
Filter the flavor list result by the type of the flavor.
in: query
required: false
type: string
flavor-sort_key:
description: |
Sorts by a flavor attribute. You can specify multiple pairs of sort key
and sort direction query parameters. The sort keys are limited to:
- ``description``
- ``enabled``
- ``id``
- ``name``
- ``service_type``
in: query
required: false
type: string
floating_ip_address-query:
description: |
Filter the floating IP list result by the floating IP address.
in: query
required: false
type: string
floating_network_id-query:
description: |
Filter the floating IP list result by the ID of the network associated
with the floating IP.
in: query
required: false
type: string
floatingip-fixed_ip_address-query:
description: |
Filter the floating IP list result by the fixed IP address that
is associated with the floating IP address.
in: query
required: false
type: string
floatingip-port_id-query:
description: |
Filter the floating IP list result by the ID of a port associated with
the floating IP.
in: query
required: false
type: string
floatingip-router_id-query:
description: |
Filter the floating IP list result by the ID of the router for the
floating IP.
in: query
required: false
type: string
floatingip-sort_key:
description: |
Sorts by a floatingip attribute. You can specify multiple pairs of sort key
and sort direction query parameters. The sort keys are limited to:
- ``fixed_ip_address``
- ``floating_ip_address``
- ``floating_network_id``
- ``id``
- ``router_id``
- ``status``
- ``tenant_id``
- ``project_id``
in: query
required: false
type: string
floatingip-status-query:
description: |
Filter the floating IP list result by the status of the floating IP.
Values are ``ACTIVE``, ``DOWN`` and ``ERROR``.
in: query
required: false
type: string
host-query:
description: |
Filter the list result by the hostname of the system the agent is running
on.
in: query
required: false
type: string
id-query:
description: |
Filter the list result by the ID of the resource.
in: query
required: false
type: string
internal_port_id-query:
description: |
Filter the list result by the ID of the internal Neutron port.
in: query
required: false
type: string
ip_allocation-query:
description: |
Filter the port list result based on if the ports use ``deferred``,
``immediate`` or no IP allocation (``none``).
in: query
required: false
type: string
ip_version-query:
description: |
Filter the list result by the IP protocol version.
Valid value is ``4`` or ``6``.
in: query
required: false
type: integer
log-sort_key:
description: |
Sorts by a log attribute. You can specify multiple pairs of sort key
and sort direction query parameters. The sort keys are limited to:
- ``enabled``
- ``event``
- ``id``
- ``name``
- ``project_id``
- ``resource_id``
- ``resource_type``
- ``target_id``
in: query
required: false
type: string
log_enabled-query:
description: |
Filter the log list result based on this log object is enabled (``true``)
or disabled (``false``).
in: query
required: false
type: boolean
log_event-query:
description: |
Filter the log list result by the type of security events,
which is ``ACCEPT``, ``DROP``, or ``ALL``.
in: query
required: false
type: string
mac_address-query:
description: |
Filter the port list result by the MAC address of the port.
in: query
required: false
type: string
mac_learning_enabled-query:
description: |
Filter the list result by the mac_learning_enabled state of the resource,
which is enabled (``true``) or disabled (``false``).
in: query
required: false
type: boolean
max_burst_kbps-query:
description: |
Filter the list result by the maximum burst size (in kilobits).
in: query
required: false
type: integer
max_kbps-response-query:
description: |
Filter the list result by the maximum KBPS (kilobits per second) value.
in: query
required: false
type: integer
max_prefixlen-query:
description: |
Filter the subnet pool list result by the maximum prefix size that can be
allocated from the subnet pool.
in: query
required: false
type: integer
metering_label-id-query:
description: |
Filter the metering rule list result by the ID of the metering label
associated with this metering rule.
in: query
required: false
type: string
metering_label-sort_key:
description: |
Sorts by a metering label attribute. You can specify multiple pairs of
sort key and sort direction query parameters. The sort keys are limited to:
- ``id``
- ``shared``
- ``name``
- ``description``
- ``tenant_id``
- ``project_id``
in: query
required: false
type: string
metering_label_rule-direction-query:
description: |
Filter the metering rule list result by the direction in
which the metering rule is applied, which is ``ingress`` or ``egress``.
in: query
required: false
type: string
metering_label_rule-remote_ip_prefix-query:
description: |
Filter the metering rule list result by the remote IP prefix that
the metering rule associates with.
in: query
required: false
type: string
metering_label_rule-sort_key:
description: |
Sorts by a metering label attribute. You can specify multiple pairs of
sort key and sort direction query parameters. The sort keys are limited to:
- ``id``
- ``metering_label_id``
- ``excluded``
- ``remote_ip_prefix``
- ``direction``
in: query
required: false
type: string
min_kbps-query:
description: |
Filter the list result by the minimum KBPS (kilobits per second) value
which should be available for port.
in: query
required: false
type: integer
min_prefixlen-query:
description: |
Filter the subnet pool list result by the smallest prefix that can be
allocated from a subnet pool.
in: query
required: false
type: integer
mtu-query:
description: |
Filter the network list result by the maximum transmission unit (MTU)
value to address fragmentation. Minimum value is ``68`` for IPv4,
and ``1280`` for IPv6.
in: query
required: false
type: integer
name-query:
description: |
Filter the list result by the human-readable name of the resource.
in: query
required: false
type: string
network-name-query:
description: |
Filter the list result by the human-readable name of the network.
in: query
required: false
type: string
network-shared-query:
description: |
Filter the network list result based on if the network is shared across
all tenants.
in: query
required: false
type: boolean
network-sort_key:
description: |
Sorts by a network attribute. You can specify multiple pairs of sort key
and sort direction query parameters. The sort keys are limited to:
- ``admin_state_up``
- ``availability_zone_hints``
- ``id``
- ``mtu``
- ``name``
- ``status``
- ``tenant_id``
- ``project_id``
in: query
required: false
type: string
network-status-query:
description: |
Filter the network list result by network status. Values are ``ACTIVE``,
``DOWN``, ``BUILD`` or ``ERROR``.
in: query
required: false
type: string
network_id-query:
description: |
Filter the list result by the ID of the attached network.
in: query
required: false
type: string
network_ip_availability-network_id-query:
description: |
Filter the list result by the ID of the network whose IP availability
detail is reported.
in: query
required: false
type: string
network_is_default-query:
description: |
Filter the network list result based on if the network is default pool
or not.
in: query
required: false
type: boolean
network_segment_range-name-query:
description: |
Filter the network segment range list result based on the name of the
range.
in: query
required: false
type: string
network_segment_range-network_type-query:
description: |
Filter the list result by the type of physical network that this
network segment range is mapped to. For example, ``vlan``, ``vxlan``, or
``gre``. Valid values depend on a networking back-end.
in: query
required: false
type: string
network_segment_range-physical_network-query:
description: |
Filter the list result by the physical network where this
network segment range is implemented.
in: query
required: false
type: string
network_segment_range-sort_key:
description: |
Sorts by a network segment range attribute. You can specify multiple pairs
of sort key and sort direction query parameters. The sort keys are limited
to:
- ``id``
- ``name``
- ``project_id``
- ``tenant_id``
in: query
required: false
type: string
network_segment_range_id-query:
description: |
Filter the network segment range list result based on the range ID.
in: query
required: false
type: string
not-tags-any-query:
description: |
A list of tags to filter the list result by.
Resources that match any tag in this list will be excluded.
Tags in query must be separated by comma.
in: query
required: false
type: string
not-tags-query:
description: |
A list of tags to filter the list result by.
Resources that match all tags in this list will be excluded.
Tags in query must be separated by comma.
in: query
required: false
type: string
object_id-query:
description: |
Filter the RBAC policy list result by the ID of the ``object_type``
resource. An ``object_type`` of ``network`` returns a network ID,
an ``object_type`` of ``qos-policy`` returns a QoS policy ID, and
an ``object_type`` of ``security-group`` returns a security group ID.
in: query
required: false
type: string
object_type-query:
description: |
Filter the RBAC policy list result by the type of the object that the
RBAC policy affects. Types include ``qos-policy``, ``network``, or
``security-group``.
in: query
required: false
type: string
physical_network-query:
description: |
Filter the list result by the physical network where this
network/segment is implemented.
in: query
required: false
type: string
port-sort_key:
description: |
Sorts by a port attribute. You can specify multiple pairs of sort key
and sort direction query parameters. The sort keys are limited to:
- ``admin_state_up``
- ``device_id``
- ``device_owner``
- ``id``
- ``ip_allocation``
- ``mac_address``
- ``name``
- ``network_id``
- ``project_id``
- ``status``
- ``tenant_id``
in: query
required: false
type: string
port-status-query:
description: |
Filter the port list result by the port status.
Values are ``ACTIVE``, ``DOWN``, ``BUILD`` and ``ERROR``.
in: query
required: false
type: string
port_range_max-query:
description: |
Filter the security group rule list result by the maximum port number
in the range that is matched by the security group rule.
in: query
required: false
type: integer
port_range_min-query:
description: |
Filter the security group rule list result by the minimum port number
in the range that is matched by the security group rule.
in: query
required: false
type: integer
project_id-query:
description: |
Filter the list result by the ID of the project that owns the resource.
in: query
required: false
type: string
protocol-query:
description: |
Filter the security group rule list result by the IP protocol.
in: query
required: false
type: string
provider:network_type-query:
description: |
Filter the list result by the type of physical network that this
network/segment is mapped to. For example, ``flat``, ``vlan``, ``vxlan``,
or ``gre``. Valid values depend on a networking back-end.
in: query
required: false
type: string
provider:physical_network-query:
description: |
Filter the list result by the physical network where
this network/segment is implemented.
in: query
required: false
type: string
provider:segmentation_id-query:
description: |
Filter the list result by the ID of the isolated segment
on the physical network.
in: query
required: false
type: integer
qos-rule-direction-query:
description: |
Filter the list result by the direction of the traffic to which the QoS
rule is applied. Valid values are ``egress`` and ``ingress``.
in: query
required: false
type: string
qos-shared-query:
description: |
Filter the QoS policy list result based on whether this policy is shared
across all projects.
in: query
required: false
type: boolean
qos-sort_key:
description: |
Sorts by a QOS policy attribute. You can specify multiple pairs of sort key
and sort direction query parameters. The sort keys are limited to:
- ``id``
- ``name``
- ``project_id``
- ``tenant_id``
in: query
required: false
type: string
qos_bandwidth_limit_rule-sort_key:
description: |
Sorts by a bandwidth limit rule attribute. You can specify multiple pairs
of sort key and sort direction query parameters. The sort keys are limited
to:
- ``direction``
- ``id``
- ``max_burst_kbps``
- ``max_kbps``
in: query
required: false
type: string
qos_dscp_marking_rule-sort_key:
description: |
Sorts by a DSCP marking rule attribute. You can specify multiple pairs of
sort key and sort direction query parameters. The sort keys are limited to:
- ``dscp_mark``
- ``id``
in: query
required: false
type: string
qos_is_default-query:
description: |
Filter the QoS policy list result based on whether this policy is the
default policy.
in: query
required: false
type: boolean
qos_minimum_bandwidth_rule-sort_key:
description: |
Sorts by a minimum bandwidth rule attribute. You can specify multiple pairs
of sort key and sort direction query parameters. The sort keys are limited
to:
- ``direction``
- ``id``
- ``min_kbps``
in: query
required: false
type: string
rbac-sort_key:
description: |
Sorts by a RBAC policy attribute. You can specify multiple pairs of sort
key and sort direction query parameters. The sort keys are limited to:
- ``action``
- ``id``
- ``object_id``
- ``target_tenant``
- ``tenant_id``
- ``project_id``
in: query
required: false
type: string
rbac_action-query:
description: |
Filter the RBAC policy list result by the action for the RBAC policy
which is ``access_as_external`` or ``access_as_shared``.
in: query
required: false
type: string
remote_group_id-query:
description: |
Filter the security group rule list result by the ID of the remote group
that associates with this security group rule.
in: query
required: false
type: string
remote_ip_prefix-query:
description: |
Filter the list result by the remote IP prefix that is matched by
this security group rule.
in: query
required: false
type: string
resource-query:
description: |
Filter the list result by the resource type of the availability zone.
The supported resource types are ``network`` and ``router``.
in: query
required: false
type: string
resource_log_id-query:
description: |
Filter the log list result by the ID of resource (e.g security group ID).
in: query
required: false
type: string
resource_log_type-query:
description: |
Filter the log list result by the resource type such as ``security_group``.
in: query
required: false
type: string
resource_target_log_id-query:
description: |
Filter the log list result by the ID of resource that is the
logging target.
in: query
required: false
type: string
revision_number-query:
description: |
Filter the list result by the revision number of the resource.
in: query
required: false
type: integer
router-sort_key:
description: |
Sorts by a router attribute. You can specify multiple pairs of sort key
and sort direction query parameters. The sort keys are limited to:
- ``admin_state_up``
- ``flavor_id``
- ``id``
- ``name``
- ``status``
- ``tenant_id``
- ``project_id``
in: query
required: false
type: string
router:external-query:
description: |
Filter the network list result based on whether the network has an
external routing facility that's not managed by the networking service.
in: query
required: false
type: boolean
security_group-sort_key:
description: |
Sorts by a security group attribute. You can specify multiple pairs of
sort key and sort direction query parameters. The sort keys are limited to:
- ``id``
- ``name``
- ``tenant_id``
- ``project_id``
in: query
required: false
type: string
security_group_rule-security_group_id-query:
description: |
Filter the security group rule list result by the ID of the security group
that associates with this security group rule.
in: query
required: false
type: string
security_group_rule-sort_key:
description: |
Sorts by a security group rule attribute. You can specify multiple pairs of
sort key and sort direction query parameters. The sort keys are limited to:
- ``direction``
- ``ethertype``
- ``id``
- ``port_range_max``
- ``port_range_min``
- ``protocol``
- ``remote_group_id``
- ``remote_ip_prefix``
- ``security_group_id``
- ``tenant_id``
- ``project_id``
in: query
required: false
type: string
segment-sort_key:
description: |
Sorts by a segment attribute. You can specify multiple pairs of sort key
and sort direction query parameters. The sort keys are limited to:
- ``id``
- ``name``
- ``network_id``
- ``network_type``
- ``physical_network``
- ``segmentation_id``
- ``tenant_id``
- ``project_id``
in: query
required: false
type: string
service_profile-driver-query:
description: |
Filter the service profile list result by the driver that this profile
uses.
in: query
required: false
type: string
service_profile-enabled-query:
description: |
Filter the service profile list result based on whether this service
profile is enabled or not.
in: query
required: false
type: boolean
service_profile-sort_key:
description: |
Sorts by a service profile attribute. You can specify multiple pairs of
sort key and sort direction query parameters. The sort keys are limited to:
- ``description``
- ``driver``
- ``enabled``
- ``id``
- ``metainfo``
in: query
required: false
type: string
shared-query:
description: |
Admin-only. Filter the list result based on whether the resource is
shared across all projects.
in: query
required: false
type: boolean
sort_dir:
description: |
Sort direction. A valid value is ``asc`` (ascending) or ``desc``
(descending). You can specify multiple pairs of sort key and
sort direction query parameters.
in: query
required: false
type: string
state-query:
description: |
Filter the list result by the state of the availability zone, which is
either ``available`` or ``unavailable``.
in: query
required: false
type: string
subnet-dns_publish_fixed_ip-query:
description: |
Filter the subnet list result based on if ``dns_publish_fixed_ip`` is
enabled or disabled for the subnet.
in: query
required: false
type: boolean
subnet-enable_dhcp-query:
description: |
Filter the subnet list result based on if DHCP is enabled or disabled
for the subnet.
in: query
required: false
type: boolean
subnet-gateway_ip-query:
description: |
Filter the subnet list result by the gateway IP of this subnet.
in: query
required: false
type: string
subnet-ip_version-query:
description: |
Filter the subnet list result by the IP protocol version.
Value is ``4`` or ``6``.
in: query
required: false
type: integer
subnet-ipv6_address_mode-query:
description: |
Filter the subnet list result by the IPv6 address modes specifies
mechanisms for assigning IP addresses.
Value is ``slaac``, ``dhcpv6-stateful``, ``dhcpv6-stateless`` or ``null``.
in: query
required: false
type: string
subnet-ipv6_ra_mode-query:
description: |
Filter the subnet list result by the IPv6 router advertisement specifies
whether the networking service should transmit ICMPv6 packets for a subnet.
Value is ``slaac``, ``dhcpv6-stateful``, ``dhcpv6-stateless`` or ``null``.
in: query
required: false
type: string
subnet-network_id-query:
description: |
Filter the subnet list result by the ID of the network to which
the subnet belongs.
in: query
required: false
type: string
subnet-segment_id-query:
description: |
Filter the subnet list result by the ID of a network segment the subnet
is associated with.
It is available when ``segment`` extension is enabled.
in: query
required: false
type: string
subnet-sort_key:
description: |
Sorts by a subnet attribute. You can specify multiple pairs of sort key
and sort direction query parameters. The sort keys are limited to:
- ``cidr``
- ``enable_dhcp``
- ``gateway_ip``
- ``id``
- ``ip_version``
- ``ipv6_address_mode``
- ``ipv6_ra_mode``
- ``name``
- ``network_id``
- ``segment_id``
- ``subnetpool_id``
- ``tenant_id``
- ``project_id``
in: query
required: false
type: string
subnet-subnetpool_id-query:
description: |
Filter the subnet list result by the ID of the subnet pool associated
with the subnet.
in: query
required: false
type: string
subnetpool-sort_key:
description: |
Sorts by a subnetpool attribute. You can specify multiple pairs of sort key
and sort direction query parameters. The sort keys are limited to:
- ``address_scope_id``
- ``default_prefixlen``
- ``default_quota``
- ``id``
- ``ip_version``
- ``is_default``
- ``max_prefixlen``
- ``min_prefixlen``
- ``name``
- ``shared``
- ``tenant_id``
- ``project_id``
in: query
required: false
type: string
subnetpool_is_default-query:
description: |
Filter the subnet pool list result based on if it is a default pool or not.
in: query
required: false
type: boolean
tags-any-query:
description: |
A list of tags to filter the list result by.
Resources that match any tag in this list will be returned.
Tags in query must be separated by comma.
in: query
required: false
type: string
tags-query:
description: |
A list of tags to filter the list result by.
Resources that match all tags in this list will be returned.
Tags in query must be separated by comma.
in: query
required: false
type: string
target_tenant-query:
description: |
Filter the RBAC policy list result by the ID of the tenant to which the
RBAC policy will be enforced.
in: query
required: false
type: string
topic-query:
description: |
Filter the list result by the name of AMQP topic the agent is listening on
such as ``dhcp_agent``.
in: query
required: false
type: string
trunk-sort_key:
description: |
Sorts by a trunk attribute. You can specify multiple pairs of sort key
and sort direction query parameters. The sort keys are limited to:
- ``admin_state_up``
- ``id``
- ``name``
- ``port_id``
- ``project_id``
- ``status``
- ``tenant_id``
in: query
required: false
type: string
trunk-status-query:
description: |
Filter the trunk list result by the status for the trunk. Possible values
are ``ACTIVE``, ``DOWN``, ``BUILD``, ``DEGRADED``, and ``ERROR``.
in: query
required: false
type: string
trunk_port_id-query:
description: |
Filter the trunk list result by the ID of the parent port.
in: query
required: false
type: string
verbose:
description: |
Show detailed information.
in: query
required: false
type: boolean
vlan_transparent-query:
description: |
Filter the network list by the VLAN transparency mode of the network,
which is VLAN transparent (``true``) or not VLAN transparent (``false``).
in: query
required: false
type: boolean
# variables in body
action:
description: |
The action that the API performs on traffic that
matches the firewall rule. Valid value is ``allow`` or ``deny``.
Default is ``deny``.
in: body
required: false
type: string
action-response:
description: |
The action that the API performs on traffic that
matches the firewall rule. Valid value is ``allow``, ``deny`` or ``reject``.
Default is ``deny``.
in: body
required: true
type: string
address:
description: |
The IP address of the member.
format: ipv4
in: body
required: true
type: string
address_scope:
description: |
An ``address scope`` object.
in: body
required: true
type: object
address_scope_id:
description: |
An address scope to assign to the subnet pool.
in: body
required: false
type: object
address_scope_id_body:
description: |
The ID of the address scope.
in: body
required: true
type: string
address_scopes:
description: |
A list of ``address scope`` objects.
in: body
required: true
type: array
admin_state_up:
description: |
The administrative state of the resource, which is
up (``true``) or down (``false``).
in: body
required: true
type: boolean
admin_state_up-request:
description: |
The administrative state of the resource, which is
up (``true``) or down (``false``).
Default is ``true``.
in: body
required: false
type: boolean
admin_state_up_trunk:
description: |
The administrative state of the trunk, which
is up (``true``) or down (``false``).
in: body
required: false
type: boolean
agent:
description: |
An ``agent`` object.
in: body
required: true
type: object
type: string
agent_resources_synced:
description: |
The value ``null`` means no resource view synchronization to Placement
was attempted. ``true`` / ``false`` values signify the success of
the last synchronization attempt. Therefore the relevant resources
in Placement can only be considered up to date if this attribute is
``true``. This attribute is read-only, it is only supposed to be
updated internally, but it is readable for debugging purposes. Not all
agent types track resources via Placement, therefore the value ``null``
does not necessarily means there is an error in the system.
in: body
required: false
type: boolean
agent_type:
description: |
The type of agent such as ``Open vSwitch agent`` or ``DHCP agent``.
in: body
required: true
type: string
agents:
description: |
A list of ``agent`` objects.
in: body
required: true
type: array
alias:
description: |
The alias for the extension. For example,
"FOXNSOX", "os- availability-zone", "os-extended-quotas", "os-
share-unmanage" or "os-used-limits."
in: body
required: true
type: string
alive:
description: |
Indicates the agent is alive and running.
in: body
required: true
type: boolean
allowed_address_pairs:
description: |
A set of zero or more allowed address pair objects each where address pair
object contains an ``ip_address`` and ``mac_address``. While the
``ip_address`` is required, the ``mac_address`` will be taken from the
port if not specified. The value of ``ip_address`` can be an IP Address
or a CIDR (if supported by the underlying extension plugin).
A server connected to the port can send a packet with source address which
matches one of the specified allowed address pairs.
in: body
required: true
type: array
allowed_address_pairs-request:
description: |
A set of zero or more allowed address pair objects each where address pair
object contains an ``ip_address`` and ``mac_address``. While the
``ip_address`` is required, the ``mac_address`` will be taken from the
port if not specified. The value of ``ip_address`` can be an IP Address
or a CIDR (if supported by the underlying extension plugin).
A server connected to the port can send a packet with source address which
matches one of the specified allowed address pairs.
in: body
required: false
type: array
audited:
description: |
Each time that the firewall policy or its
associated rules are changed, the API sets this attribute to
``false``. To audit the policy, explicitly set this attribute to
``true``.
in: body
required: true
type: boolean
auth_algorithm:
description: |
The authentication hash algorithm. Valid values
are ``sha1``, ``sha256``, ``sha384``, ``sha512``.
The default is ``sha1``.
in: body
required: false
type: string
auth_mode:
description: |
The authentication mode. A valid value is
``psk``, which is the default.
in: body
required: false
type: string
availability_zone:
description: |
The availability zone of the agent.
in: body
required: true
type: string
availability_zone_hints:
description: |
The availability zone candidate for the network.
in: body
required: true
type: array
availability_zone_hints-request:
description: |
The availability zone candidate for the network.
in: body
required: false
type: array
availability_zones:
description: |
The availability zone for the network.
in: body
required: true
type: array
availability_zones-list:
description: |
A list of ``availability zone`` objects.
in: body
required: true
type: array
bandwidth_limit_rule:
description: |
A ``bandwidth_limit_rule`` object.
in: body
required: true
type: object
bandwidth_limit_rules:
description: |
A list of bandwidth limit rules associated with
the QoS policy.
in: body
required: true
type: array
bgpvpn:
description: |
A ``bgpvpn`` object represents an MPLS network with which Neutron routers
and/or networks may be associated
in: body
required: true
type: object
bgpvpn-advertise_extra_routes:
description: |
Boolean flag controlling whether or not the routes specified in the
``routes`` attribute of the router will be advertised to the BGPVPN.
in: body
required: true
type: boolean
bgpvpn-advertise_extra_routes-request:
description: |
Boolean flag controlling whether or not the routes specified in the
``routes`` attribute of the router will be advertised to the BGPVPN
(default: true).
in: body
required: false
type: boolean
bgpvpn-advertise_fixed_ips:
description: |
Boolean flag controlling whether or not the fixed IPs of a port will
be advertised to the BGPVPN.
in: body
required: true
type: boolean
bgpvpn-advertise_fixed_ips-request:
description: |
Boolean flag controlling whether or not the fixed IPs of a port will
be advertised to the BGPVPN (default: true).
in: body
required: false
type: boolean
bgpvpn-export_targets:
description: |
Additional Route Targets that will be used for export.
in: body
required: false
type: array
bgpvpn-export_targets-required:
description: |
Additional Route Targets that will be used for export.
in: body
required: true
type: array
bgpvpn-id-body:
description: |
The ID of the BGP VPN.
in: body
required: true
type: string
bgpvpn-import_targets:
description: |
Additional Route Targets that will be imported.
in: body
required: false
type: array
bgpvpn-import_targets-required:
description: |
Additional Route Targets that will be imported.
in: body
required: true
type: array
bgpvpn-local_pref:
description: |
The default BGP LOCAL_PREF of routes that will be advertised to the
BGPVPN (unless overridden per-route).
in: body
required: true
type: integer
bgpvpn-local_pref-request:
description: |
The default BGP LOCAL_PREF of routes that will be advertised to the
BGPVPN (unless overridden per-route). Defaults to ``null``.
in: body
required: false
type: integer
bgpvpn-name:
description: |
The user meaningful name of the BGP VPN.
in: body
required: false
type: string
bgpvpn-name-required:
description: |
The user meaningful name of the BGP VPN.
in: body
required: true
type: string
bgpvpn-network_association:
description: |
A ``network_association`` object represents the binding of a BGP VPN
to a Neutron network.
in: body
required: true
type: object
bgpvpn-network_association_id:
description: |
The ID of an association between a network and a BGP VPN.
in: body
required: true
type: string
bgpvpn-network_associations:
description: |
A list of ``network_association`` objects which represent bindings
of MPLS networks to Neutron networks.
in: body
required: true
type: object
bgpvpn-network_id:
description: |
The ID of a Neutron network with which to associate the BGP VPN.
in: body
required: true
type: string
bgpvpn-networks:
description: |
This read-only list of network IDs reflects the associations defined by
Network association API resources.
in: body
required: false
type: array
bgpvpn-networks-required:
description: |
This read-only list of network IDs reflects the associations defined by
Network association API resources.
in: body
required: true
type: array
bgpvpn-port_association:
description: |
A ``port_association`` object represents the binding of a BGP VPN
to a Neutron port.
in: body
required: true
type: object
bgpvpn-port_association_id:
description: |
The ID of an association between a port and a BGP VPN.
in: body
required: true
type: string
bgpvpn-port_associations:
description: |
A list of ``port_association`` objects which represent bindings
of MPLS networks to Neutron ports.
in: body
required: true
type: array
bgpvpn-port_id:
description: |
The ID of a Neutron port with which to associate the BGP VPN.
in: body
required: true
type: string
bgpvpn-ports:
description: |
This read-only list of port IDs reflects the associations defined by Port
association API resources (only present if the ``bgpvpn-routes-control``
API extension is enabled).
in: body
required: true
type: array
bgpvpn-route_distinguishers:
description: |
List of route distinguisher strings. If this parameter is specified, one
of these RDs will be used to advertise VPN routes.
in: body
required: false
type: array
bgpvpn-route_distinguishers-required:
description: |
List of route distinguisher strings. If this parameter is specified, one
of these RDs will be used to advertise VPN routes.
in: body
required: true
type: array
bgpvpn-route_targets:
description: |
Route Targets that will be both imported and used for export.
in: body
required: false
type: array
bgpvpn-route_targets-required:
description: |
Route Targets that will be both imported and used for export.
in: body
required: true
type: array
bgpvpn-router_association:
description: |
A ``router_association`` object represents the binding of a BGP VPN
to a Neutron router.
in: body
required: true
type: object
bgpvpn-router_association_id:
description: |
The ID of an association between a router and a BGP VPN.
in: body
required: true
type: string
bgpvpn-router_associations:
description: |
A list of ``router_association`` objects which represent bindings
of MPLS networks to Neutron routers.
in: body
required: true
type: object
bgpvpn-router_id:
description: |
The ID of a Neutron router with which to associate the BGP VPN.
in: body
required: true
type: string
bgpvpn-routers:
description: |
This read-only list of router IDs reflects the associations defined by
Router association API resources.
in: body
required: false
type: array
bgpvpn-routers-required:
description: |
This read-only list of router IDs reflects the associations defined by
Router association API resources.
in: body
required: true
type: array
bgpvpn-routes:
description: |
List of routes, each route being a dict with at least a ``type`` key,
which can be ``prefix`` or ``bgpvpn``.
For the ``prefix`` type, the IP prefix (v4 or v6) to advertise
is specified in the ``prefix`` key.
For the ``bgpvpn`` type, the ``bgpvpn_id`` key specifies the BGPVPN from
which routes will be readvertised with the association port as the
nexthop (any route carrying an RT among ``route_targets`` or
``import_targets`` of this BGPVPN, will be re-announced toward the RTs
of the associated BGPVPN (``export_targets`` + ``route_targets``), with
their next-hop/label pointing to this port).
For both types, the ``local_pref`` key can be used to control the
value of the BGP LOCAL_PREF of the routes that will be advertised.
in: body
required: true
type: array
bgpvpn-routes-request:
description: |
List of routes, each route being a dict with at least a ``type`` key,
which can be ``prefix`` or ``bgpvpn``.
For the ``prefix`` type, the IP prefix (v4 or v6) to advertise
is specified in the ``prefix`` key.
For the ``bgpvpn`` type, the ``bgpvpn_id`` key specifies the BGPVPN from
which routes will be readvertised with the association port as the
nexthop (any route carrying an RT among ``route_targets`` or
``import_targets`` of this BGPVPN, will be re-announced toward the RTs
of the associated BGPVPN (``export_targets`` + ``route_targets``), with
their next-hop/label pointing to this port).
For both types, the ``local_pref`` key can be used to control the
value of the BGP LOCAL_PREF of the routes that will be advertised.
in: body
required: false
type: array
bgpvpn-type:
description: |
Selection of the type of VPN and the technology behind it. Allowed
values are ``l2`` or ``l3``. The default is l3. ``l2`` indicates a Layer
2 (i.e. bridged) attachment and ``l3`` indicates a Layer 3 (i.e.
routed) attachment.
in: body
required: false
type: string
bgpvpn-type-required:
description: |
Selection of the type of VPN and the technology behind it. Allowed
values are ``l2`` or ``l3``. The default is l3. ``l2`` indicates a Layer
2 (i.e. bridged) attachment and ``l3`` indicates a Layer 3 (i.e.
routed) attachment.
in: body
required: true
type: string
bgpvpn-vni:
description: |
The globally-assigned VXLAN ``vni`` for the BGP VPN.
in: body
required: false
type: integer
bgpvpn-vni-required:
description: |
The globally-assigned VXLAN ``vni`` for the BGP VPN.
in: body
required: true
type: integer
bgpvpns:
description: |
A list of ``bgpvpn`` objects. Each ``bgpvpn`` object represents an
MPLS network with which Neutron routers and/or networks may be associated
in: body
required: true
type: array
binary:
description: |
The executable command used to start the agent such as
``neutron-openvswitch-agent`` or ``neutron-dhcp-agent``.
in: body
required: true
type: string
binding:host_id:
description: |
The ID of the host where the port resides.
in: body
required: true
type: string
binding:host_id-request:
description: |
The ID of the host where the port resides.
The default is an empty string.
in: body
required: false
type: string
binding:profile:
description: |
A dictionary that enables the application running on the specific host to
pass and receive vif port information specific to the networking back-end.
The networking API does not define a specific format of this field.
in: body
required: true
type: object
binding:profile-request:
description: |
A dictionary that enables the application running on the specific host to
pass and receive vif port information specific to the networking back-end.
The networking API does not define a specific format of this field.
The default is an empty dictionary.
in: body
required: false
type: object
binding:vif_details:
description: |
A dictionary which contains additional information on the port.
Currently the following fields are defined: ``port_filter`` and
``ovs_hybrid_plug``.
``port_filter`` is a boolean indicating the networking service
provides port filtering features such as security group and/or
anti MAC/IP spoofing.
``ovs_hybrid_plug`` is a boolean used to inform an API consumer
like nova that the hybrid plugging strategy for OVS should be used.
in: body
required: true
type: object
binding:vif_type:
description: |
The type of which mechanism is used for the port.
An API consumer like nova can use this to determine an appropriate way to
attach a device (for example an interface of a virtual server) to the port.
Available values currently defined includes
``ovs``, ``bridge``, ``macvtap``, ``hw_veb``, ``hostdev_physical``,
``vhostuser``, ``distributed`` and ``other``.
There are also special values: ``unbound`` and ``binding_failed``.
``unbound`` means the port is
not bound to a networking back-end. ``binding_failed`` means an error
that the port failed to be bound to a networking back-end.
in: body
required: true
type: string
binding:vnic_type:
description: |
The type of vNIC which this port should be attached to. This is used to
determine which mechanism driver(s) to be used to bind the port.
The valid values are ``normal``, ``macvtap``, ``direct``, ``baremetal``,
``direct-physical``, ``virtio-forwarder`` and ``smart-nic``.
What type of vNIC is actually available depends on deployments.
in: body
required: true
type: string
binding:vnic_type-request:
description: |
The type of vNIC which this port should be attached to. This is used to
determine which mechanism driver(s) to be used to bind the port.
The valid values are ``normal``, ``macvtap``, ``direct``, ``baremetal``,
``direct-physical``, ``virtio-forwarder`` and ``smart-nic``.
What type of vNIC is actually available depends on deployments.
The default is ``normal``.
in: body
required: false
type: string
cidr:
description: |
The CIDR of the subnet.
in: body
required: true
type: string
configurations:
description: |
An object containing configuration specific key/value pairs; the semantics
of which are determined by the binary name and type.
in: body
required: true
type: object
connection_id-body-response:
description: |
The ID of the IPsec site-to-site connection.
in: body
required: false
type: string
conntrack_helper:
description: |
A router ``conntrack helper`` object.
in: body
required: true
type: object
conntrack_helper_helper-body:
description: |
The netfilter conntrack helper module.
in: body
required: true
type: string
conntrack_helper_helper-update:
description: |
The netfilter conntrack helper module.
in: body
required: false
type: string
conntrack_helper_id-body:
description: |
The ID of the conntrack helper.
in: body
required: true
type: string
conntrack_helper_port-body:
description: |
The network port for the netfilter conntrack target rule.
in: body
required: true
type: integer
conntrack_helper_port-update:
description: |
The network port for the netfilter conntrack target rule.
in: body
required: false
type: integer
conntrack_helper_protocol-body:
description: |
The network protocol for the netfilter conntrack target rule.
in: body
required: true
type: string
conntrack_helper_protocol-update:
description: |
The network protocol for the netfilter conntrack target rule.
in: body
required: false
type: string
conntrack_helpers:
description: |
A list of ``router conntrack helpers`` objects.
in: body
required: true
type: array
created_at_resource:
description: |
Time at which the resource has been created (in UTC ISO8601 format).
in: body
required: true
type: string
data_plane_status:
description: |
Status of the underlying data plane of a port.
in: body
required: true
type: string
data_plane_status-request:
description: |
Status of the underlying data plane of a port.
in: body
required: false
type: string
default:
description: |
Defines whether the provider is the default for
the service type. If this value is ``true``, the provider is the
default. If this value is ``false``, the provider is not the
default.
in: body
required: true
type: boolean
default_prefixlen:
description: |
The size of the prefix to allocate when the
``cidr`` or ``prefixlen`` attributes are omitted when you create
the subnet. Default is ``min_prefixlen``.
in: body
required: false
type: integer
default_quota:
description: |
A per-project quota on the prefix space that can
be allocated from the subnet pool for project subnets. Default is
no quota is enforced on allocations from the subnet pool. For IPv4
subnet pools, ``default_quota`` is measured in units of /32. For
IPv6 subnet pools, ``default_quota`` is measured units of /64. All
projects that use the subnet pool have the same prefix quota
applied.
in: body
required: false
type: integer
description:
description: |
A human-readable description for the resource.
in: body
required: true
type: string
description-request:
description: |
A human-readable description for the resource.
Default is an empty string.
in: body
required: false
type: string
description-request-put:
description: |
A human-readable description for the resource.
in: body
required: false
type: string
description_resource:
description: |
The description for the resource.
in: body
required: true
type: string
destination_firewall_group_id-body-optional:
description: |
The ID of the remote destination firewall group.
in: body
required: false
type: string
destination_firewall_group_id-body-required:
description: |
The ID of the remote destination firewall group.
in: body
required: true
type: string
destination_ip_address:
description: |
The destination IPv4 or IPv6 address or CIDR. No
default.
in: body
required: false
type: string
destination_ip_address-response:
description: |
The destination IPv4 or IPv6 address or CIDR. No
default.
in: body
required: true
type: string
destination_port:
description: |
The destination port or port range. A valid
value is a port number, as an integer, or a port range, in the
format of a ``:`` separated range. For a port range, include both
ends of the range. For example, ``80:90``.
in: body
required: false
type: string
destination_port-response:
description: |
The destination port or port range. A valid
value is a port number, as an integer, or a port range, in the
format of a ``:`` separated range. For a port range, include both
ends of the range. For example, ``80:90``.
in: body
required: true
type: string
device_id:
description: |
The ID of the device that uses this port.
For example, a server instance or a logical router.
in: body
required: true
type: string
device_id-request:
description: |
The ID of the device that uses this port.
For example, a server instance or a logical router.
in: body
required: false
type: string
device_owner:
description: |
The entity type that uses this port.
For example, ``compute:nova`` (server instance), ``network:dhcp``
(DHCP agent) or ``network:router_interface`` (router interface).
in: body
required: true
type: string
device_owner-request:
description: |
The entity type that uses this port.
For example, ``compute:nova`` (server instance), ``network:dhcp``
(DHCP agent) or ``network:router_interface`` (router interface).
in: body
required: false
type: string
direction:
description: |
Ingress or egress, which is the direction in
which the security group rule is applied.
in: body
required: true
type: string
dns_assignment:
description: |
Data assigned to a port by the Networking internal DNS including the
``hostname``, ``ip_address`` and ``fqdn``.
in: body
required: true
type: object
dns_domain:
description: |
A valid DNS domain.
in: body
required: true
type: string
dns_domain-request:
description: |
A valid DNS domain.
in: body
required: false
type: string
dns_name:
description: |
A valid DNS name.
in: body
required: true
type: string
dns_name-request:
description: |
A valid DNS name.
in: body
required: false
type: string
dpd:
description: |
A dictionary with dead peer detection (DPD)
protocol controls.
in: body
required: false
type: object
dscp_mark:
description: |
The DSCP mark value.
in: body
required: false
type: integer
dscp_mark-response:
description: |
The DSCP mark value.
in: body
required: true
type: integer
dscp_marking_rule:
description: |
A ``dscp_marking_rule`` object.
in: body
required: true
type: object
dscp_marking_rules:
description: |
A list of ``dscp_marking_rule`` objects.
in: body
required: true
type: array
egress_firewall_policy_id-body-optional:
description: |
The ID of the egress firewall policy for the firewall group.
in: body
required: false
type: string
egress_firewall_policy_id-body-required:
description: |
The ID of the egress firewall policy for the firewall group.
in: body
required: true
type: string
enabled:
description: |
Set to ``false`` to disable this rule in the
firewall policy. Facilitates selectively turning off rules without
having to disassociate the rule from the firewall policy. Valid
value is ``true`` or ``false``. Default is ``true``.
in: body
required: false
type: boolean
enabled-body-required:
description: |
Indicates whether this resource is enabled or
disabled.
in: body
required: true
type: boolean
enabled-response:
description: |
Set to ``false`` to disable this rule in the
firewall policy. Facilitates selectively turning off rules without
having to disassociate the rule from the firewall policy. Valid
value is ``true`` or ``false``. Default is ``true``.
in: body
required: true
type: boolean
encapsulation_mode:
description: |
The encapsulation mode. A valid value is
``tunnel`` or ``transport``. Default is ``tunnel``.
in: body
required: false
type: string
encryption_algorithm:
description: |
The encryption algorithm. A valid value is
``3des``, ``aes-128``, ``aes-192``, ``aes-256``, and so on.
Default is ``aes-128``.
in: body
required: false
type: string
endpoint_group_id-body-response:
description: |
The ID of the VPN endpoint group.
in: body
required: true
type: string
endpoints:
description: |
List of endpoints of the same type, for the
endpoint group. The values will depend on type.
in: body
required: true
type: array
ethertype:
description: |
Must be IPv4 or IPv6, and addresses represented
in CIDR must match the ingress or egress rules.
in: body
required: true
type: string
ethertype-request:
description: |
Must be IPv4 or IPv6, and addresses represented
in CIDR must match the ingress or egress rules.
in: body
required: false
type: string
excluded:
description: |
Indicates whether to count the traffic of a
specific IP address with the ``remote_ip_prefix`` value.
in: body
required: true
type: boolean
excluded-request:
description: |
Indicates whether to count the traffic of a
specific IP address with the ``remote_ip_prefix`` value. Default
is ``false``.
in: body
required: false
type: boolean
expected_codes:
description: |
The list of HTTP status codes expected in
response from the member to declare it healthy. Specify one of the
following values:
- A single value, such as ``200``
- A list, such as ``200, 202``
- A range, such as ``200-204``
The default is 200.
in: body
required: false
type: string
expected_codes-response:
description: |
The list of HTTP status codes expected in
response from the member to declare it healthy. Specify one of the
following values:
- A single value, such as ``200``
- A list, such as ``200, 202``
- A range, such as ``200-204``
The default is 200.
in: body
required: true
type: string
extension:
description: |
An ``extension`` object.
in: body
required: true
type: object
extension-alias-body:
description: |
The alias for the extension. For example "quotas" or
"security-group".
in: body
required: true
type: string
extension-description:
description: |
The human-readable description for the resource.
in: body
required: true
type: string
extension-links:
description: |
List of links related to the extension.
in: body
required: true
type: array
extension-name:
description: |
Human-readable name of the resource.
in: body
required: true
type: string
extension-updated:
description: |
The date and timestamp when the extension was
last updated.
in: body
required: true
type: string
extensions:
description: |
A list of ``extension`` objects.
in: body
required: true
type: array
external_port:
description: |
The TCP/UDP/other protocol port number of the port forwarding's floating IP
address.
in: body
required: true
type: integer
external_port-update:
description: |
The TCP/UDP/other protocol port number of the port forwarding's floating IP
address.
in: body
required: false
type: integer
external_v4_ip:
description: |
Read-only external (public) IPv4 address that is
used for the VPN service. The VPN plugin sets this address if an
IPv4 interface is available.
in: body
required: true
type: string
external_v6_ip:
description: |
Read-only external (public) IPv6 address that is
used for the VPN service. The VPN plugin sets this address if an
IPv6 interface is available.
in: body
required: true
type: string
extra_dhcp_opts:
description: |
A set of zero or more extra DHCP option pairs. An
option pair consists of an option value and name.
in: body
required: true
type: array
extra_dhcp_opts-request:
description: |
A set of zero or more extra DHCP option pairs. An
option pair consists of an option value and name.
in: body
required: false
type: array
fip_port_forwarding:
description: |
A ``floating IP port forwarding`` object.
in: body
required: true
type: object
fip_port_forwarding_id-body:
description: |
The ID of the floating IP port forwarding.
in: body
required: true
type: string
fip_port_forwarding_protocol-body:
description: |
The IP protocol used in the floating IP port forwarding.
in: body
required: true
type: string
fip_port_forwarding_protocol-update:
description: |
The IP protocol used in the floating IP port forwarding.
in: body
required: false
type: string
fip_port_forwardings:
description: |
A list of ``floating IP port forwardings`` objects.
in: body
required: true
type: array
firewall:
description: |
A ``firewall`` object.
in: body
required: true
type: object
firewall-status:
description: |
The status of the firewall service. Values are
``ACTIVE``, ``INACTIVE``, ``ERROR``, ``DOWN``,
``PENDING_CREATE``, ``PENDING_UPDATE``, or ``PENDING_DELETE``.
in: body
required: true
type: string
firewall_group_admin_state_up-body-optional:
description: |
The administrative state of the firewall group, which
is up (``true``) or down (``false``). Default is ``true``.
in: body
required: false
type: boolean
firewall_group_admin_state_up-body-required:
description: |
The administrative state of the firewall group, which
is up (``true``) or down (``false``). Default is ``true``.
in: body
required: true
type: boolean
firewall_group_description-body-optional:
description: |
A human-readable description of the firewall group.
in: body
required: false
type: object
firewall_group_description-body-required:
description: |
A human-readable description of the firewall group.
in: body
required: true
type: object
firewall_group_id-body-required:
description: |
The ID of the firewall group.
in: body
required: true
type: string
firewall_group_name-body-optional:
description: |
A human-readable name for the firewall group.
in: body
required: false
type: string
firewall_group_name-body-required:
description: |
A human-readable name for the firewall group.
in: body
required: true
type: string
firewall_group_object: