NSX Cloud Service Manager API Guide

NSX 2.2.0

Table of Contents

  1. Overview
  2. API Methods
    1. Users and Roles
    2. Api Services
      1. Api Request Batching
      2. Authentication
      3. Task Management
    3. Cloud Service Manager
      1. Accounts Statistics
      2. Aws Accounts
      3. Aws Gateway Amis
      4. Aws Gateways
      5. Aws Key Pairs
      6. Aws Regions
      7. Aws Vpcs
      8. Azure Accounts
      9. Azure Gateways
      10. Azure Regions
      11. Azure Resources
      12. Azure Vnets
      13. Cloud Service Manager
      14. Nsx Manager Accounts
      15. Virtual Machines
    4. Error Resolver
    5. Licensing
    6. Nsx Component Administration
      1. Appliance
      2. Appliance Management
      3. Backup Restore Management
        1. Backup
        2. Restore
      4. Cluster Management
      5. Nsx Administration
      6. Trust Management
        1. Certificate
        2. Crl
        3. Csr
    7. Troubleshooting And Monitoring
      1. System Logs
    8. Upgrade
      1. Bundle
      2. Bundles
      3. Group
      4. History
      5. Nodes
      6. Plan
      7. Status
      8. Upgradeunits
  3. API Types
  4. API Type Schemas
  5. API Errors


Overview

Introduction

NSX Cloud Service Manager provides a programmatic API to automate management activities. The API follows a resource-oriented Representational State Transfer (REST) architecture, using JSON object encoding. Clients interact with the API using RESTful web service calls over the HTTPS protocol.

Each API method is identified by a request method and URI. Method parameters are specified as key-value pairs appended to the URI. Unless otherwise noted, request and response bodies are encoded using JSON, and must conform to the JSON schema associated with each method. The content type of each request and reply is "application/json" unless otherwise specified. Each request that can be made is documented in the API Methods section. The associated request and response body schemas are documented in the API Schemas section.

Some APIs may be marked as deprecated. This indicates that the functionality provided by the API has been removed or replaced with a different API. The description of the API will indicate what API(s) to call instead.

Some APIs may be marked as experimental. This indicates that the API may be changed or removed without notice in a future NSX Cloud Service Manager release.

It is possible for any request to fail. Errors are reported using standard HTTP response codes. It should be assumed the following errors could be returned by any API method: 301 Moved Permanently, 307 Temporary Redirect, 400 Bad Request, 401 Unauthorized, 403 Forbidden, 500 Internal Server Error, 503 Service Unavailable. Where other errors may be returned, the type of error is indicated in the API method description. All errors are documented in the API Errors section.

Request Authentication

Most API calls require authentication. This API supports HTTP Basic authentication and session-based authentication schemes. Multiple authentication schemes may not be used concurrently.

HTTP Basic Authentication

To authenticate a request using HTTP Basic authentication, the caller's credentials are passed using the 'Authorization' header. The header content should consist of a base64-encoded string containing the username and password separated by a single colon (":") character, as specified in RFC 1945 section 11.1.

For example, to authenticate a request using the default credentials of user admin with password admin, include the following header with the request:

Authorization: Basic YWRtaW46YWRtaW4=

The following cURL command will authenticate to the manager using basic authentication and will issue a GET request for logical ports:

curl -k -u USERNAME:PASSWORD https://MANAGER/api/v1/logical-ports

where:
USERNAME is the user to authenticate as,
PASSWORD is the password to provide, and
MANAGER is the IP address or host name of the NSX manager

For example:

curl -k -u admin:secretPw99 https://192.168.22.32/api/v1/logical-ports

Note: the -k argument instructs cURL to skip verifying the manager's self-signed X.509 certificate.

Session-Based Authentication

Session-based authentication is used by calling the /api/session/create authentication API to manage a session cookie. The session cookie returned in the result of a successful login must be provided in subsequent requests in order to associate those requests with the session.

Session state is local to the server responding to the API request. Idle sessions will automatically time-out, or can be terminated immediately using the POST /api/session/destroy API.

To obtain a session cookie, POST form data to the server using the application/x-ww-form-urlencoded media type, with fields "j_username" and "j_password" containing the username and password separated by an ampersand. Since an ampersand is a UNIX shell metacharacter, you may need to surround the argument with single quotes.

The following cURL command will authenticate to the server, will deposit the session cookie in the file "cookies.txt", and will write all HTTP response headers to the file headers.txt. One of these headers is the X-XSRF-TOKEN header that you will need to provide in subsequent requests.

curl -k -c cookies.txt -D headers.txt -X POST -d 'j_username=USERNAME&j_password=PASSWORD' https://MANAGER/api/session/create

For example:

curl -k -c cookies.txt -D headers.txt -X POST -d 'j_username=admin&j_password=secretPw99' https://192.168.22.32/api/session/create

The manager will respond with the roles and permissions granted to the user, and cURL will deposit the session cookie into the file "cookies.txt".

In subsequent cURL requests, use the -b argument to specify the cookie file. You also need to pass the X-XSRF-TOKEN header that was saved to the headers.txt file, using cURL's -H option:

curl -k -b cookies.txt -H "`grep X-XSRF-TOKEN headers.txt`" https://192.168.22.32/api/v1/logical-ports

When the session expires, the manager will respond with a 403 Forbidden HTTP response, at which point you must obtain a new session cookie and X-XSRF-TOKEN.

Session cookies can be destroyed by using the /api/session/destroy API:

curl -k -b cookies.txt -H "`grep X-XSRF-TOKEN headers.txt`" -X POST https://MANAGER/api/session/destroy

Example Requests and Responses

Example requests and responses are provided for most of the API calls below. Your actual response might differ from the example in the number of fields returned because optional empty fields are not returned when you make an API call.

Restrictions on Certain Fields in a Request

When configuring layer 2 switching, the following fields can contain any character except semicolon (;), vertical bar (|), equal sign (=), comma (,), tilde (~), and the "at" sign (@). They also have a length limitation as specified below:

OpenAPI Specification of NSX Cloud Service Manager API

You can get an OpenAPI specification of the NSX Cloud Service Manager API with one of the following calls:



API Methods

Toggle all tables +

Users and Roles

Associated URIs:

Create registration access token

The privileges of the registration token will be the same as the caller. Request:
Method:
POST
URI Path:
/csmapi/api/v1/aaa/registration-token
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/aaa/registration-token Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RegistrationToken+

Example Response: { "token": "e9112e46-a54a-486f-82bb-043b89228c1b", "roles":[ "network_engineer" ] } Required Permissions: crud Additional Errors:

Get registration access token

Request:
Method:
GET
URI Path:
/csmapi/api/v1/aaa/registration-token/<token>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/aaa/registration-token/e9112e46-a54a-486f-82bb-043b89228c1b Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RegistrationToken+

Example Response: { "token": "e9112e46-a54a-486f-82bb-043b89228c1b", "roles": [ "network_engineer" ] } Required Permissions: read Additional Errors:

Delete registration access token

Request:
Method:
DELETE
URI Path:
/csmapi/api/v1/aaa/registration-token/<token>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/aaa/registration-token/e9112e46-a54a-486f-82bb-043b89228c1b Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Additional Errors:

Assign roles to User or Group

Request:
Method:
POST
URI Path:
/csmapi/api/v1/aaa/role-bindings
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
RoleBinding+

Example Request: POST https://<nsx-mgr>/api/v1/aaa/role-bindings { "name": "local_admin@System Domain", "type": "remote_user", "roles":[ { "role": "auditor" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RoleBinding+

Example Response: { "resource_type": "RoleBinding", "description": "", "id": "7e672b0e-f0bd-48bc-b579-9e6f1b2b3969", "display_name": "local_admin@System Domain", "tags": [], "roles": [ { "role": "auditor" } ], "name": "local_admin@System Domain", "type": "remote_user", "_create_user": "admin", "_create_time": 1493960803006, "_last_modified_user": "admin", "_last_modified_time": 1493960803006, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: users_role_assignments Additional Errors:

Get all users and groups with their roles

Request:
Method:
GET
URI Path:
/csmapi/api/v1/aaa/role-bindings
Request Headers:
n/a
Query Parameters:
RoleBindingRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/aaa/role-bindings?page_size=1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RoleBindingListResult+

Example Response: { "sort_ascending": true, "sort_by": "id", "result_count": 2, "results": [ { "resource_type": "RoleBinding", "description": "", "id": "0395447b-480a-4091-9075-4070138e0cee", "display_name": "rt-group1", "tags": [], "roles": [ { "role": "auditor" } ], "name": "rt-group1", "type": "remote_group", "_create_user": "admin", "_create_time": 1493963048438, "_last_modified_user": "admin", "_last_modified_time": 1493963048438, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "RoleBinding", "description": "", "id": "7e672b0e-f0bd-48bc-b579-9e6f1b2b3969", "display_name": "local_admin@System Domain", "tags": [], "roles": [ { "role": "enterprise_admin" } ], "name": "local_admin@System Domain", "type": "remote_user", "_create_user": "admin", "_create_time": 1493960803006, "_last_modified_user": "admin", "_last_modified_time": 1493960803006, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ] } Required Permissions: read Feature: users_role_assignments Additional Errors:

Update User or Group's roles

Request:
Method:
PUT
URI Path:
/csmapi/api/v1/aaa/role-bindings/<binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
RoleBinding+

Example Request: PUT https://<nsx-mgr>/api/v1/aaa/role-bindings/5c669dc6-47a8-4508-3077-6a48f26c5a4g { "name": "local_admin@System Domain", "type": "remote_user", "_revision": 0, "roles":[ { "role": "enterprise_admin" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RoleBinding+

Example Response: { "resource_type": "RoleBinding", "description": "", "id": "7e672b0e-f0bd-48bc-b579-9e6f1b2b3969", "display_name": "local_admin@System Domain", "tags": [], "roles": [ { "role": "enterprise_admin" } ], "name": "local_admin@System Domain", "type": "remote_user", "_create_user": "admin", "_create_time": 1493960803006, "_last_modified_user": "admin", "_last_modified_time": 1493960803006, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: users_role_assignments Additional Errors:

Get user/group's role information

Request:
Method:
GET
URI Path:
/csmapi/api/v1/aaa/role-bindings/<binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/aaa/role-bindings/5c669dc6-47a8-4508-3077-6a48f26c5a4g Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RoleBinding+

Example Response: { "resource_type": "RoleBinding", "description": "", "id": "7e672b0e-f0bd-48bc-b579-9e6f1b2b3969", "display_name": "local_admin@System Domain", "tags": [], "roles": [ { "role": "enterprise_admin" } ], "name": "local_admin@System Domain", "type": "remote_user", "_create_user": "admin", "_create_time": 1493960803006, "_last_modified_user": "admin", "_last_modified_time": 1493960803006, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: users_role_assignments Additional Errors:

Delete user/group's roles assignment

Request:
Method:
DELETE
URI Path:
/csmapi/api/v1/aaa/role-bindings/<binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/aaa/role-bindings/5c669dc6-47a8-4508-3077-6a48f26c5a4g Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: users_role_assignments Additional Errors:

Get information about all roles

Request:
Method:
GET
URI Path:
/csmapi/api/v1/aaa/roles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/aaa/roles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RoleListResult+

Example Response: { "results": [ { "role": "enterprise_admin" }, { "role": "security_op" }, { "role": "auditor" }, { "role": "security_engineer" }, { "role": "network_op" }, { "role": "network_engineer" } ] } Required Permissions: read Feature: users_configuration Additional Errors:

Get role information

Request:
Method:
GET
URI Path:
/csmapi/api/v1/aaa/roles/<role>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/aaa/roles/auditor Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RoleWithFeatures+

Example Response: { "role": "auditor", "features": [ { "feature": "groups_ip_sets", "permission": "read" }, { "feature": "groups_mac_sets", "permission": "read" }, { "feature": "groups_ip_pools", "permission": "read" }, { "feature": "groups", "permission": "read" }, { "feature": "services", "permission": "read" } ] } Required Permissions: read Feature: users_configuration Additional Errors:

Get information about logged-in user. The permissions parameter of the NsxRole has been deprecated.

Request:
Method:
GET
URI Path:
/csmapi/api/v1/aaa/user-info
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/aaa/user-info Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UserInfo+

Example Response: { "user_name": "admin", "roles": [ { "role": "enterprise_admin" } ] } Required Permissions: none Feature: users_configuration Additional Errors:

Get all the User Groups where vIDM display name matches the search key case insensitively. The search key is checked to be a substring of display name. This is a non paginated API.

Request:
Method:
GET
URI Path:
/csmapi/api/v1/aaa/vidm/groups
Request Headers:
n/a
Query Parameters:
VidmInfoSearchRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/aaa/vidm/groups?search_string=clay_group Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VidmInfoListResult+

Example Response: { "result_count": 3, "results": [ { "name": "clay_group_EA@testad2.local", "type": "remote_group", "display_name": "clay_group_EA@testad2.local" }, { "name": "clay_group_SE@testad2.local", "type": "remote_group", "display_name": "clay_group_SE@testad2.local" }, { "name": "clay_group_AU@testad2.local", "type": "remote_group", "display_name": "clay_group_AU@testad2.local" } ] } Required Permissions: read Feature: users_role_assignments Additional Errors:

Get all the users and groups from vIDM matching the search key case insensitively. The search key is checked to be a substring of name or given name or family name of user and display name of group. This is a non paginated API.

Request:
Method:
POST
URI Path:
/csmapi/api/v1/aaa/vidm/search
Request Headers:
n/a
Query Parameters:
VidmInfoSearchRequestParameters+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/aaa/vidm/search?search_string=John Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VidmInfoListResult+

Example Response: { "result_count": 3, "results": [ { "name": "John_doe@testad2.local", "type": "remote_user", "display_name": "John Doe" }, { "name": "Johnd@testad2.local", "type": "remote_user", "display_name": "John Roe" }, { "name": "Johns_group@testad2.local", "type": "remote_group", "display_name": "John's Group" } ] } Required Permissions: read Feature: users_role_assignments Additional Errors:

Get all the users from vIDM whose userName, givenName or familyName matches the search key case insensitively. The search key is checked to be a substring of name or given name or family name. This is a non paginated API.

Request:
Method:
GET
URI Path:
/csmapi/api/v1/aaa/vidm/users
Request Headers:
n/a
Query Parameters:
VidmInfoSearchRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/aaa/vidm/users?search_string=John Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VidmInfoListResult+

Example Response: { "result_count": 2, "results": [ { "name": "John_doe@testad2.local", "type": "remote_user", "display_name": "John Doe" }, { "name": "John_roe@testad2.local", "type": "remote_user", "display_name": "John Roe" } ] } Required Permissions: read Feature: users_role_assignments Additional Errors:

Api Services

Api Services: Api Request Batching

Associated URIs:

Register a Collection of API Calls at a Single End Point

Enables you to make multiple API requests using a single request. The batch
API takes in an array of logical HTTP requests represented as JSON arrays.
Each request has a method (GET, PUT, POST, or DELETE), a relative_url (the
portion of the URL after https://<nsx-mgr>/api/), optional headers
array (corresponding to HTTP headers) and an optional body (for POST and PUT
requests). The batch API returns an array of logical HTTP responses
represented as JSON arrays. Each response has a status code, an optional
headers array and an optional body (which is a JSON-encoded string).
Request:
Method:
POST
URI Path:
/csmapi/api/v1/batch
Request Headers:
n/a
Query Parameters:
BatchParameter+
Request Body:
BatchRequest+

Example Request: POST https://<nsx-mgr>/api/v1/batch { "requests":[ { "method":"POST", "uri":"/v1/switching-profiles", "body": { "resource_type": "SpoofGuardSwitchingProfile", "display_name": "spoof-guard-lswitch-bindings", "white_list_providers": ["LSWITCH_BINDINGS"] } }, { "method":"GET", "uri":"/v1/switching-profiles" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BatchResponse+

Example Response: { "results": [ { "body": { "revision": 0, "id": "9e6e5375-d7d9-48b4-9118-b1121757f1e3", "display_name": "custom1-qos-switching-profile", "code": 201, "body": { "resource_type": "SpoofGuardSwitchingProfile", "id": "02d866d7-495c-47f4-b945-61a8559219b9", "display_name": "spoof-guard-lswitch-bindings", "white_list_providers": [ "LSWITCH_BINDINGS" ], "_last_modified_time": 1458772318447, "_create_time": 1458772318447, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 } }, { "code": 200, "body": { "cursor": "00361b53de57-0313-4f3d-b494-635c58b1d986spoof-guard-lswitch-bindings", "result_count": 4, "results": [ { "_revision": 0, "id": "9e6e5375-d7d9-48b4-9118-b1121757f1e3", "display_name": "custom1-qos-switching-profile", "resource_type": "QosSwitchingProfile", "description": "", "id": "7f39bf67-ccf5-4613-8993-506ec89d893a", "display_name": "TT", "tags": [], "dscp": { "mode": "TRUSTED", "priority": 0 }, "shaper_configuration": [ { "resource_type": "IngressRateShaper", "enabled": false, "average_bandwidth_mbps": 0, "peak_bandwidth_mbps": 0, "burst_size_bytes": 0 }, { "resource_type": "IngressBroadcastRateShaper", "enabled": false, "burst_size_bytes": 0, "peak_bandwidth_kbps": 0, "average_bandwidth_kbps": 0 }, { "resource_type": "EgressRateShaper", "enabled": false, "average_bandwidth_mbps": 0, "peak_bandwidth_mbps": 0, "burst_size_bytes": 0 } ], "class_of_service": 2, "_last_modified_time": 1457999948761, "_create_time": 1457999948761, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_last_modified_user": "admin" }, "code": 201 }, { "body": { "result_count": 9, "results": [ { "resource_type": "IpfixSwitchingProfile", "revision": 0, "id": "cb317635-939b-430a-ae50-005fc4c6ac14", "display_name": "nsx-default-ipfix-global-profile", "enabled": false, "_last_modified_time": 1413324646801, "_create_time": 1413324646801, "_create_user": "system", "_last_modified_user": "system" }, { "resource_type": "QosSwitchingProfile", "revision": 0, "id": "9e6e5375-d7d9-48b4-9118-b1121757f1e3", "display_name": "custom1-qos-switching-profile", "system_defined": false, "dscp": { "priority": 1, "mode": "UNTRUSTED" }, "burst_size": 20, "class_of_service": 1, "peak_bandwidth": 400, "average_bandwidth": 200, "_last_modified_time": 1413349096169, "_create_time": 1413349096169, "_create_user": "admin", "_last_modified_user": "admin" }, { "resource_type": "IpDiscoverySwitchingProfile", "revision": 0, "id": "64814784-7896-3901-9741-badeff705639", "display_name": "nsx-default-ip-discovery-overlay-profile", "system_defined": true, "arp_snooping_enabled": true, "dhcp_snooping_enabled": true, "_last_modified_time": 1413324646789, "_create_time": 1413324646789, "_create_user": "system", "_last_modified_user": "system" }, { "resource_type": "IpDiscoverySwitchingProfile", "revision": 0, "id": "64814874-6987-1093-1479-badeff705639", "display_name": "nsx-default-ip-discovery-vlan-profile", "system_defined": true, "arp_snooping_enabled": false, "dhcp_snooping_enabled": false, "_last_modified_time": 1413324646800, "_create_time": 1413324646800, "_create_user": "system", "_last_modified_user": "system" }, { "resource_type": "QosSwitchingProfile", "revision": 0, "id": "f313290b-eba8-4262-bd93-fab5026e9495", "display_name": "nsx-default-qos-switching-profile", "system_defined": true, "dscp": { "priority": 0, "mode": "TRUSTED" }, "burst_size": 0, "class_of_service": 0, "peak_bandwidth": 0, "average_bandwidth": 0, "_last_modified_time": 1413324646729, "_create_time": 1413324646729, "_create_user": "system", "_last_modified_user": "system" }, { "resource_type": "PortMirroringSwitchingProfile", "revision": 1, "id": "93b4b7e8-f116-415d-a50c-3364611b5d09", "display_name": "nsx-default-port-mirroring-profile", "system_defined": false, "direction": "INGRESS", "_last_modified_time": 1413345541673, "_create_time": 1413324646767, "_create_user": "system", "_last_modified_user": "admin" } ] }, "code": 200 "_revision": 0 }, { "resource_type": "SpoofGuardSwitchingProfile", "id": "ff45644f-9dda-4970-b1e3-30ac11ff0582", "display_name": "spoof-guard-lswitch-bindings", "white_list_providers": [ "LSWITCH_BINDINGS" ], "_last_modified_time": 1458754361177, "_create_time": 1458754361177, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 }, { "resource_type": "SpoofGuardSwitchingProfile", "id": "02d866d7-495c-47f4-b945-61a8559219b9", "display_name": "spoof-guard-lswitch-bindings", "white_list_providers": [ "LSWITCH_BINDINGS" ], "_last_modified_time": 1458772318447, "_create_time": 1458772318447, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 }, { "resource_type": "SpoofGuardSwitchingProfile", "id": "1b53de57-0313-4f3d-b494-635c58b1d986", "display_name": "spoof-guard-lswitch-bindings", "white_list_providers": [ "LSWITCH_BINDINGS" ], "_last_modified_time": 1458754382102, "_create_time": 1458754382102, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 } ] } } Required Permissions: none Additional Errors:

Api Services: Authentication

Associated URIs:

Read node authentication policy configuration

Returns information about the currently configured authentication
policies on the node.
Request:
Method:
GET
URI Path:
/api/v1/node/aaa/auth-policy
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/aaa/auth-policy Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AuthenticationPolicyProperties+

Example Response: { "_schema": "AuthenticationPolicyProperties", "_self": { "href": "/node/aaa/auth-policy", "rel": "self" }, "api_failed_auth_lockout_period": 900, "api_failed_auth_reset_period": 900, "api_max_auth_failures": 5, "cli_failed_auth_lockout_period": 900, "cli_max_auth_failures": 5, "minimum_password_length": 8 } Required Permissions: read Feature: system_administration Additional Errors:

Update node authentication policy configuration

Update the currently configured authentication policy on the node.
If any of api_max_auth_failures, api_failed_auth_reset_period, or
api_failed_auth_lockout_period are modified, the http service is
automatically restarted.
Request:
Method:
PUT
URI Path:
/api/v1/node/aaa/auth-policy
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AuthenticationPolicyProperties+

Example Request: PUT https://<nsx-mgr>/api/v1/node/aaa/auth-policy { "minimum_password_length": 12 } Successful Response:
Response Code:
202 Accepted
Response Headers:
Content-type: application/json
Response Body:
AuthenticationPolicyProperties+

Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AuthenticationPolicyProperties+

Example Response: { "minimum_password_length": 12 } Required Permissions: crud Feature: system_administration Additional Errors:

Api Services: Task Management

Associated URIs:

Get information about all tasks

Request:
Method:
GET
URI Path:
/csmapi/api/v1/tasks
Request Headers:
n/a
Query Parameters:
TaskQueryParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/tasks Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TaskListResult+

Example Response: { "result_count" : 1, "results" : [ { "start_time" : 1478646470253, "async_response_available" : true, "cancelable" : false, "end_time" : 1478646470344, "progress" : 100, "id" : "59c7d6c8-7d64-4f0e-8af5-0b5e92bc3330", "user" : "admin", "status" : "SUCCESS" } ] } Required Permissions: read Additional Errors:

Get information about the specified task

Request:
Method:
GET
URI Path:
/csmapi/api/v1/tasks/<task-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/tasks/ab265781-c826-4da7-9487-48a5c713a481 Successful Response:
Response Code:
200 OK, 303 See Other
Response Headers:
Content-type: application/json
Response Body:
TaskProperties+

Example Response: { "progress" : 100, "id" : "ab265781-c826-4da7-9487-48a5c713a481", "end_time" : 1416959364977, "status" : "success", "async_response_available" : false, "cancelable" : false, "start_time" : 1416959362874 } Required Permissions: read Additional Errors:

Get the response of a task

Request:
Method:
GET
URI Path:
/csmapi/api/v1/tasks/<task-id>/response
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/tasks59c7d6c8-7d64-4f0e-8af5-0b5e92bc3330/response Successful Response:
Response Code:
200 OK, 303 See Other
Response Headers:
Content-type: application/json
Response Body:
object

Example Response: { "cursor" : "", "sort_ascending" : true, "sort_by" : "displayName", "result_count" : 0, "results" : [ ] } Required Permissions: read Additional Errors:

Cloud Service Manager

Cloud Service Manager: Accounts Statistics

Associated URIs:

Returns statistics for all Accounts

Returns statistics aggregated over all accounts managed by CSM.
Request:
Method:
GET
URI Path:
/api/v1/csm/accounts/statistics
Request Headers:
n/a
Query Parameters:
AllAccountsStatisticsRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/accounts/statistics Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AllAccountsStatisticsListResult+

Example Response: { "results": [ { "resource_type": "AWS", "accounts_count": 3, "instance_stats": { "managed": 63, "unmanaged": 25, "error": 1 }, "vpc_stats": { "managed": 4, "unmanaged": 7 }, "regions_count": 4 }, { "resource_type": "AZURE", "accounts_count": 2, "instance_stats": { "managed": 42, "unmanaged": 25, "error": 3 }, "vnet_stats": { "managed": 2, "unmanaged": 1 }, "regions_count": 5 } ] } Required Permissions: read Feature: cloud_accounts Additional Errors:

Cloud Service Manager: Aws Accounts

Associated URIs:

Add a AWS account to cloud serivce manager

Request:
Method:
POST
URI Path:
/api/v1/csm/aws/accounts
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AwsAccount+

Example Request: POST https://<nsx-csm>/api/v1/csm/aws/accounts { "display_name": "Account ABC", "cloud_type": "AWS", "cloud_tags_enabled" : true, "tenant_id": "123", "auth_mechanism_iam": true, "iam_role_arn": "arn:aws:iam::567455182647:role/csm_aas_test", "gateway_role_name": "GatewayInstanceProfile", "external_id": "vmw-csm-1234" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsAccount+

Example Response: { "id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "display_name": "Account ABC", "tenant_id": "123", "cloud_type": "AWS", "cloud_tags_enabled" : true, "auth_mechanism_iam": true, "instance_stats": { "managed": 0, "unmanaged": 0, "error": 0 }, "vpc_stats": { "managed": 0, "unmanged": 0 }, "regions_count": 0, "status": { "inventory_sync_status": "IN_PROGRESS", "inventory_sync_state": "SYNCING_AWS_REGIONS" } } Required Permissions: crud Feature: cloud_accounts Additional Errors:

Return a list of all AWS accounts

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/accounts
Request Headers:
n/a
Query Parameters:
AwsAccountsListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/accounts?region_id=us-west-2 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsAccountsListResult+

Example Response: { "all_accounts_vpc_stats": { "managed": 2, "unmanaged": 4 }, "all_accounts_instance_stats": { "managed": 12, "unmanaged": 22, "error": 1 } } Required Permissions: read Feature: cloud_accounts Additional Errors:

Delete AWS account information

Request:
Method:
DELETE
URI Path:
/api/v1/csm/aws/accounts/<account-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-csm>/api/v1/csm/aws/accounts/d02af61a-e212-486e-b6c8-10462ccfbad6 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: cloud_accounts Additional Errors:

Update a AWS account information

Request:
Method:
PUT
URI Path:
/api/v1/csm/aws/accounts/<account-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AwsAccount+

Example Request: PUT https://<nsx-csm>/api/v1/csm/aws/accounts/9174ffd1-41b1-42d6-a28d-05c61a0698e2 { "display_name": "New Name", "cloud_type": "AWS" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsAccount+

Example Response: { "id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "display_name": "New Name", "tenant_id": "123", "cloud_type": "AWS", "cloud_tags_enabled" : true, "auth_mechanism_iam": false, "instance_stats": { "managed": 63, "unmanaged": 25, "error": 1 }, "vpc_stats": { "managed": 4, "unmanaged": 7 }, "regions_count": 4, "status": { "inventory_sync_status": "SYNCED", "inventory_sync_state": "NOT_APPLICABLE", "credentials_status": "VALID" } } Required Permissions: crud Feature: cloud_accounts Additional Errors:

Returns the details of the particular AWS account

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/accounts/<account-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/accounts/9174ffd1-41b1-42d6-a28d-05c61a0698e2 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsAccount+

Example Response: { "id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "display_name": "Account ABC", "tenant_id": "123", "cloud_type": "AWS", "cloud_tags_enabled" : true, "auth_mechanism_iam": false, "instance_stats": { "managed": 63, "unmanaged": 25, "error": 1 }, "vpc_stats": { "managed": 4, "unmanaged": 7 }, "regions_count": 4, "status": { "inventory_sync_status": "SYNCED", "inventory_sync_state": "NOT_APPLICABLE", "credentials_status": "VALID" } } Required Permissions: read Feature: cloud_accounts Additional Errors:

Return status of the account like credentials validity, inventory synchronization status and inventory synchronization state

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/accounts/<account-id>/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/accounts/ d02af61a-e212-486e-b6c8-10462ccfbad6/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsAccountStatus+

Example Response: { "inventory_sync_status": "IN_PROGRESS", "inventory_sync_state": "SYNCING_AWS_VPCS", "credentials_status": "VALID" } Required Permissions: read Feature: cloud_accounts Additional Errors:

Synchronizes Aws account related inventory like Regions, Vpcs, Instances Status of inventory synchronization can be known from Aws account status api

Request:
Method:
POST
URI Path:
/api/v1/csm/aws/accounts/<account-id>?action=sync_inventory
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-csm>/api/v1/csm/aws/accounts/ d02af61a-e212-486e-b6c8-10462ccfbad6?action=sync_inventory Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: cloud_accounts Additional Errors:

Cloud Service Manager: Aws Gateway Amis

Associated URIs:

Returns a list of Aws Gateway Amis

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/gateway-amis
Request Headers:
n/a
Query Parameters:
AwsGatewayAmisListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/gateway-amis/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewayAmisListResult+

Example Response: { "results": [ { "region_id": "us-west-1", "ami_id": "ami-789", "_protection": "NOT_PROTECTED", "_revision": 0 }, { "region_id": "us-west-2", "ami_id": "ami-123", "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: ami_region_mapping Additional Errors:

Registers a AWS Gateway AMI for the region specified in the body. One can register only one gateway AMI ID per region. If a gateway AMI is already registered with a region, user is expected to use update API to overwrite the registerd AMI for a region.

Request:
Method:
POST
URI Path:
/api/v1/csm/aws/gateway-amis
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AwsGatewayAmiInfo+

Example Request: POST https://<nsx-csm>/api/v1/csm/aws/gateway-amis { "region_id": "us-west-2", "ami_id": "ami-123" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewayAmiInfo+

Example Response: { "region_id": "us-west-2", "ami_id": "ami-123", "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: ami_region_mapping Additional Errors:

Delete a AWS Gateway AMI

Request:
Method:
DELETE
URI Path:
/api/v1/csm/aws/gateway-amis/<region-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-csm>/api/v1/csm/aws/gateway-amis/us-west-2 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: ami_region_mapping Additional Errors:

Returns AWS Gateway AMI for a particular region

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/gateway-amis/<region-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/gateway-amis/us-west-2 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewayAmiInfo+

Example Response: { "region_id": "us-west-2", "ami_id": "ami-123", "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: ami_region_mapping Additional Errors:

Update a AWS Gateway AMI

Request:
Method:
PUT
URI Path:
/api/v1/csm/aws/gateway-amis/<region-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AwsGatewayAmiInfo+

Example Request: PUT https://<nsx-csm>/api/v1/csm/aws/gateway-amis/us-west-2 { "region_id": "us-west-2", "ami_id": "ami-456", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewayAmiInfo+

Example Response: { "region_id": "us-west-2", "ami_id": "ami-123", "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: ami_region_mapping Additional Errors:

Cloud Service Manager: Aws Gateways

Associated URIs:

Returns configuration information for all gateways

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/gateways
Request Headers:
n/a
Query Parameters:
AwsGatewaysListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/gateways Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewaysListResult+

Example Response: { "results": [ { "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "configuration": { "gateway_ha_configuration": [ { "availability_zone": "us-west-2a", "uplink_subnet": "subnet-4b1e122f", "management_subnet": "subnet-ea1e128e", "downlink_subnet": "subnet-041e1260", "gateway_ha_index": 0 } ], "default_quarantine_policy_enabled": false, "nsx_manager_connection": "PUBLIC_IP", "ami_id": "ami-123", "key_pair_name": "test-key", "is_ha_enabled": false }, "vpc_id": "vpc-c35dbaa4" }, { "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "configuration": { "gateway_ha_configuration": [ { "availability_zone": "us-west-1b", "uplink_subnet": "subnet-5b1e124h", "management_subnet": "subnet-a1e128t", "downlink_subnet": "subnet-141e1266", "gateway_ha_index": 0 }, { "availability_zone": "us-west-1a", "uplink_subnet": "subnet-7b1e932d", "management_subnet": "subnet-w1e128h", "downlink_subnet": "subnet-a41e1264", "gateway_ha_index": 0 } ], "default_quarantine_policy_enabled": true, "nsx_manager_connection": "PRIVATE_IP", "ami_id": "ami-456", "key_pair_name": "test-key", "is_ha_enabled": true }, "vpc_id": "vpc-d76nfie6" } ] } Required Permissions: read Feature: gateway_deployment Additional Errors:

Returns configuration for primary gateway and secondary gateway for the vpc,if exists.

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/gateways/<vpc-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/gateways/vpc-1234 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewayDeployConfig+

Example Response: { "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "configuration": { "gateway_ha_configuration": [ { "availability_zone": "us-west-2a", "uplink_subnet": "subnet-4b1e122f", "management_subnet": "subnet-ea1e128e", "downlink_subnet": "subnet-041e1260", "gateway_ha_index": 0 } ], "default_quarantine_policy_enabled": false, "nsx_manager_connection": "PUBLIC_IP", "ami_id": "ami-123", "key_pair_name": "test-key", "is_ha_enabled": false }, "vpc_id": "vpc-c35dbaa4" } Required Permissions: read Feature: gateway_deployment Additional Errors:

Updates configuration for primary gateway and secondary gateway for the vpc, if exists.

Request:
Method:
PUT
URI Path:
/api/v1/csm/aws/gateways/<vpc-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AwsGatewayDeployConfig+

Example Request: PUT https://<nsx-csm>/api/v1/csm/aws/gateways/vpc-1234 { "configuration": { "default_quarantine_policy_enabled": true, "is_ha_enabled": false }, "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "vpc_id": "vpc-c35dbaa4" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewayDeployConfig+

Example Response: { "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "configuration": { "gateway_ha_configuration": [ { "availability_zone": "us-west-2a", "uplink_subnet": "subnet-4b1e122f", "management_subnet": "subnet-ea1e128e", "downlink_subnet": "subnet-041e1260", "gateway_ha_index": 0 } ], "default_quarantine_policy_enabled": true, "nsx_manager_connection": "PUBLIC_IP", "ami_id": "ami-123", "key_pair_name": "test-key", "is_ha_enabled": false }, "vpc_id": "vpc-c35dbaa4" } Required Permissions: crud Feature: quarantine_policy Additional Errors:

Returns status information for primary gateway and secondary gateway for the vpc, if exists.

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/gateways/<vpc-id>/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/gateways/vpc-1234/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewayStatus+

Example Response: { "gateway_instances_status": [ { "gateway_status": "DEPLOYING", "gateway_instance_id": "i-176", "gateway_ha_index": 0, "deployment_status": 80, "deployment_state": "CONFIGURING_GATEWAY", "gateway_name": "nsxc-gw-vpc-c35dbaa4-preferred-active" } ] } Required Permissions: read Feature: gateway_deployment Additional Errors:

Deploys gateway for the specified VPC

All the required configuration to deploy AWS gateways will be absorbed
as a part of request body in this API and gateway deployment will be
triggered. Deployment progress can be known from GetAwsGatewayStatus API.
Upon successful deployment of a gateway, the deployment_step will be
DEPLOYMENT_SUCCESSFUL and gateway_status will be UP. If any error is
encountered during deployment, corresponding error_code and error_message
will be populated in gateway_instances_status
Request:
Method:
POST
URI Path:
/api/v1/csm/aws/gateways?action=deploy
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AwsGatewayDeployConfig+

Example Request: POST https://<nsx-csm>/api/v1/csm/aws/gateways?action=deploy { "configuration": { "ami_id": "ami-123", "nsx_manager_connection": "PUBLIC_IP", "default_quarantine_policy_enabled": false, "key_pair_name": "test-key", "is_ha_enabled": false, "gateway_ha_configuration": [{ "availability_zone": "us-west-2a", "uplink_subnet": "subnet-4b1e122f", "downlink_subnet": "subnet-041e1260", "management_subnet": "subnet-ea1e128e", "gateway_ha_index": 0 }]}, "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "vpc_id": "vpc-c35dbaa4" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewayDeployConfig+

Example Response: { "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "configuration": { "gateway_ha_configuration": [ { "availability_zone": "us-west-2a", "uplink_subnet": "subnet-4b1e122f", "management_subnet": "subnet-ea1e128e", "downlink_subnet": "subnet-041e1260", "gateway_ha_index": 0 } ], "default_quarantine_policy_enabled": false, "nsx_manager_connection": "PUBLIC_IP", "ami_id": "ami-123", "key_pair_name": "test-key", "is_ha_enabled": false }, "vpc_id": "vpc-c35dbaa4" } Required Permissions: crud Feature: gateway_deployment Additional Errors:

Undeploys gateway for the specified VPC

All the required configuration to undeploy AWS gateway will be absorbed
as a part of request body in this API and gateway undeployment will be
triggered. Undeployment progress can be known from GetAwsGatewayStatus
API. Upon successful undeployment of a gateway, the deployment_step will be
UNDEPLOYMENT_SUCCESSFUL and gateway_status will be NOT_AVAILABLE. If any
error is encountered during undeployment, corresponding error_code and
error_message will be populated in gateway_instances_status
Request:
Method:
POST
URI Path:
/api/v1/csm/aws/gateways?action=undeploy
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AwsGatewayUndeployConfig+

Example Request: POST https://<nsx-csm>/api/v1/csm/aws/gateways?action=undeploy { "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "instance_id": "i-0c2ab8e25221bcf7c" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: gateway_deployment Additional Errors:

Cloud Service Manager: Aws Key Pairs

Associated URIs:

Returns a list of Aws Key Pairs

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/key-pairs
Request Headers:
n/a
Query Parameters:
AwsKeyPairListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/key-pairs? account_id=7324800c-a41a-4cb4-b988-51fa3d093397®ion_id=ap-southeast-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsKeyPairList+

Example Response: { "results": [ { "name": "test-key-1" }, { "name": "test-key-2" }, { "name": "test-key-3" } ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Returns a list of subnets

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/subnets
Request Headers:
n/a
Query Parameters:
AwsSubnetListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/subnets? account_id=7324800c-a41a-4cb4-b988-51fa3d093397& region_name=us-west-2&vpc_id=vpc-c35dbaa4&availability_zone_name=us-west-2a Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsSubnetListResult+

Example Response: { "results": [ { "display_name": "test-subnet-3", "availability_zone": "us-west-2a", "cidr": "10.0.3.0/24", "id": "subnet-ea1e128e" }, { "display_name": "test-subnet-2", "availability_zone": "us-west-2a", "cidr": "10.0.2.0/24", "id": "subnet-041e1260" }, { "display_name": "test-subnet-1", "availability_zone": "us-west-2a", "cidr": "10.0.1.0/24", "id": "subnet-4b1e122f" } ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Cloud Service Manager: Aws Regions

Associated URIs:

Returns a list of Aws regions

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/regions
Request Headers:
n/a
Query Parameters:
AwsRegionsListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/regions Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsRegionsListResult+

Example Response: { "cursor": "000214", "sort_ascending": true, "result_count": 2, "results": [ { "id": "us-west-2", "display_name": "us-west-2", "vpc_stats": { "managed": 5, "unmanaged": 7 }, "gateway_stats": { "deploying": 1, "up": 4, "down": 1 }, "availability_zones": [ { "id": "us-west-2a", "display_name": "us-west-2a" }, { "id": "us-west-2b", "display_name": "us-west-2b" }, { "id": "us-west-2c", "display_name": "us-west-2c" } ], "instance_stats": { "managed": 21, "unmanaged": 32, "error": 1 } }, { "id": "ap-south-1", "display_name": "ap-south-1", "vpc_stats": { "managed": 0, "unmanaged": 0 }, "gateway_stats": { "deploying": 0, "up": 0, "down": 0 }, "availability_zones": [ { "id": "ap-south-1b", "display_name": "ap-south-1b" }, { "id": "ap-south-1a", "display_name": "ap-south-1a" } ], "instance_stats": { "managed": 0, "unmanaged": 0, "error": 0 } } } ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Returns information about the particular Aws Region

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/regions/<region-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/regions/us-west-2 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsRegion+

Example Response: { "id": "us-west-2", "display_name": "us-west-2", "vpc_stats": { "managed": 5, "unmanaged": 7 }, "gateway_stats": { "deploying": 1, "up": 4, "down": 1 }, "availability_zones": [ { "id": "us-west-2a", "display_name": "us-west-2a" }, { "id": "us-west-2b", "display_name": "us-west-2b" }, { "id": "us-west-2c", "display_name": "us-west-2c" } ], "instance_stats": { "managed": 21, "unmanaged": 32, "error": 1 } } Required Permissions: read Feature: cloud_resources Additional Errors:

Cloud Service Manager: Aws Vpcs

Associated URIs:

Returns a list of Vpcs. Support optional query parameters like account_id, region_id, cidr and/or op_status

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/vpcs
Request Headers:
n/a
Query Parameters:
AwsVpcListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/vpcs Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsVpcListResult+

Example Response: { "cursor": "0003147", "sort_ascending": true, "result_count": 2, "results": [ { "id": "vpc-1", "display_name": "VPC Abc", "is_management_vpc": false, "region_id": "us-east-1", "cidr": "172.31.0.0/16", "instance_stats": { "managed": 0, "unmanaged": 21, "error": 0 }, "op_status": "NSX_UNMANAGED" }, { "id": "vpc-c35dbaa4", "display_name": "VPC Def", "is_management_vpc": true, "transport_zones": [ { "is_underlay_transport_zone": false, "logical_switches": [ { "is_default_logical_switch": false, "instances_count": 0, "nsx_switch_tag": "cd1f2633-e67e-46bd-b546-0dc26a07c56b#8uNQpU1EWLcVjXKHr6ga7axvYBnf2Dwc+I+Js3DEhi4=", "logical_switch_display_name": "DefaultSwitch-Overlay-CSM-vpc-c35dbaa4", "logical_switch_id": "cd1f2633-e67e-46bd-b546-0dc26a07c56b" } ], "transport_zone_id": "d4ccc56a-ab51-4059-b3fb-9af3719b6f51", "transport_zone_display_name": "CSM-vpc-c35dbaa4-Overlay" }, { "is_underlay_transport_zone": true, "logical_switches": [ { "is_default_logical_switch": true, "instances_count": 0, "nsx_switch_tag": "default", "logical_switch_display_name": "DefaultSwitch-VLAN-CSM-vpc-c35dbaa4", "logical_switch_id": "1711f8db-95b8-4df8-bba6-dcac63b08b38" } ], "transport_zone_id": "870fb686-7d42-48c4-9189-8997b4f2df21", "transport_zone_display_name": "CSM-vpc-c35dbaa4-VLAN" } ], "region_id": "us-west-2", "cidr": "10.0.0.0/16", "instance_stats": { "managed": 1, "unmanaged": 4, "error": 0 }, "op_status": "NSX_MANAGED", "gateway_info": { "configuration": { "default_quarantine_policy_enabled": false, "nsx_manager_connection": "PUBLIC_IP", "ami_id": "ami-649e0b04", "is_ha_enabled": false }, "gateway_status": { "gateway_cluster_id": "b8ab1a4b-3d85-4a84-b92d-eacdc4402528", "gateway_instances_status": [ { "gateway_tn_id": "ef900bfc-1303-11e7-8cf5-021fa9379409", "gateway_node_id": "ef900bfc-1303-11e7-8cf5-021fa9379409", "gateway_status": "UP", "gateway_instance_id": "i-0b62834659a30fc21", "gateway_ha_index": 0, "deployment_state": "DEPLOYMENT_SUCCESSFUL", "gateway_name": "nsx-gw-vpc-c35dbaa4-preferred-active" } ] } } } ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Returns Vpc information

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/vpcs/<vpc-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/vpcs/vpc-ccfe44ab Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsVpc+

Example Response: { "id": "vpc-ccfe44ab", "display_name": "VPC Abc, "is_management_vpc": false, "region_id": "us-west-2", "cidr": "50.0.0.0/16", "instance_stats": { "managed": 0, "unmanaged": 1, "error": 0 }, "op_status": "NSX_UNMANAGED" } Required Permissions: read Feature: cloud_resources Additional Errors:

Cloud Service Manager: Azure Accounts

Associated URIs:

Returns a list of Azure accounts

Returns a list of Azure accounts with information about each account like
status and statistics. Optional query parameters can be utilized to filter
the list.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/accounts
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/accounts Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureAccountsListResult+

Example Response: { "cursor" : "00011", "sort_ascending" : true, "result_count" : 1, "results" : [ { "id" : "28984eef-d296-4a40-979e", "display_name" : "Account ABC", "tenant_id" : "123", "cloud_type" : "AZURE", "cloud_tags_enabled" : true, "instance_stats" : { "total" : 92, "managed" : 0, "unmanaged" : 82, "error" : 0, "powered_off" : 10 }, "auth_method" : "CREDENTIALS", "credentials" : { "tenant_id" : "123", "subscription_id" : "456", "client_id" : "789" }, "vnet_stats" : { "managed" : 1, "unmanaged" : 42 }, "regions_count" : 2, "status" : { "inventory_sync_status" : "SYNCED", "credentials_status" : "VALID", "inventory_sync_step" : "NOT_APPLICABLE" }, "has_managed_vnet" : true, "_protection": "NOT_PROTECTED" } ] } Required Permissions: read Feature: cloud_accounts Additional Errors:

Add a Azure account to cloud serivce manager

This api adds a Azure account to cloud service manager. Have to pass
one of the authorization methods in auth_method property as part of
request body followed by appropriate data.
Request:
Method:
POST
URI Path:
/api/v1/csm/azure/accounts
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AzureAccount+

Example Request: POST https://<nsx-csm>/api/v1/csm/azure/accounts { "cloud_type":"AZURE", "regions_count":"", "auth_method":"CREDENTIALS", "display_name": "Account ABC", "credentials":{ "client_id":"789", "key":"012", "subscription_id":"456", "tenant_id":"123" }, "has_managed_vnet":false, "_revision":0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureAccount+

Example Response: { "id": "9174ffd1-41b1-42d6-a28d", "display_name": "Account ABC", "tenant_id": "123", "cloud_type": "AZURE", "cloud_tags_enabled": true, "instance_stats": { "total": 92, "managed": 0, "unmanaged": 82, "error": 0, "powered_off": 10 }, "auth_method": "CREDENTIALS", "credentials": { "tenant_id": "123", "subscription_id": "456", "client_id": "789" }, "vnet_stats": { "managed": 1, "unmanaged": 42 }, "regions_count": 2, "status": { "inventory_sync_status": "IN_PROGRESS", "credentials_status": "VALID", "inventory_sync_step": "SYNCING_VMS" }, "has_managed_vnet": true, "_protection": "NOT_PROTECTED" } Required Permissions: crud Feature: cloud_accounts Additional Errors:

Update a Azure account information

This api updates a Azure account which is added to cloud service manager.
Have to pass one of the authorization methods in auth_method property as part of
request body followed by appropriate data.
Request:
Method:
PUT
URI Path:
/api/v1/csm/azure/accounts/<account-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AzureAccount+

Example Request: PUT https://<nsx-csm>/api/v1/csm/azure/accounts/9174ffd1-41b1-42d6-a28d { "cloud_type":"AZURE", "display_name": "Account XYZ" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureAccount+

Example Response: { "id": "9174ffd1-41b1-42d6-a28d", "display_name": "Account XYZ", "tenant_id": "123", "cloud_type": "AZURE", "cloud_tags_enabled": true, "instance_stats": { "total": 92, "managed": 0, "unmanaged": 82, "error": 0, "powered_off": 10 }, "auth_method": "CREDENTIALS", "credentials": { "tenant_id": "123", "subscription_id": "456", "client_id": "789" }, "vnet_stats": { "managed": 1, "unmanaged": 42 }, "regions_count": 2, "status": { "inventory_sync_status": "IN_PROGRESS", "credentials_status": "VALID", "inventory_sync_step": "SYNCING_VMS" }, "has_managed_vnet": true, "_protection": "NOT_PROTECTED" } Required Permissions: crud Feature: cloud_accounts Additional Errors:

Returns information about a particular Azure account

Returns information about an Azure account including status and
statistics
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/accounts/<account-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/accounts/9174ffd1-41b1-42d6-a28d Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureAccount+

Example Response: { "id": "9174ffd1-41b1-42d6-a28d", "display_name": "Account ABC", "tenant_id": "123", "cloud_type": "AZURE", "cloud_tags_enabled": true, "instance_stats": { "total": 92, "managed": 0, "unmanaged": 82, "error": 0, "powered_off": 10 }, "auth_method": "CREDENTIALS", "credentials": { "tenant_id": "123", "subscription_id": "456", "client_id": "789" }, "vnet_stats": { "managed": 1, "unmanaged": 42 }, "regions_count": 2, "status": { "inventory_sync_status": "IN_PROGRESS", "credentials_status": "VALID", "inventory_sync_step": "SYNCING_VMS" }, "has_managed_vnet": true, "_protection": "NOT_PROTECTED" } Required Permissions: read Feature: cloud_accounts Additional Errors:

Delete Azure account information

Deletes Azure account information from cloud service manager Request:
Method:
DELETE
URI Path:
/api/v1/csm/azure/accounts/<account-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-csm>/api/v1/csm/azure/accounts/9174ffd1-41b1-42d6-a28d Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: cloud_accounts Additional Errors:

Returns the status of Azure account

Return status of the account like credentials validity, inventory
synchronization status and inventory synchronization state
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/accounts/<account-id>/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/accounts/9174ffd1-41b1-42d6-a28d/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureAccountStatus+

Example Response: { "inventory_sync_status": "SYNCED", "credentials_status": "VALID", "inventory_sync_step": "NOT_APPLICABLE" } Required Permissions: read Feature: cloud_accounts Additional Errors:

Synchronizes Azure account inventory

Synchronizes Azure account related inventory like Regions, Virtual Networks,
Instances. Status of inventory synchronization can be known from Azure
account status api
Request:
Method:
POST
URI Path:
/api/v1/csm/azure/accounts/<account-id>?action=sync_inventory
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-csm>/api/v1/csm/azure/accounts/9174ffd1-41b1-42d6-a28d?action=sync_inventory Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: cloud_accounts Additional Errors:

Cloud Service Manager: Azure Gateways

Associated URIs:

Returns configuration information for all Azure gateways

Returns a list of Azure gateways with information about each gateway like
subnet configuration and corresponding virtual network. Optional query
parameters can be utilized to filter the list.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/gateways
Request Headers:
n/a
Query Parameters:
AzureGatewaysListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/gateways Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureGatewaysListResult+

Example Response: { "results": [ { "configuration": { "default_quarantine_policy_enabled": false, "nsx_manager_connection": "PRIVATE_IP", "is_ha_enabled": false, "gateway_ha_configuration": [], "dns_settings": { "dns_mode": "DHCP" }, "ssh_key": "ssh-rsa +SD2/sC/qQXtRj1fVShsolTrLtT5uIRWV3P+4fG2PNR6Wz0/QagHG/+jK8Acw== abc@xyz.com", "image_id": "https://abcxyz.windows.net/public-cloud-gateway/nsx-public-gateway.vhd" }, "vnet_id": "e8e719ff-6a40-48e2-8cf7" } ] } Required Permissions: read Feature: cloud_accounts Additional Errors:

Returns configuration of the Azure gateway

Returns configuration for primary gateway and secondary gateway for the
virtual network, if deployed gateways exist for the specified virtual
network.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/gateways/<vnet-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/gateways/e8e719ff-6a40-48e2-8cf7 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureGatewayDeployConfig+

Example Response: { "account_id": "28984eef-d296-4a40-979e", "configuration": { "default_quarantine_policy_enabled": false, "nsx_manager_connection": "PRIVATE_IP", "is_ha_enabled": false, "gateway_ha_configuration": [], "dns_settings": { "dns_mode": "DHCP" }, "ssh_key": "ssh-rsa +SD2/sC/qQXtRj1fVShsolTrLtT5uIRWV3P+4fG2PNR6Wz0/QagHG/+jK8Acw== abc@xyz.com", "image_id": "https://abcxyz.windows.net/public-cloud-gateway/nsx-public-gateway.vhd" }, "vnet_id": "e8e719ff-6a40-48e2-8cf7" } Required Permissions: read Feature: cloud_accounts Additional Errors:

Updates Azure gateway configuration

Updates configuration for primary gateway and secondary gateway for the
virutal network, if deployed gateways exist for the specified virtual network.
Request:
Method:
PUT
URI Path:
/api/v1/csm/azure/gateways/<vnet-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AzureGatewayDeployConfig+

Example Request: PUT https://<nsx-csm>/api/v1/csm/azure/gateways/e8e719ff-6a40-48e2-8cf7 { "account_id": "28984eef-d296-4a40-979e", "vnet_id": "e8e719ff-6a40-48e2-8cf7", "configuration": { "default_quarantine_policy_enabled": false } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureGatewayDeployConfig+

Example Response: { "account_id": "28984eef-d296-4a40-979e", "configuration": { "default_quarantine_policy_enabled": false, "nsx_manager_connection": "PRIVATE_IP", "is_ha_enabled": false, "gateway_ha_configuration": [], "dns_settings": { "dns_mode": "DHCP" }, "ssh_key": "ssh-rsa +SD2/sC/qQXtRj1fVShsolTrLtT5uIRWV3P+4fG2PNR6Wz0/QagHG/+jK8Acw== abc@xyz.com", "image_id": "https://abcxyz.windows.net/public-cloud-gateway/nsx-public-gateway.vhd", }, "vnet_id": "e8e719ff-6a40-48e2-8cf7" } Required Permissions: crud Feature: cloud_accounts Additional Errors:

Return the status of Azure gateway

Returns status information for primary gateway and secondary gateway
for the virtual network, if deployed gateways exist for the specified
virtual network ID.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/gateways/<vnet-id>/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/gateways/e8e719ff-6a40-48e2-8cf7/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureGatewayStatus+

Example Response: { "gateway_cluster_id": "7fe9e2fd-2dce-478f-84b4", "gateway_instances_status": [ { "gateway_tn_id": "1c95f5ea-1eec-11e8-9342", "deployment_step": "DEPLOYMENT_SUCCESSFUL", "public_ip": "1.2.3.4", "gateway_node_id": "1c95f5ea-1eec-11e8-9342", "gateway_status": "UP", "gateway_instance_id": "a61b6dea-46a4-4c09-9ada", "private_ip": "4.3.2.1", "gateway_ha_index": 0, "is_gateway_active": false, "gateway_name": "nsx-gw-customer-gateway" } ] } Required Permissions: read Feature: cloud_accounts Additional Errors:

Deploys gateway for the specified virtual network

All the required configuration to deploy Azure gateways will be absorbed
as a part of request body in this API and gateway deployment will be
triggered. Deployment progress can be known from GetAzureGatewayStatus API.
Upon successful deployment of a gateway, the deployment_step will be
DEPLOYMENT_SUCCESSFUL and gateway_status will be UP. If any error is
encountered during deployment, corresponding error_code and error_message
will be populated in gateway_instances_status
Request:
Method:
POST
URI Path:
/api/v1/csm/azure/gateways?action=deploy
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AzureGatewayDeployConfig+

Example Request: POST https://<nsx-csm>/api/v1/csm/azure/gateways?action=deploy { "account_id": "04e2a29a-90f9-4ce0-ae69", "vnet_id": "e8e719ff-6a40-48e2-8cf7", "configuration": { "image_id": "https://abcxyz.windows.net/public-cloud-gateway/nsx-public-gateway.vhd", "default_quarantine_policy_enabled": true, "nsx_manager_connection": "PRIVATE_IP", "is_ha_enabled": true, "ssh_key": "ssh-rsa +SD2/sC/qQXtRj1fVShsolTrLtT5uIRWV3P+4fG2PNR6Wz0/QagHG/+jK8Acw== abc@xyz.com", "gateway_ha_configuration": [ { "uplink_subnet": "uplink1", "management_subnet": "Mgmt", "downlink_subnet": "vtep1", "gateway_ha_index": 0, "public_ip_settings": { "ip_allocation_mode": "ALLOCATE_NEW", "public_ip": "1.2.3.4" } }, { "uplink_subnet": "uplink2", "management_subnet": "Mgmt", "downlink_subnet": "vtep2", "gateway_ha_index": 1, "public_ip_settings": { "ip_allocation_mode": "ALLOCATE_NEW", "public_ip": "4.3.2.1" } } ], "dns_settings": { "dns_mode": "DHCP", "dns_list": ["10.162.204.1", "10.166.1.1"] } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureGatewayDeployConfig+

Example Response: { "account_id": "28984eef-d296-4a40-979e", "configuration": { "image_id": "https://abcxyz.windows.net/public-cloud-gateway/nsx-public-gateway.vhd", "default_quarantine_policy_enabled": true, "nsx_manager_connection": "PRIVATE_IP", "is_ha_enabled": true, "ssh_key": "ssh-rsa +SD2/sC/qQXtRj1fVShsolTrLtT5uIRWV3P+4fG2PNR6Wz0/QagHG/+jK8Acw== abc@xyz.com", "gateway_ha_configuration": [ { "uplink_subnet": "uplink1", "management_subnet": "Mgmt", "downlink_subnet": "vtep1", "gateway_ha_index": 0, "public_ip_settings": { "public_ip": "1.2.3.4" } }, { "uplink_subnet": "uplink2", "management_subnet": "Mgmt", "downlink_subnet": "vtep2", "gateway_ha_index": 1, "public_ip_settings": { "public_ip": "4.3.2.1" } } ], "dns_settings": { "dns_mode": "DHCP", "dns_list": ["10.162.204.1", "10.166.1.1"] }, "vnet_id": "e8e719ff-6a40-48e2-8cf7" } Required Permissions: crud Feature: cloud_accounts Additional Errors:

Undeploys gateway for the specified virtual network

All the required configuration to undeploy Azure gateway will be absorbed
as a part of request body in this API and gateway undeployment will be
triggered. Undeployment progress can be known from GetAzureGatewayStatus
API. Upon successful undeployment of a gateway, the deployment_step will be
UNDEPLOYMENT_SUCCESSFUL and gateway_status will be NOT_AVAILABLE. If any
error is encountered during undeployment, corresponding error_code and
error_message will be populated in gateway_instances_status
Request:
Method:
POST
URI Path:
/api/v1/csm/azure/gateways?action=undeploy
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AzureGatewayUndeployConfig+

Example Request: POST https://<nsx-csm>/api/v1/csm/azure/gateways?action=undeploy { "account_id": "28984eef-d296-4a40-979e" "instance_id": "a61b6dea-46a4-4c09-9ada" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: cloud_accounts Additional Errors:

Cloud Service Manager: Azure Regions

Associated URIs:

Returns a list of Azure regions

Returns a list of Azure regions with information about each region like
gateway statistics, instance statistics and vnet statistics. Optional query
parameters can be utilized to filter the list.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/regions
Request Headers:
n/a
Query Parameters:
AzureRegionsListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/regions Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureRegionsListResult+

Example Response: { "cursor": "000002", "sort_ascending": true, "result_count": 2, "results": [ { "resource_type": "AzureRegion", "id": "westus", "display_name": "westus", "associated_account_ids": [ "28984eef-d296-4a40-979e" ], "vnet_stats": { "managed": 1, "unmanaged": 10 }, "gateway_stats": { "deploying": 0, "up": 1, "down": 0 }, "instance_stats": { "total": 17, "managed": 0, "unmanaged": 8, "error": 0, "powered_off": 9 }, "has_managed_vnet": true, "_protection": "NOT_PROTECTED" }, { "resource_type": "AzureRegion", "id": "eastus2", "display_name": "eastus2", "associated_account_ids": [], "vnet_stats": { "managed": 0, "unmanaged": 0 }, "gateway_stats": { "deploying": 0, "up": 0, "down": 0 }, "instance_stats": { "total": 0, "managed": 0, "unmanaged": 0, "error": 0, "powered_off": 0 }, "_protection": "NOT_PROTECTED" } ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Returns information about a particular Azure region

Returns information about Azure region like gateway statistics, instance
statistics and vnet statistics.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/regions/<region-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/regions/westus Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureRegion+

Example Response: { "resource_type": "AzureRegion", "id": "westus", "display_name": "westus", "associated_account_ids": [ "28984eef-d296-4a40-979e" ], "vnet_stats": { "managed": 1, "unmanaged": 10 }, "gateway_stats": { "deploying": 0, "up": 1, "down": 0 }, "instance_stats": { "total": 17, "managed": 0, "unmanaged": 8, "error": 0, "powered_off": 9 }, "has_managed_vnet": true, "_protection": "NOT_PROTECTED" } Required Permissions: read Feature: cloud_resources Additional Errors:

Cloud Service Manager: Azure Resources

Associated URIs:

Returns a list of Azure public IPs

Returns a list of Azure public IPs. These ip addresses are available
to be allocated.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/public-ips
Request Headers:
n/a
Query Parameters:
AzurePublicIpListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/public-ips? account_id=7324800c-a41a-4cb4-b988-51fa3d093397®ion_id=westus Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzurePublicIpListResult+

Example Response: { "results": [ "104.209.46.64", "104.40.87.204", "40.112.184.178", "13.91.55.98" ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Returns a list of Azure Storage Accounts

Request:
Method:
GET
URI Path:
/api/v1/csm/azure/storage-accounts
Request Headers:
n/a
Query Parameters:
AzureStorageAccountsListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/storage-accounts? account_id=7324800c-a41a-4cb4-b988®ion_id=westus Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureStorageAccountList+

Example Response: { "results": [ { "name": "storage-account-1" }, { "name": "storage-account-2" }, { "name": "storage-account-3" } ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Returns a list of Azure subnets

Returns a list Azure subnets with information about each subnet like ID,
virtual network ID and address space
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/subnets
Request Headers:
n/a
Query Parameters:
AzureSubnetListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/subnets? account_id=7324800c-a41a-4cb4-b988®ion_id=westus&vnet_id=3054a504-4c09-4df7-8420 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureSubnetListResult+

Example Response: { "results": [ { "display_name": "vtep1", "address_space": "172.20.10.0/24", "vnet_id": "3054a504-4c09-4df7-8420", "id": "/subscriptions/1234567890/resourceGroups/NSX-Vnet-3-RG/providers/Microsoft.Network/virtualNetworks/NSX-Vnet-3/subnets/vtep1" }, { "display_name": "vtep2", "address_space": "172.20.11.0/24", "vnet_id": "3054a504-4c09-4df7-8420", "id": "/subscriptions/1234567890/resourceGroups/NSX-Vnet-3-RG/providers/Microsoft.Network/virtualNetworks/NSX-Vnet-3/subnets/vtep2" } ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Cloud Service Manager: Azure Vnets

Associated URIs:

Returns a list of Azure virtual networks

Returns a list of Azure virtual networks with information about each
virtual network like IPv4 CIDR, gateway information and transport zones.
Optional query parameters can be utilized to filter the list.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/vnets
Request Headers:
n/a
Query Parameters:
AzureVnetListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/vnets Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureVnetListResult+

Example Response: { "cursor": "000002", "sort_ascending": true, "result_count": 2, "results": [ { "resource_type": "AzureVnet", "id": "3054a504-4c09-4df7-8420", "display_name": "NSX-Vnet-1", "cidr_blocks": [ "10.59.1.224/28", "172.20.10.0/24", "172.20.11.0/24", "172.20.12.0/24", "172.20.13.0/24", "172.20.14.0/24" ], "resource_group": "NSX-Vnet-1-RG", "associated_account_ids": [ "28984eef-d296-4a40-979e" ], "region_id": "westus", "resource_id": "/subscriptions/1234567890/resourceGroups/NSX-Vnet-1-RG/providers/Microsoft.Network/virtualNetworks/NSX-Vnet-1", "instance_stats": { "total": 6, "managed": 0, "unmanaged": 5, "error": 0, "powered_off": 1 }, "op_status": "NSX_UNMANAGED", "gateway_info": { "gateway_status": { "gateway_cluster_id": "" } }, "is_management_vnet": false, "_protection": "NOT_PROTECTED" }, { "resource_type": "AzureVnet", "id": "e8e719ff-6a40-48e2-8cf7", "display_name": "NSX-Int-Vnet-Ind-3", "cidr_blocks": [ "10.59.4.112/28", "172.18.35.0/24", "172.18.36.0/24", "172.18.37.0/24", "172.18.38.0/24", "172.18.39.0/24" ], "resource_group": "NSX-Vnet-2-RG", "associated_account_ids": [ "28984eef-d296-4a40-979e" ], "transport_zones": [ { "is_underlay_transport_zone": false, "logical_switches": [ { "is_default_logical_switch": false, "instances_count": 0, "nsx_switch_tag": "a2aad0f1-a48a-474b-8423-41767f538ee0#/E=", "logical_switch_display_name": "DefaultSwitch-Overlay-NSX-Vnet-2", "logical_switch_id": "ls54321" } ], "transport_zone_id": "tz54321", "transport_zone_display_name": "NSX-Vnet-2-Overlay" }, { "is_underlay_transport_zone": true, "logical_switches": [ { "is_default_logical_switch": true, "instances_count": 0, "nsx_switch_tag": "default", "logical_switch_display_name": "DefaultSwitch-VLAN-NSX-Vnet-2", "logical_switch_id": "ls12345" } ], "transport_zone_id": "tz12345", "transport_zone_display_name": "NSX-Vnet-2-VLAN" } ], "region_id": "westus", "resource_id": "/subscriptions/1234567890/resourceGroups/NSX-Vnet-2-RG/providers/Microsoft.Network/virtualNetworks/NSX-Vnet-2", "instance_stats": { "total": 6, "managed": 0, "unmanaged": 6, "error": 0, "powered_off": 0 }, "op_status": "NSX_MANAGED", "gateway_info": { "configuration": { "default_quarantine_policy_enabled": false, "nsx_manager_connection": "PRIVATE_IP", "is_ha_enabled": false, "gateway_ha_configuration": [], "dns_settings": { "dns_mode": "DHCP" }, "ssh_key": "abcxyzabcxyz", "image_id": "https://abcxyz.windows.net/public-cloud-gateway2/nsx-public-gateway.vhd" }, "gateway_status": { "gateway_cluster_id": "abc123", "gateway_instances_status": [ { "gateway_tn_id": "abcde12345", "deployment_step": "DEPLOYMENT_SUCCESSFUL", "public_ip": "1.2.3.4", "gateway_node_id": "12345abcde", "gateway_status": "UP", "gateway_instance_id": "abcde12345", "private_ip": "4.3.2.1", "gateway_ha_index": 0, "is_gateway_active": false, "gateway_name": "nsx-gw-test" } ] } }, "is_management_vnet": false, "_protection": "NOT_PROTECTED" } ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Returns information about a particular Azure virtual network

Returns information about Azure region like virtual network like IPv4 CIDR,
gateway information and transport zones.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/vnets/<vnet-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/vnets/41e9e760-1c60-4b35-89c2 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureVnet+

Example Response: { "resource_type": "AzureVnet", "id": "41e9e760-1c60-4b35-89c2", "display_name": "NSX-Vnet-1", "cidr_blocks": [ "10.59.4.80/28", "172.18.25.0/24", "172.18.26.0/24", "172.18.27.0/24", "172.18.28.0/24", "172.18.29.0/24" ], "resource_group": "NSX-Vnet-1-RG", "associated_account_ids": [ "28984eef-d296-4a40-979e" ], "region_id": "westus", "resource_id": "/subscriptions/1234567890/resourceGroups/NSX-Vnet-1-RG/providers/Microsoft.Network/virtualNetworks/NSX-Vnet-1", "instance_stats": { "total": 1, "managed": 0, "unmanaged": 1, "error": 0, "powered_off": 0 }, "op_status": "NSX_UNMANAGED", "gateway_info": { "gateway_status": { "gateway_cluster_id": "" } }, "is_management_vnet": false, "_protection": "NOT_PROTECTED" } Required Permissions: read Feature: cloud_resources Additional Errors:

Cloud Service Manager: Cloud Service Manager

Associated URIs:

Return Csm status information

Request:
Method:
GET
URI Path:
/api/v1/csm/csmstatus
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/csmstatus Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CsmStatus+

Example Response: { "id": "a180989d-48fa-4624-af84-d3c7f120d383", "display_name": "CSM Instance", "ip_address": "192.168.122.1", "version": "1.0", "managed_by_vmware": true, "supported_clouds": [ { "cloud_type": "aws" } ] } Required Permissions: read Feature: csm_node_config Additional Errors:

Cloud Service Manager: Nsx Manager Accounts

Associated URIs:

Returns a list of NSX Manager accounts

Request:
Method:
GET
URI Path:
/api/v1/csm/nsx-manager-accounts
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/nsx-manager-accounts Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NsxManagerAccountsListResult+

Example Response: { "results": [ { "id": "a491bc83-5fc8-4e05-adb1-af8274422141", "public_ip": "34.208.244.2", "tenant_id": "345", "thumbprint": "12a76e1ff8d7d6d95ce02dddece11134e402bc436454b7bf4fa61a28418330a1", "username": "admin" } ] } Required Permissions: read Feature: nsx_integration Additional Errors:

Create a NSX Manager account

Request:
Method:
POST
URI Path:
/api/v1/csm/nsx-manager-accounts
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NsxManagerAccount+

Example Request: POST https://<nsx-csm>/api/v1/csm/nsx-manager-accounts { "tenant_id": "345", "public_ip": "34.208.244.2", "thumbprint": "12a76e1ff8d7d6d95ce02dddece11134e402bc436454b7bf4fa61a28418330a1", "username": "admin", "password": "12423dsgfe3" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NsxManagerAccount+

Example Response: { "id": "a491bc83-5fc8-4e05-adb1-af8274422141", "tenant_id": "345", "public_ip": "34.208.244.2", "thumbprint": "12a76e1ff8d7d6d95ce02dddece11134e402bc436454b7bf4fa61a28418330a1", "username": "admin" } Required Permissions: crud Feature: nsx_integration Additional Errors:

Returns the particular NSX Manager account information

Request:
Method:
GET
URI Path:
/api/v1/csm/nsx-manager-accounts/<account-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/nsx-manager-accounts/a491bc83-5fc8-4e05-adb1-af8274422141 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NsxManagerAccount+

Example Response: { "id": "a491bc83-5fc8-4e05-adb1-af8274422141", "public_ip": "34.208.244.2", "tenant_id": "345", "thumbprint": "12a76e1ff8d7d6d95ce02dddece11134e402bc436454b7bf4fa61a28418330a1", "username": "admin" } Required Permissions: read Feature: nsx_integration Additional Errors:

Delete a NSX Manager account

Request:
Method:
DELETE
URI Path:
/api/v1/csm/nsx-manager-accounts/<account-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-csm>/api/v1/csm/nsx-manager-accounts/a491bc83-5fc8-4e05-adb1-af8274422141 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: nsx_integration Additional Errors:

Update a NSX Manager account

Request:
Method:
PUT
URI Path:
/api/v1/csm/nsx-manager-accounts/<account-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NsxManagerAccount+

Example Request: PUT https://<nsx-csm>/api/v1/csm/nsx-manager-accounts/a491bc83-5fc8-4e05-adb1-af8274422141 { "public_ip": "52.1.1.12", "thumbprint": "12a76e1ff8d7d6d95ce02dddece11134e402bc436454b7bf4fa61a28418330a1", "username": "admin", "password": "12423dsgfe3" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NsxManagerAccount+

Example Response: { "id": "a491bc83-5fc8-4e05-adb1-af8274422141", "tenant_id": "123", "public_ip": "52.1.1.12", "thumbprint": "12a76e1ff8d7d6d95ce02dddece11134e402bc436454b7bf4fa61a28418330a1", "username": "New Name" } Required Permissions: crud Feature: nsx_integration Additional Errors:

Cloud Service Manager: Virtual Machines

Associated URIs:

Returns the list of all virtual machines created or imported under a particular account id. Supports optional query parameters like region id, vpc id, public_ip, is_gateway.

Request:
Method:
GET
URI Path:
/api/v1/csm/virtual-machines
Request Headers:
n/a
Query Parameters:
CloudVirtualMachinesListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/virtual-machines Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CloudVirtualMachinesListResult+

Example Response: { "cursor": "0003348", "sort_ascending": true, "result_count": 348, "results": [ { "description": "t2.micro", "id": "i-027c0b32cbe631ec9", "display_name": "vm-2", "is_gateway": false, "private_ip": "13.14.41.253", "cloud_tags": [], "os_type": "AMAZON_LINUX", "agent_status": "NO_AGENT", "os_details": "", "availability_zone": "us-west-2c", "vpc": "vpc-f4ddaf93" }, { "description": "c4.xlarge", "id": "i-0b62834659a30fc21", "display_name": "nsx-gw-vpc-c35dbaa4-preferred-active", "public_ip": "52.89.33.233", "is_gateway": true, "private_ip": "10.0.1.97", "is_gateway_active": true, "cloud_tags": [], "gateway_status": "UP", "os_type": "UBUNTU", "os_details": "LTS 14.04", "availability_zone": "us-west-2a", "vpc": "vpc-c35dbaa4" } ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Returns information about the particular virtual machine

Request:
Method:
GET
URI Path:
/api/v1/csm/virtual-machines/<virtual-machine-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/virtual-machines/i-027c0b32cbe631ec9 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsVirtualMachine+
AzureVirtualMachine+
CloudVirtualMachine+

Example Response: { "description": "t2.micro", "id": "i-027c0b32cbe631ec9", "display_name": "vm-2", "is_gateway": false, "private_ip": "13.14.41.253", "cloud_tags": [], "os_type": "AMAZON_LINUX", "agent_status": "NO_AGENT", "os_details": "", "availability_zone": "us-west-2c", "vpc": "vpc-f4ddaf93" } Required Permissions: read Feature: cloud_resources Additional Errors:

Error Resolver

Associated URIs:

Fetches a list of metadata for all the registered error resolvers

Returns a list of metadata for all the error resolvers registered.
Request:
Method:
GET
URI Path:
/csmapi/api/v1/error-resolver
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/error-resolver Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ErrorResolverInfoList+

Example Response: { "results": [ { "user_metadata": { "user_input_list": [ { "property_value": "1000", "property_name": "connectTimeout", "data_type": "NUMBER" } ] }, "error_id": 1002, "resolver_present": true }, { "user_metadata": {}, "error_id": 1001, "resolver_present": true } ] } Required Permissions: read Additional Errors:

Fetches metadata about the given error_id

Returns some metadata about the given error_id. This includes
information of whether there is a resolver present for the
given error_id and its associated user input data
Request:
Method:
GET
URI Path:
/csmapi/api/v1/error-resolver/<error_id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/error-resolver/1002 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ErrorResolverInfo+

Example Response: { "user_metadata": { "user_input_list": [ { "property_value": "1000", "property_name": "connectTimeout", "data_type": "NUMBER" } ] }, "error_id": 1002, "resolver_present": true } Required Permissions: read Additional Errors:

Resolves the error

Invokes the corresponding error resolver for the
given error(s) present in the payload
Request:
Method:
POST
URI Path:
/csmapi/api/v1/error-resolver?action=resolve_error
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ErrorResolverMetadataList+

Example Request: POST https://<nsx-mgr>/api/v1/error-resolver?action=resolve_error { "errors": [ { "user_metadata": { "user_input_list": [ { "property_value": "default", "property_name": "password", "data_type": "PASSWORD" }, { } ] }, "error_id": 1001, "entity_id": "a123-b234-c355-d3333" } ] } Successful Response:
Response Code:
204 No Content
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Additional Errors:

Licensing

Associated URIs:

Accept end user license agreement

Accept end user license agreement
Request:
Method:
POST
URI Path:
/csmapi/api/v1/eula/accept
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: execute Feature: system_eula Additional Errors:

Return the acceptance status of end user license agreement

Return the acceptance status of end user license agreement
Request:
Method:
GET
URI Path:
/csmapi/api/v1/eula/acceptance
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/eula/acceptance Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EULAAcceptance+

Example Response: { "acceptance": false } Required Permissions: read Feature: system_eula Additional Errors:

Return the content of end user license agreement

Return the content of end user license agreement in the specified format.
By default, it's pure string without line break
Request:
Method:
GET
URI Path:
/csmapi/api/v1/eula/content
Request Headers:
n/a
Query Parameters:
EULAOutputFormatRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/eula/content?format=html Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EULAContent+

Example Response: { "content": "End User License Agreement
" }
Required Permissions: read Feature: system_eula Additional Errors:

Deprecated. Assign an Updated Enterprise License Key (Deprecated)

Deprecated. Use the POST /licenses API instead
Request:
Method:
PUT
URI Path:
/csmapi/api/v1/license
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
License+

Example Request: PUT https://<nsx-mgr>/api/v1/license { "license_key": "00000-00000-00000-00000-00000" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
License+

Example Response: { "capacity_type": "CPU", "is_expired": false, "quantity": 4, "is_eval": false, "description": "NSX for vSphere - Standard", "expiry": 0, "license_key": "00000-00000-00000-00000-00000" } Required Permissions: crud Feature: system_configuration_license Additional Errors:

Deprecated. Return the Enterprise License (Deprecated)

Deprecated. Use the GET /licenses API instead.
Request:
Method:
GET
URI Path:
/csmapi/api/v1/license
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/license Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
License+

Example Response: { "capacity_type": "VM", "is_expired": false, "quantity": 5, "is_eval": false, "description": "NSX for vSphere - Enterprise", "expiry": 0, "license_key": "00000-00000-00000-00000-00000" } Required Permissions: read Feature: system_configuration_license Additional Errors:

Get all licenses

Returns all licenses.
Request:
Method:
GET
URI Path:
/csmapi/api/v1/licenses
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/licenses Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LicensesListResult+

Example Response: { "result_count": 2, "results": [ { "capacity_type": "VM", "is_expired": false, "quantity": 5, "is_eval": false, "description": "NSX for vSphere - Enterprise", "expiry": 0, "license_key": "00000-00000-00000-00000-00000" }, { "capacity_type": "CPU", "is_expired": false, "quantity": 4, "is_eval": false, "description": "NSX for vSphere - Standard", "expiry": 0, "license_key": "00000-00000-00000-00000-00000" } ] } Required Permissions: read Feature: system_configuration_license Additional Errors:

Add a new license key

This will add a license key to the system.
The API supports adding only one license key for each license edition
type - Standard, Advanced or Enterprise. If a new license key is tried
to add for an edition for which the license key already exists,
then this API will return an error.
Request:
Method:
POST
URI Path:
/csmapi/api/v1/licenses
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
License+

Example Request: POST https://<nsx-mgr>/api/v1/licenses { "license_key": "11111-22222-33333-44444-55555" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
License+

Example Response: { "capacity_type": "VM" "quantity": 1, "is_eval": false, "description" : "NSX for vSphere - Standard" "expiry": 1458688231359, "license_key": "11111-22222-33333-44444-55555" } Required Permissions: crud Feature: system_configuration_license Additional Errors:

Deprecated. Get license properties for license identified by the license-key (Deprecated)

Deprecated. Use GET /licenses API instead. Request:
Method:
GET
URI Path:
/csmapi/api/v1/licenses/<license-key>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/licenses/11111-22222-33333-44444-55555 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
License+

Example Response: { "capacity_type": "VM", "is_expired": false, "quantity": 5, "is_eval": false, "description": "NSX for vSphere - Enterprise", "expiry": 0, "license_key": "11111-22222-33333-44444-55555" } Required Permissions: read Feature: system_configuration_license Additional Errors:

Deprecated. Remove a license identified by the license-key (Deprecated)

Deprecated. Use POST /licenses?action=delete API instead.
Request:
Method:
DELETE
URI Path:
/csmapi/api/v1/licenses/<license-key>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/licenses/11111-22222-33333-44444-55555 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: system_configuration_license Additional Errors:

Get usage report of all registered modules

Returns usage report of all registered modules
Request:
Method:
GET
URI Path:
/csmapi/api/v1/licenses/licenses-usage
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/licenses/licenses-usage Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FeatureUsageList+

Example Response: { "feature_usage_info": [{ "capacity_usage": [{ "capacity_type": "VM", "usage_count": 10 }, { "capacity_type": "CPU", "usage_count": 10 }], "feature": "VxLAN" }, { "capacity_usage": [{ "capacity_type": "VM", "usage_count": 10 }, { "capacity_type": "CPU", "usage_count": 10 }], "feature": "DFW" }] } Required Permissions: read Feature: system_configuration_license Additional Errors:

Get usage report of all registred modules in CSV format

Returns usage report of all registered modules in CSV format
Request:
Method:
GET
URI Path:
/csmapi/api/v1/licenses/licenses-usage?format=csv
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/licenses/licenses-usage?format=csv Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: text/csv
Response Body:
FeatureUsageListInCsvFormat+

Example Response: feature,vm_usage_count,cpu_usage_count DFW,10,8 VXLAN,10,10 Required Permissions: read Feature: system_configuration_license Additional Errors:

Remove a license

This will delete the license key identified in the request body
by "license_key" and its properties from the system.
Attempting to delete the last license key will result in an error.
Request:
Method:
POST
URI Path:
/csmapi/api/v1/licenses?action=delete
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
License+

Example Request: POST https://<nsx-mgr>/api/v1/licenses?action=delete { "license_key": "11111-22222-33333-44444-55555" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: system_configuration_license Additional Errors:

Accept end user license agreement

Accept end user license agreement
Request:
Method:
POST
URI Path:
/api/v1/upgrade/eula/accept
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: execute Feature: system_eula Additional Errors:

Return the acceptance status of end user license agreement

Return the acceptance status of end user license agreement
Request:
Method:
GET
URI Path:
/api/v1/upgrade/eula/acceptance
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/eula/acceptance Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EULAAcceptance+

Example Response: { "acceptance": false } Required Permissions: read Feature: system_eula Additional Errors:

Return the content of end user license agreement

Return the content of end user license agreement in the specified format.
By default, it's pure string without line break
Request:
Method:
GET
URI Path:
/api/v1/upgrade/eula/content
Request Headers:
n/a
Query Parameters:
EULAOutputFormatRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/eula/content?format=html Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EULAContent+

Example Response: { "content": "End User License Agreement
" }
Required Permissions: read Feature: system_eula Additional Errors:

Nsx Component Administration

Nsx Component Administration: Appliance

Associated URIs:

NodeMode

Returns current Node Mode.
Request:
Method:
GET
URI Path:
/api/v1/node/mode
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/mode Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeMode+

Example Response: { "mode_id": "VMC" } Required Permissions: read Feature: system_administration Additional Errors:

Nsx Component Administration: Appliance Management

Associated URIs:

Collect audit logs from registered manager nodes

This API is executed on a manager node to display audit logs from all nodes
inside the management plane cluster. An audit log collection will be
triggered if the local master audit log is outdated.
Request:
Method:
POST
URI Path:
/api/v1/administration/audit-logs
Request Headers:
n/a
Query Parameters:
AuditLogQueryParameters+
Request Body:
AuditLogRequest+

Example Request: POST https://<nsx-mgr>/api/v1/administration/audit-logs?page_size=1 { "log_age_limit": 1, "log_filter": "", "log_filter_type": "TEXT" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AuditLogListResult+

Example Response: { "last_full_sync_timestamp": "2017-12-13T19:23:57.042633Z", "cursor": 1457, "result_count": 1, "results": [ { "appname": "NSX", "facility": 22, "full_log": "<182>1 2017-12-11T19:51:39.819Z junjiex-nsxmanager-sb-12479759-1-test7 NSX - SYSTEM [nsx@6876 audit=\"true\" comp=\"nsx-manager\" subcomp=\"manager\"] UserName:'admin@10.2.106.238', ModuleName:'ACCESS_CONTROL', Operation:'LOGIN', Operation status:'success'", "hostname": "junjiex-nsxmanager-sb-12479759-1-test7", "message": "UserName:'admin@10.2.106.238', ModuleName:'ACCESS_CONTROL', Operation:'LOGIN', Operation status:'success'", "msgid": "SYSTEM", "priority": 6, "procid": "-", "struct_data": { "audit": "true", "comp": "nsx-manager", "subcomp": "manager" }, "timestamp": "2017-12-11T19:51:39.819Z", "version": "1" } ] } Required Permissions: read Feature: system_log Additional Errors:

Collect support bundles from registered cluster and fabric nodes

Collect support bundles from registered cluster and fabric nodes. Request:
Method:
POST
URI Path:
/api/v1/administration/support-bundles?action=collect
Request Headers:
n/a
Query Parameters:
SupportBundleQueryParameter+
Request Body:
SupportBundleRequest+

Example Request: POST https://<nsx-mgr>/api/v1/administration/support-bundles?action=collect { "nodes": ["d7c33930-964c-42ca-851f-0d15c3c25fe2"] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SupportBundleResult+

Example Response: Headers Content-Disposition: attachment;filename=nsx_support_archive_20170818_002715.tar Content-Type: application/octet-stream Date: Thu, 18 Aug 2017 00:28:07 GMT Server: NSX Manager Transfer-Encoding: chunked Vmw-Task-Id: 420bbcef-fbde-66b2-8c28-f15bd2b7bc3c_791c820f-6e84-47c7-aa87-b40be387a684 Required Permissions: read Feature: system_support_bundle Additional Errors:

Invoke POST request on target cluster node

Request:
Method:
POST
URI Path:
/api/v1/cluster/<target-node-id>/<target-uri>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: none Feature: system_administration Additional Errors:

Invoke PUT request on target cluster node

Request:
Method:
PUT
URI Path:
/api/v1/cluster/<target-node-id>/<target-uri>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: none Feature: system_administration Additional Errors:

Invoke DELETE request on target cluster node

Request:
Method:
DELETE
URI Path:
/api/v1/cluster/<target-node-id>/<target-uri>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: none Feature: system_administration Additional Errors:

Invoke GET request on target cluster node

Request:
Method:
GET
URI Path:
/api/v1/cluster/<target-node-id>/<target-uri>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: none Feature: system_administration Additional Errors:

Invoke GET request on target fabric node

Request:
Method:
GET
URI Path:
/api/v1/fabric/nodes/<target-node-id>/<target-uri>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: none Feature: system_administration Additional Errors:

Invoke POST request on target fabric node

Request:
Method:
POST
URI Path:
/api/v1/fabric/nodes/<target-node-id>/<target-uri>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: none Feature: system_administration Additional Errors:

Invoke DELETE request on target fabric node

Request:
Method:
DELETE
URI Path:
/api/v1/fabric/nodes/<target-node-id>/<target-uri>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: none Feature: system_administration Additional Errors:

Invoke PUT request on target fabric node

Request:
Method:
PUT
URI Path:
/api/v1/fabric/nodes/<target-node-id>/<target-uri>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: none Feature: system_administration Additional Errors:

Collect alarms from all NSX nodes (Experimental)

This API is executed on a manager node to return current alarms from all NSX nodes.
Request:
Method:
GET
URI Path:
/api/v1/hpm/alarms
Request Headers:
n/a
Query Parameters:
AlarmQueryParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/hpm/alarms Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AlarmListResult+

Example Response: { "cursor": 0, "result_count": 2, "results": [ { "id": "vmwNSXRoutingBgpNeighborStatus_80956404", "message": "BGP neighbor 00005000-0000-0003-0000-000000000002 with IP 40.40.40.10 status changed to down.", "severity": 3, "source_comp_id": "73fc267f9a7-11e7-a6dd-02004b9e97c4", "source_comp": "nsx-edge", "source_subcomp": "dcsms.msr", "sources": { "id": "00005000-0000-0003-0000-000000000002", "ip_address": "40.40.40.10" }, "state": 1, "timestamp": 1517533690 }, { "id": "vmwNSXPlatformSysDiskUsage_13571574", "message": "Disk usage for varlog partition is 90% for more than 10 minutes", "severity": 3, "source_comp_id": "420af0be-a4e0-caa8-5105-8627fd754a3f", "source_comp": "nsx-manager", "source_subcomp": "node_monitor", "sources": { "mount": "varlog" }, "state": 1, "timestamp": 1517940120 } ] } Required Permissions: read Feature: system_log Additional Errors:

Read node properties

Returns information about the NSX Manager appliance. Information includes
release number, time zone, system time, kernel version, message of the day
(motd), and host name.
Request:
Method:
GET
URI Path:
/api/v1/node
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeProperties+

Example Response: { "cli_timeout": 600, "export_type": "UNRESTRICTED", "hostname": "VMware_NSX_Manager", "kernel_version": "3.14.17-nn1-server", "motd": "", "node_version": "1.0.0.0.0.3063398", "system_time": 1442277320585, "timezone": "Etc/UTC" } Required Permissions: read Feature: system_administration Additional Errors:

Update node properties

Modifies NSX Manager appliance properties. Modifiable properties include the
timezone, message of the day (motd), and hostname. The NSX Manager
node_version, system_time, and kernel_version are read only and cannot be
modified with this method.
Request:
Method:
PUT
URI Path:
/api/v1/node
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NodeProperties+

Example Request: PUT https://<nsx-mgr>/api/v1/node { "motd":"Welcome to the NSX Manager" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeProperties+

Example Response: { "cli_timeout": 600, "hostname": "VMware_NSX_Manager", "kernel_version": "3.14.17-nn1-server", "motd": "Welcome to the NSX Manager", "node_version": "1.0.0.0.0.3063398", "system_time": 1442277530217, "timezone": "Etc/UTC" } Required Permissions: crud Feature: system_administration Additional Errors:

Read AAA provider vIDM properties

Request:
Method:
GET
URI Path:
/api/v1/node/aaa/providers/vidm
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/aaa/providers/vidm Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeAuthProviderVidmProperties+

Example Response: { "vidm_enable": true, "host_name": "jt-vidm.eng.vmware.com", "thumbprint": "898b75618e3e56615d53f987a720ff22b6381f4b85bec1eb973214ff7361f8b8", "client_id": "OAuth2Client_NsxClientId", "node_host_name": "jt-nsx.eng.vmware.com" } Required Permissions: read Feature: users_configuration Additional Errors:

Update AAA provider vIDM properties

Request:
Method:
PUT
URI Path:
/api/v1/node/aaa/providers/vidm
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NodeAuthProviderVidmProperties+

Example Request: PUT https://<nsx-mgr>/api/v1/node/aaa/providers/vidm { "vidm_enable": true, "host_name": "jt-vidm.eng.vmware.com", "thumbprint": "898b75618e3e56615d53f987a720ff22b6381f4b85bec1eb973214ff7361f8b8", "client_id": "OAuth2Client_NsxClientId", "client_secret": "OAuth2Client_NsxClientSecret", "node_host_name": "jt-nsx.eng.vmware.com" } Successful Response:
Response Code:
202 Accepted
Response Headers:
Content-type: application/json
Response Body:
NodeAuthProviderVidmProperties+

Example Response: { "vidm_enable": true, "host_name": "jt-vidm.eng.vmware.com", "thumbprint": "898b75618e3e56615d53f987a720ff22b6381f4b85bec1eb973214ff7361f8b8", "client_id": "OAuth2Client_NsxClientId", "node_host_name": "jt-nsx.eng.vmware.com" } Required Permissions: crud Feature: users_configuration Additional Errors:

Read AAA provider vIDM status

Request:
Method:
GET
URI Path:
/api/v1/node/aaa/providers/vidm/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/aaa/providers/vidm/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeAuthProviderVidmStatus+

Example Response: { "vidm_enable": true, "runtime_state": "ALL_OK" } Required Permissions: read Feature: users_configuration Additional Errors:

List node files

Request:
Method:
GET
URI Path:
/api/v1/node/file-store
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/file-store Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FilePropertiesListResult+

Example Response: { "_schema": "FilePropertiesListResult", "_self": "/node/file-store", "result_count": 2, "results": [ { "_schema": "FileProperties", "_self": "/node/file-store/test1.txt", "created_epoch_ms": 1457048893748, "modified_epoch_ms": 1457048860639, "name": "test1.txt", "size": 71 }, { "_schema": "FileProperties", "_self": "/node/file-store/test.txt", "created_epoch_ms": 1457048848624, "modified_epoch_ms": 1457048560936, "name": "test.txt", "size": 50 } ] } Required Permissions: read Feature: system_administration Additional Errors:

Read file properties

Request:
Method:
GET
URI Path:
/api/v1/node/file-store/<file-name>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/file-store/test1.txt Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FileProperties+

Example Response: { "_schema": "FileProperties", "_self": "/node/file-store/test1.txt", "created_epoch_ms": 1457049714901, "modified_epoch_ms": 1457048860639, "name": "test1.txt", "size": 71 } Required Permissions: read Feature: system_administration Additional Errors:

Delete file

Request:
Method:
DELETE
URI Path:
/api/v1/node/file-store/<file-name>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: system_administration Additional Errors:

Upload a file to the file store

When you issue this API, the client must specify:
- HTTP header Content-Type:application/octet-stream.
- Request body with the contents of the file in the filestore.
In the CLI, you can view the filestore with the get files command.
Request:
Method:
POST
URI Path:
/api/v1/node/file-store/<file-name>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node/file-store/test.txt This is a sentence that is added to the file test.txt. Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
FileProperties+

Example Response: { "_schema": "FileProperties", "_self": "/node/file-store/test.txt", "created_epoch_m