Overview
agent
auditctx
cloudaccount
- GETGet a cloud account by name
- DELDelete an cloud account by name
- PATCHPerform a Patch on a cloud account by name
- GETGet all cloud accounts
- POSTCreate a cloud account
- POSTGet all cloud accounts based on a query
- GETGet the access report for a cloud account by name
- GETGet available permissions for a cloud account resource type
domain
group
gvc
identity
- GETGet an identity by GVC and name
- DELDelete an identity by GVC and name
- PATCHPerform a Patch on an identity by name
- GETGet all identities in a GVC
- POSTCreate an identity
- GETGet all identities from all GVCs
- POSTGet all GVC identities based on a query
- GETGet the access report for an identity by GVC and name
- GETGet available permissions for an identity
image
location
org
policy
quota
secret
- GETGet a secret by name
- DELDelete a secret by name
- PATCHPerform a Patch on a secret by name
- GETGet all secrets
- POSTCreate a secret
- GETGet the sensitive content of a secret by name
- POSTGet all secrets based on a query
- GETGet the access report for a secret by name
- GETGet available permissions for a secret resource type
serviceaccount
- GETGet a service account by name
- DELDelete a service account by name
- PATCHPerform a Patch on a service account by name
- GETGet all service accounts
- POSTCreate a service account
- POSTGet all service accounts based on a query
- GETGet the access report for a service account by name
- POSTAdd a key to a service account
- GETGet available permissions for a service account resource type
task
user
volumeset
- GETGet a volumeset by GVC and name
- DELDelete a volumeset by name
- PATCHPerform a Patch on a volumeset by name
- GETList volumesets in a GVC you are authorized to view
- POSTCreate a volumeset
- GETGet all volumesets
- POSTGet all volumesets based on a query
- GETGet the access report for a volumeset by GVC and name
- GETGet available permissions for a volumeset resource type
workload
- GETGet a workload by GVC and name
- DELDelete a workload by name
- PATCHPerform a Patch on a workload by name
- GETGet a deployment by GVC, workload and name
- GETList workloads in a GVC you are authorized to view
- POSTCreate a workload
- GETGet all workloads
- GETList deployments in a workload
- POSTGet all workloads based on a query
- GETGet the access report for a workload by GVC and name
- GETGet available permissions for a workload resource type
Perform a Patch on a workload by name
Service account key can be used as API keys
The identityLink is used as the access scope for 3rd party cloud resources. A single identity can provide access to multiple cloud providers.
The list of public hostnames that this workload is allowed to reach. No outbound access is allowed by default. A wildcard '' is allowed on the prefix of the hostname only, ex: '.amazonaws.com'. Use 'outboundAllowCIDR' to allow access to all external websites (not recommended). The ports 80, 443 & 445 are allowed by default. This can be modified using the outboundAllowPort setting.
Allow outbound access to specific ports and protocols. When not specified, communication to address ranges in outboundAllowCIDR is allowed on all ports and communication to names in outboundAllowHostname is allowed on ports 80/443.
The list of ipv4/ipv6 addresses or cidr blocks that this workload is allowed reach. No outbound access is allowed by default. Specify '0.0.0.0/0' to allow outbound access to the public internet (not recommended).
The external firewall is used to control access to and from the public internet.
The list of public hostnames that this workload is allowed to reach. No outbound access is allowed by default. A wildcard '' is allowed on the prefix of the hostname only, ex: '.amazonaws.com'. Use 'outboundAllowCIDR' to allow access to all external websites (not recommended). The ports 80, 443 & 445 are allowed by default. This can be modified using the outboundAllowPort setting.
Allow outbound access to specific ports and protocols. When not specified, communication to address ranges in outboundAllowCIDR is allowed on all ports and communication to names in outboundAllowHostname is allowed on ports 80/443.
The list of ipv4/ipv6 addresses or cidr blocks that this workload is allowed reach. No outbound access is allowed by default. Specify '0.0.0.0/0' to allow outbound access to the public internet (not recommended).
Used to control the internal firewall configuration and mutual tls. 'none': no access is allowed between this workload and other workloads on Control Plane. 'same-gvc': workloads running on the same Global Virtual Cloud are allowed to access this workload internally. 'same-org': workloads running on the same Control Plane Organization are allowed to access this workload internally. 'workload-list': specific workloads provided in the 'inboundAllowWorkload' array are allowed to access this workload internally.
A list of specific workloads which are allowed to access this workload internally.
The internal firewall is used to control access between workloads.
Used to control the internal firewall configuration and mutual tls. 'none': no access is allowed between this workload and other workloads on Control Plane. 'same-gvc': workloads running on the same Global Virtual Cloud are allowed to access this workload internally. 'same-org': workloads running on the same Control Plane Organization are allowed to access this workload internally. 'workload-list': specific workloads provided in the 'inboundAllowWorkload' array are allowed to access this workload internally.
A list of specific workloads which are allowed to access this workload internally.
Optional control of inbound and outbound access to the workload for external (public) and internal (service to service) traffic. Access is restricted by default.
The external firewall is used to control access to and from the public internet.
The list of public hostnames that this workload is allowed to reach. No outbound access is allowed by default. A wildcard '' is allowed on the prefix of the hostname only, ex: '.amazonaws.com'. Use 'outboundAllowCIDR' to allow access to all external websites (not recommended). The ports 80, 443 & 445 are allowed by default. This can be modified using the outboundAllowPort setting.
Allow outbound access to specific ports and protocols. When not specified, communication to address ranges in outboundAllowCIDR is allowed on all ports and communication to names in outboundAllowHostname is allowed on ports 80/443.
The list of ipv4/ipv6 addresses or cidr blocks that this workload is allowed reach. No outbound access is allowed by default. Specify '0.0.0.0/0' to allow outbound access to the public internet (not recommended).
The internal firewall is used to control access between workloads.
Used to control the internal firewall configuration and mutual tls. 'none': no access is allowed between this workload and other workloads on Control Plane. 'same-gvc': workloads running on the same Global Virtual Cloud are allowed to access this workload internally. 'same-org': workloads running on the same Control Plane Organization are allowed to access this workload internally. 'workload-list': specific workloads provided in the 'inboundAllowWorkload' array are allowed to access this workload internally.
A list of specific workloads which are allowed to access this workload internally.
Set defaultOptions for the workload in all Control Plane Locations.
A standard cron schedule expression used to determine when your job should execute.
Either 'Forbid' or 'Replace'. This determines what Control Plane will do when the schedule requires a job to start, while a prior instance of the job is still running.
The maximum number of completed job instances to display. This should be an integer between 1 and 10.
Either 'OnFailure' or 'Never'. This determines what Control Plane will do when a job instance fails.
The maximum number of seconds Control Plane will wait for the job to complete. If a job does not succeed or fail in the allotted time, Control Plane will stop the job, moving it into the Removed status.
A standard cron schedule expression used to determine when your job should execute.
Either 'Forbid' or 'Replace'. This determines what Control Plane will do when the schedule requires a job to start, while a prior instance of the job is still running.
The maximum number of completed job instances to display. This should be an integer between 1 and 10.
Either 'OnFailure' or 'Never'. This determines what Control Plane will do when a job instance fails.
The maximum number of seconds Control Plane will wait for the job to complete. If a job does not succeed or fail in the allotted time, Control Plane will stop the job, moving it into the Removed status.
If this is enabled, Control Plane will automatically redeploy your workload when one of the container images is updated in the container registry.
The group id assigned to any mounted volume
The group id assigned to any mounted volume
when disabled, this load balancer will be stopped
list of ports that will be exposed by this load balancer
direct load balancers are created in each location that a workload is running in and are configured for the standard endpoints of the workload. Customers are responsible for configuring the workload with certificates if TLS is required
when disabled, this load balancer will be stopped
list of ports that will be exposed by this load balancer
When enabled, geo location headers will be included on inbound http requests. Existing headers will be replaced.
When enabled, geo location headers will be included on inbound http requests. Existing headers will be replaced.
direct load balancers are created in each location that a workload is running in and are configured for the standard endpoints of the workload. Customers are responsible for configuring the workload with certificates if TLS is required
when disabled, this load balancer will be stopped
list of ports that will be exposed by this load balancer
When enabled, geo location headers will be included on inbound http requests. Existing headers will be replaced.
The identityLink is used as the access scope for 3rd party cloud resources. A single identity can provide access to multiple cloud providers.
Optional control of inbound and outbound access to the workload for external (public) and internal (service to service) traffic. Access is restricted by default.
The external firewall is used to control access to and from the public internet.
The list of public hostnames that this workload is allowed to reach. No outbound access is allowed by default. A wildcard '' is allowed on the prefix of the hostname only, ex: '.amazonaws.com'. Use 'outboundAllowCIDR' to allow access to all external websites (not recommended). The ports 80, 443 & 445 are allowed by default. This can be modified using the outboundAllowPort setting.
Allow outbound access to specific ports and protocols. When not specified, communication to address ranges in outboundAllowCIDR is allowed on all ports and communication to names in outboundAllowHostname is allowed on ports 80/443.
The list of ipv4/ipv6 addresses or cidr blocks that this workload is allowed reach. No outbound access is allowed by default. Specify '0.0.0.0/0' to allow outbound access to the public internet (not recommended).
The internal firewall is used to control access between workloads.
Used to control the internal firewall configuration and mutual tls. 'none': no access is allowed between this workload and other workloads on Control Plane. 'same-gvc': workloads running on the same Global Virtual Cloud are allowed to access this workload internally. 'same-org': workloads running on the same Control Plane Organization are allowed to access this workload internally. 'workload-list': specific workloads provided in the 'inboundAllowWorkload' array are allowed to access this workload internally.
A list of specific workloads which are allowed to access this workload internally.
Set defaultOptions for the workload in all Control Plane Locations.
A standard cron schedule expression used to determine when your job should execute.
Either 'Forbid' or 'Replace'. This determines what Control Plane will do when the schedule requires a job to start, while a prior instance of the job is still running.
The maximum number of completed job instances to display. This should be an integer between 1 and 10.
Either 'OnFailure' or 'Never'. This determines what Control Plane will do when a job instance fails.
The maximum number of seconds Control Plane will wait for the job to complete. If a job does not succeed or fail in the allotted time, Control Plane will stop the job, moving it into the Removed status.
If this is enabled, Control Plane will automatically redeploy your workload when one of the container images is updated in the container registry.
The group id assigned to any mounted volume
direct load balancers are created in each location that a workload is running in and are configured for the standard endpoints of the workload. Customers are responsible for configuring the workload with certificates if TLS is required
when disabled, this load balancer will be stopped
list of ports that will be exposed by this load balancer
When enabled, geo location headers will be included on inbound http requests. Existing headers will be replaced.
Authorizations
Service account key can be used as API keys
Path Parameters
Body
description
, tags
, gvc
, spec