Replace Network Connector.

PUT

/api/config/namespaces/{metadata.namespace}/network_connectors/{metadata.name}

curl --request PUT \
  --url https://example-corp.console.ves.volterra.io/api/v1/api/production/us-east-1/namespaces/default/api/config/namespaces/example/network_connectors/example \
  --header 'Authorization: <Authorization>' \
  --header 'Content-Type: application/json' \
  --data '{ "metadata": { "annotations": {}, "description": "example", "disable": true, "labels": {}, "name": "example", "namespace": "example" }, "spec": { "disable_forward_proxy": {}, "enable_forward_proxy": { "connection_timeout": 1, "max_connect_attempts": 1, "no_interception": {}, "tls_intercept": { "custom_certificate": { "certificate_url": "example", "custom_hash_algorithms": { "hash_algorithms": [ "INVALID_HASH_ALGORITHM" ] }, "description": "example", "disable_ocsp_stapling": {}, "private_key": { "blindfold_secret_info": { "decryption_provider": "example", "location": "example", "store_provider": "example" }, "clear_secret_info": { "provider": "example", "url": "https://example.com" } }, "use_system_defaults": {} }, "enable_for_all_domains": {}, "policy": { "interception_rules": [ { "disable_interception": {}, "domain_match": { "exact_value": "example", "regex_value": "example", "suffix_value": "example" }, "enable_interception": {} } ] }, "trusted_ca_url": "example", "volterra_certificate": {}, "volterra_trusted_ca": {} }, "white_listed_ports": [ 1 ], "white_listed_prefixes": [ "example" ] }, "sli_to_global_dr": { "global_vn": { "name": "example", "namespace": "example" } }, "sli_to_slo_snat": { "default_gw_snat": {}, "interface_ip": {} }, "slo_to_global_dr": { "global_vn": { "name": "example", "namespace": "example" } } } }'

• F5 Distributed Cloud Console

Replace Network Connector will replace the contains of given object.

Examples of this operation.

Authorizations

• ApiToken

Parameters

Path Parameters

metadata.namespace

required

string

Namespace This defines the workspace within which each the configuration object is to be created. Must be a DNS_LABEL format. For a namespace object itself, namespace value will be ""

metadata.name

required

string

Name The configuration object to be replaced will be looked up by name.

Request Body^required

Media typeapplication/json

ReplaceRequest is used to replace contents of a network_connector

This is the input message of the ‘Replace’ RPC.

object

metadata

object

annotations

annotations

Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects.

object

description

description

Human readable description for the object.

string

>= 21 characters <= 1200 characters

disable

disable

A value of true will administratively disable the object.

boolean format: boolean

labels

labels

Map of string keys and values that can be used to organize and categorize (scope and select) objects as chosen by the user. Values specified here will be used by selector expression.

object

name

name

This is the name of configuration object. It has to be unique within the namespace. It can only be specified during create API and cannot be changed during replace API. The value of name has to follow DNS-1035 format. Required: YES.

string

>= 6 characters <= 1024 characters

namespace

namespace

This defines the workspace within which each the configuration object is to be created. Must be a DNS_LABEL format. For a namespace object itself, namespace value will be ""

string

>= 6 characters <= 1024 characters

spec

object

disable_forward_proxy

object

enable_forward_proxy

object

connection_timeout

connection_timeout

The timeout for new network connections to upstream server. This is specified in milliseconds. The default value is 2000 (2 seconds)

integer format: int64

max_connect_attempts

max_connect_attempts

Specifies the allowed number of retries on connect failure to upstream server. Defaults to 1.

integer format: int64

no_interception

object

tls_intercept

object

custom_certificate

object

certificate_url

certificate_url

TLS certificate. Certificate or certificate chain in PEM format including the PEM headers. Required: YES.

string

>= 1 characters <= 131072 characters

custom_hash_algorithms

object

hash_algorithms

Hash Algorithms

Ordered list of hash algorithms to be used.

Required: YES.

Array<string>

>= 1 items <= 4 items

Allowed values: INVALID_HASH_ALGORITHM SHA256 SHA1

description

description

Description for the certificate.

string

>= 21 characters <= 1024 characters

disable_ocsp_stapling

object

private_key

object

blindfold_secret_info

object

decryption_provider

Decryption Provider

Name of the Secret Management Access object that contains information about the backend Secret Management service.

string

<= 1024 characters

location

Location

Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location Required: YES.

string

>= 4 characters <= 1024 characters

store_provider

Store Provider

Name of the Secret Management Access object that contains information about the store to GET encrypted bytes This field needs to be provided only if the URL scheme is not string:///.

string

<= 1024 characters

clear_secret_info

object

provider

Provider

Name of the Secret Management Access object that contains information about the store to GET encrypted bytes This field needs to be provided only if the URL scheme is not string:///.

string

>= 3 characters <= 1024 characters

url

URL

URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will GET Secret bytes after Base64 decoding. Required: YES.

string format: uri

<= 131072 characters

use_system_defaults

object

enable_for_all_domains

object

policy

object

interception_rules

Interception Rules

List of ordered rules to enable or disable for TLS interception

Required: YES.

Array<object>

>= 1 items <= 32 items

TlsInterceptionRule

Rule to enable or disable TLS interception based on domain match.

object

disable_interception

object

domain_match

object

exact_value

exact value

Exclusive with [regex_value suffix_value] Exact domain name.

string

>= 1 characters <= 256 characters

regex_value

regex values of Domains

Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.

string

>= 1 characters <= 256 characters

suffix_value

suffix value

Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”

string

>= 1 characters <= 256 characters

enable_interception

object

trusted_ca_url

Custom Root CA Certificate

Exclusive with [volterra_trusted_ca] Custom Root CA Certificate for validating upstream server certificate.

string

<= 131072 characters

volterra_certificate

object

volterra_trusted_ca

object

white_listed_ports

Port list

Traffic to these destination TCP ports is not subjected to protocol parsing Example “tmate” server port.

Array<integer>

<= 64 items

white_listed_prefixes

IP prefix list

Traffic to these destination IP prefixes is not subjected to protocol parsing Example “tmate” server IP.

Array<string>

<= 64 items

sli_to_global_dr

object

global_vn

object

name

name

When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object’s(e.g. Route’s) name. Required: YES.

string

>= 1 characters <= 128 characters

namespace

namespace

When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object’s(e.g. Route’s) namespace.

string

>= 6 characters <= 64 characters

tenant

tenant

When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object’s(e.g. Route’s) tenant.

string

>= 6 characters <= 64 characters

sli_to_slo_snat

object

default_gw_snat

object

interface_ip

object

slo_to_global_dr

object

global_vn

object

name

name

When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object’s(e.g. Route’s) name. Required: YES.

string

>= 1 characters <= 128 characters

namespace

namespace

When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object’s(e.g. Route’s) namespace.

string

>= 6 characters <= 64 characters

tenant

tenant

When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object’s(e.g. Route’s) tenant.

string

>= 6 characters <= 64 characters

Responses

200

A successful response.

Media typeapplication/json

object

Example^generated

{}

401

Returned when operation is not authorized.

Media typeapplication/json

string format: string

Example^generated

example

403

Returned when there is no permission to access resource.

Media typeapplication/json

string format: string

Example^generated

example

404

Returned when resource is not found.

Media typeapplication/json

string format: string

Example^generated

example

409

Returned when operation on resource is conflicting with current value.

Media typeapplication/json

string format: string

Example^generated

example

429

Returned when operation has been rejected as it is happening too frequently.

Media typeapplication/json

string format: string

Example^generated

example

500

Returned when server encountered an error in processing API.

Media typeapplication/json

string format: string

Example^generated

example

503

Returned when service is unavailable temporarily.

Media typeapplication/json

string format: string

Example^generated

example

504

Returned when server timed out processing request.

Media typeapplication/json

string format: string

Example^generated

example