{"type":"model","meta":{"id":"/apps/pubhub/media/cloud-security-apis-in-eft/9d37d008417d562ab46d4b67547a68457ce288d2/28c42199-71bc-32ee-998e-c19bc5c8456e","info":{"title":"Cisco Secure Access Private Resources and Resource Groups API","description":"Manage the Private Resources and Resource Groups in the organization.","version":"1.0.0","contact":{"name":"Cloud Security Developer Community"}},"security":[{"oauthFlow":[]}],"tags":[{"name":"Resource Groups","description":"The Secure Access Private Resource Groups"},{"name":"Private Resources","description":"The Secure Access Private Resources"},{"name":"Secure Access"}],"x-parser-conf":{"overview":{"markdownPath":"secure-access/reference/policies/private-resources-overview.md","uri":"secure-access-api-reference-private-resources-overview"}},"openapi":"3.0.1","servers":[{"url":"https://api.sse.cisco.com/{basePath}","variables":{"basePath":{"default":"policies/v2"}}}],"securitySchemes":{"oauthFlow":{"type":"oauth2","description":"The client credential flow.","flows":{"clientCredentials":{"tokenUrl":"https://api.sse.cisco.com/auth/v2/token","scopes":{"policies.privateresourcegroups:read":"Read the Private Resource Groups resources","policies.privateresourcegroups:write":"Write the Private Resource Groups resources","policies.privateresources:read":"Read the Private Resources resources","policies.privateresources:write":"Write the Private Resources resources"}}}}}},"spec":{"type":"object","description":"List all private Resources in the organization. If you set query filters on your request,\nyou can get a subset of the Private Resources in the collection.","properties":{"items":{"type":"array","items":{"type":"object","description":"Get the Private Resource.","properties":{"resourceId":{"type":"integer","description":"The ID of the Private Resource.","readOnly":true,"example":183456},"name":{"type":"string","description":"The name of the Private Resource that is unique across all resources in the organization.\nThe Resource name must not have any special characters other than spaces and hyphens.","maxLength":50,"pattern":"^[a-zA-Z0-9- ]+$","example":"Jira","$$ref":"#/components/schemas/privateResourceName"},"description":{"type":"string","description":"The description of the Private Resource.","maxLength":255,"example":"Jira App For My Org","$$ref":"#/components/schemas/descriptionPrivateResource"},"dnsServerId":{"type":"integer","description":"The unique identifier of the DNS server you use to resolve IP addresses.","example":98765,"$$ref":"#/components/schemas/dnsServerId"},"certificateId":{"type":"integer","description":"The ID of the certificate you use to decrypt traffic to the Private Resource.","example":456,"$$ref":"#/components/schemas/certificateId"},"accessTypes":{"type":"array","description":"The list of connection properties that describe how end users can access private resources in the organization.\nBrowser-based access requires that all resource addresses use the HTTP or HTTPS protocols.\nBranch access is always enabled for a private resource.","items":{"anyOf":[{"type":"object","description":"The connection type is the branch network.\nThe branch connection type is always enabled for all private resources.","properties":{"type":{"type":"string","description":"The type of the connection is branch.","enum":["branch"],"example":"branch"}},"example":{"type":"branch"},"$$ref":"#/components/schemas/branchAccess"},{"type":"object","description":"The properties of the browser-based response.","properties":{"type":{"type":"string","description":"The type of the connection is a browser.","enum":["browser"],"example":"browser"},"protocol":{"type":"string","description":"The protocol for the communication between the proxy and the Private Resource.\nOnly applicable for browser-based Zero Trust Network Access.","enum":["HTTPS","HTTP"],"example":"HTTPS","$$ref":"#/components/schemas/protocolProxyToResource"},"sni":{"type":"string","description":"The Server Name Indication (SNI) domain name.\nOnly applicable for browser-based Zero Trust Access and when you select the HTTPS protocol.\nThe SNI must be a valid domain.","example":"","$$ref":"#/components/schemas/sni"},"sslVerificationEnabled":{"type":"boolean","description":"Specify whether to enable upstream SSL verification for the internally hosted URL by the customer.\nApplicable for browser-based Zero Trust Access only and when you select the HTTPS protocol.","default":true,"example":true,"$$ref":"#/components/schemas/sslVerificationEnabled"},"externalFQDN":{"type":"string","maxLength":50,"description":"The external fully qualified domain name (FQDN)."}},"required":["type","protocol"],"example":{"type":"browser","protocol":"HTTPS"},"$$ref":"#/components/schemas/browserBasedAccessResponse"},{"type":"object","description":"The connection to private resources is defined for the Cisco Secure Client.","properties":{"type":{"type":"string","description":"The type of the connection is Cisco Secure Client.","enum":["client"],"example":"client"},"reachableAddresses":{"type":"array","description":"The list of IP address, CIDRs, FQDN, or wildcard FQDN destinations.\nIPv6 is not supported. Only applies to resources you configure for client-based Zero Trust Access.","items":{"type":"string","description":"An IP or CIDR address, FQDN, or wildcard FQDN destination.","example":"172.6.0.0/32"},"example":["172.6.0.0/32"],"$$ref":"#/components/schemas/reachableAddresses"}},"required":["type","reachableAddresses"],"example":{"type":"client","reachableAddresses":["jira.com"]},"$$ref":"#/components/schemas/clientBasedAccess"},{"type":"object","description":"The connection to private resources that is defined for a network.","properties":{"type":{"type":"string","description":"The type of the connection is network.","enum":["network"],"example":"network"}},"required":["type"],"example":{"type":"network"},"$$ref":"#/components/schemas/networkBasedAccess"}]},"example":[{"type":"branch"},{"type":"browser","externalFQDNPrefix":"jira","protocol":"HTTPS","sni":"xyz123.jira.com","sslVerificationEnabled":true},{"type":"client","reachableAddresses":["192.168.0.1","example.com"]},{"type":"network"}],"$$ref":"#/components/schemas/accessTypes"},"resourceAddresses":{"type":"array","description":"The list of resource addresses for the Private Resources.","items":{"type":"object","description":"The destinations, protocols, and ports of the Private Resource's address.","required":["destinationAddr","protocolPorts"],"properties":{"destinationAddr":{"type":"array","description":"The list of IP address, CIDRs, FQDN, or wildcard FQDN destinations. IPv6 is not supported.","items":{"type":"string"},"example":["172.6.0.0/32"]},"protocolPorts":{"type":"array","description":"The list of protocols and ports for the IP address destinations. The protocols must be unique.","items":{"type":"object","description":"The protocol and port properties for the Private Resource's address.","properties":{"protocol":{"type":"string","description":"The protocol you use to connect the user with the Private Resource.\nThe system only allows the TCP protocol is allowed for browser-based Zero Trust Access.","enum":["Any","TCP","UDP","HTTP/HTTPS"],"example":"Any","$$ref":"#/components/schemas/protocolClientToResource"},"ports":{"type":"string","description":"The port number or list of comma-separated port numbers that you can use to connect to the Private Resource.\nA port number must be within the range of `1-65535`.","example":"80,8080","$$ref":"#/components/schemas/ports"}}},"example":[{"protocol":"TCP","ports":"80,9000"}]}}},"example":[{"destinationAddr":["172.6.0.0/32","255.100.100.0/24","mydomain.com"],"protocolPorts":[{"protocol":"TCP","ports":"80,82"},{"protocol":"UDP","ports":"53"}]},{"destinationAddr":["example.com"],"protocolPorts":[{"protocol":"HTTP/HTTPS","ports":"80"}]}],"$$ref":"#/components/schemas/resourceAddresses"},"resourceGroupIds":{"type":"array","items":{"type":"integer","example":1,"description":"The ID of the Private Resource Group."},"description":"The list of IDs for the Private Resource Groups that include the Private Resource.","example":[1,19],"$$ref":"#/components/schemas/resourceGroupIds"},"createdAt":{"type":"string","format":"date-time","readOnly":true,"example":"2021-12-13T16:07:07.222Z","description":"Record the date and time when you create the private resource."},"modifiedAt":{"type":"string","format":"date-time","readOnly":true,"example":"2021-12-13T16:07:07.222Z","description":"Record the date and time when you update the private resource."},"createdBy":{"type":"string","description":"The ID of the user who creates the private resource.","example":"123456"},"modifiedBy":{"type":"string","description":"The ID of the user who last modifies the private resource.","example":"987654"}},"example":{"resourceId":183456,"name":"The private resource name","description":"The description of the private resource","dnsServerId":123455,"certificateId":123985,"accessTypes":[{"type":"branch"},{"type":"browser","externalFQDN":"https://jira-5001.ztna.ciscoplus.com","protocol":"HTTPS","sni":"xyz123.jira.com","sslVerificationEnabled":true},{"type":"network"},{"type":"client","reachableAddresses":["192.168.0.1","example.com"]}],"resourceAddresses":[{"destinationAddr":["example.com","172.6.0.0/32"],"protocolPorts":[{"protocol":"HTTP/HTTPS","ports":"80"}]}],"resourceGroupIds":[234234234,1242134324],"createdAt":"2021-12-13T16:07:07.222Z","modifiedAt":"2021-12-13T16:07:07.222Z","createdBy":"123456","modifiedBy":"987654"},"$$ref":"#/components/schemas/privateResourceResponse"},"example":[{"resourceId":183456,"name":"The private resource name","description":"The description of the private resource","dnsServerId":123455,"certificateId":123985,"accessTypes":[{"type":"branch"},{"type":"browser","externalFQDN":"https://jira-5001.ztna.ciscoplus.com","protocol":"HTTPS","sni":"xyz123.jira.com","sslVerificationEnabled":true},{"type":"network"},{"type":"client","reachableAddresses":["192.168.0.1","example.com"]}],"resourceAddresses":[{"destinationAddr":["example.com","172.6.0.0/32"],"protocolPorts":[{"protocol":"HTTP/HTTPS","ports":"80"}]}],"resourceGroupIds":[234234234,1242134324],"createdAt":"2021-12-13T16:07:07.222Z","modifiedAt":"2021-12-13T16:07:07.222Z","createdBy":"123456","modifiedBy":"987654"}]},"offset":{"type":"integer","description":"The index where the server starts to read the collection.","example":0},"limit":{"type":"integer","description":"The number of items returned on a page in the response.","example":100},"total":{"type":"integer","description":"The total count of the Private Resources read in the collection.","example":100}},"example":{"items":[{"resourceId":183456,"name":"The private resource name","description":"The description of the private resource","dnsServerId":123455,"certificateId":123985,"accessTypes":[{"type":"branch"},{"type":"browser","externalFQDN":"https://jira-5001.ztna.ciscoplus.com","protocol":"HTTPS","sni":"xyz123.jira.com","sslVerificationEnabled":true},{"type":"network"},{"type":"client","reachableAddresses":["192.168.0.1","example.com"]}],"resourceAddresses":[{"destinationAddr":["example.com","172.6.0.0/32"],"protocolPorts":[{"protocol":"HTTP/HTTPS","ports":"80"}]}],"resourceGroupIds":[234234234,1242134324],"createdAt":"2021-12-13T16:07:07.222Z","modifiedAt":"2021-12-13T16:07:07.222Z","createdBy":"123456","modifiedBy":"987654"}],"offset":1,"limit":100,"total":200},"$$ref":"#/components/schemas/privateResourceList","title":"privateResourceList"}}