Update Network Tunnel Group - Cloud Security API

{"type":"api","title":"Update Network Tunnel Group","meta":{"id":"/apps/pubhub/media/cloud-security-apis-in-eft/9d37d008417d562ab46d4b67547a68457ce288d2/b608b63c-8f99-3c50-a490-501c84f4f333","info":{"title":"Cisco Secure Access Network Tunnel Groups and Regions API","description":"Manage the Secure Access Network Tunnel Groups.","version":"1.0.0","contact":{"name":"Cloud Security Developer Community"}},"security":[{"oauthFlow":[]}],"tags":[{"name":"Network Tunnel Groups","description":"Network Tunnel Groups API endpoints"},{"name":"Network Tunnel Groups Regions","description":"Network Tunnel Groups Regions API endpoints"},{"name":"Network Tunnel Groups State","description":"Network Tunnel Groups State API endpoints"},{"name":"Network Tunnel Groups Peer State","description":"Network Tunnel Groups Peer State API endpoints"},{"name":"Secure Access"}],"x-parser-conf":{"overview":{"markdownPath":"secure-access/reference/deployments/network-tunnel-groups-overview.md","uri":"secure-access-api-reference-network-tunnel-groups-overview"}},"openapi":"3.0.3","servers":[{"url":"https://api.sse.cisco.com/{basePath}","variables":{"basePath":{"default":"deployments/v2"}}}],"securitySchemes":{"oauthFlow":{"type":"oauth2","description":"client credential flow","flows":{"clientCredentials":{"tokenUrl":"https://api.sse.cisco.com/auth/v2/token","scopes":{"deployments.networktunnelgroups:read":"Read network tunnel groups deployments","deployments.networktunnelgroups:write":"Write network tunnel groups deployments","deployments.regions:read":"Read regions for network tunnel groups deployments"}}}}}},"spec":{"tags":["Network Tunnel Groups","Secure Access"],"summary":"Update Network Tunnel Group","description":"Update a Network Tunnel Group in the organization.","operationId":"patchNetworkTunnelGroup","security":[{"oauthFlow":["deployments.networktunnelgroups:write"]}],"parameters":[{"in":"path","name":"id","description":"The ID of the Network Tunnel Group.","required":true,"schema":{"type":"integer"},"example":123455,"$$ref":"#/components/parameters/id"}],"requestBody":{"required":true,"description":"Update the properties of the Network Tunnel Group.","content":{"application/json":{"schema":{"type":"array","description":"The Network Tunnel Group patch request payload object.\nIf there are duplicate operations for the same path, only the last operation is applied.","items":{"type":"object","description":"The properties of the Network Tunnel Group.","properties":{"op":{"type":"string","enum":["replace"],"description":"The operation that needs to be done. The only available operation is `replace`.","example":"replace"},"path":{"type":"string","description":"The path of the property that needs to be updated.\nAvailable paths are `/name`, `/authIdPrefix`, `/passphrase`, `/region`, and `/routing`.","example":"/name"},"value":{"oneOf":[{"type":"string","description":"The new value for the property.","example":"Tunnel Name - Updated"},{"type":"object","description":"The routing information for the network tunnel.\nThe `nat` routing type is used when the tunnels in your organization connect to network spaces with overlapping IP address spaces.\n\nIf the routing type is `nat`, then set the `data` field to null or an empty string.\nIf the routing type is `bgp`, then set the `data` field with the `asNumber` field.\nIf the routing type is `static`, then set the `data` field with the `networkCIDRs` field.","required":["type","data"],"properties":{"type":{"type":"string","description":"The type of the route.","enum":["static","bgp","nat"]},"data":{"description":"The list of network CIDR addresses or the autonomous system (AS) number.","oneOf":[{"type":"object","description":"The list of network CIDRs.","required":["networkCIDRs"],"properties":{"networkCIDRs":{"type":"array","description":"The public and private address ranges that are used internally by your organization.","items":{"type":"string","example":"123.111.222.25/24"},"example":["123.111.222.25/24"],"$$ref":"#/components/schemas/networkCIDRS"}},"example":{"networkCIDRs":["123.111.222.25/24","111.222.39.1/32"]},"$$ref":"#/components/schemas/staticDataRequestObj"},{"type":"object","description":"The autonomous system (AS) number for the private access tunnels.","required":["asNumber"],"properties":{"asNumber":{"type":"string","description":"The border gateway protocol (BGP) autonomous system (AS) number for private access network tunnels.\nOnly required for the `bgp` routing type. Any other routing types except `bgp` are ignored.\nSpecify an integer between 0–65536.","example":"5432","$$ref":"#/components/schemas/asNumber"},"bgpHopCount":{"type":"integer","description":"Indicates how many network hops a packet can traverse before being discarded by a router. It can only\nbe an integer from 1 to 64 and if it is defined, then at least of BGP neighbor CIDR must be provided.","example":10,"$$ref":"#/components/schemas/bgpHopCount"},"bgpNeighborCIDRs":{"type":"array","description":"The list of CIDR netmasks to limit the customer peers that can talk to the headend BGP.\nThe system allows a maximum of 20 CIDRs.","example":["10.0.0.0/8","95.24.45.50/32"],"items":{"type":"string","example":"10.0.0.0/8"},"$$ref":"#/components/schemas/bgpNeighborCIDRs"},"bgpServerSubnets":{"type":"array","description":"The list of BGP server custom IP address ranges applicable only when the device type is `Azure S2S VPN`.\nThe two ranges must be unique and have the `/32` mask.","example":["169.254.0.1/32","169.254.0.1/32"],"items":{"type":"string","example":"169.254.0.1/32"},"$$ref":"#/components/schemas/bgpServerSubnets"}},"example":{"asNumber":"5432"},"$$ref":"#/components/schemas/bgpDataRequestObj"},{"type":"string"}],"example":{"networkCIDRs":["123.111.222.25/24","111.222.39.1/32"]}}},"example":{"type":"bgp","data":{"asNumber":"5432"}},"$$ref":"#/components/schemas/routingRequest"}]}},"required":["op","path","value"]},"example":[{"op":"replace","path":"/name","value":"Tunnel Name - Updated"},{"op":"replace","path":"/authIdPrefix","value":"brooklynbranchtunnels"},{"op":"replace","path":"/passphrase","value":"n3wTunn3lNow1234567890"},{"op":"replace","path":"/region","value":"us-west-2"},{"op":"replace","path":"/routing","value":{"type":"bgp","data":{"asNumber":"1234"}}}]}}},"$$ref":"#/components/requestBodies/networkTunnelGroupPatchRequest"},"responses":{"200":{"description":"OK","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","description":"The properties of the Network Tunnel Group in the organization.","properties":{"id":{"type":"integer","description":"The ID of the Network Tunnel Group.","readOnly":true,"example":456123789,"$$ref":"#/components/schemas/id"},"name":{"type":"string","description":"The name of the Network Tunnel Group.\nA Network Tunnel Group name is a sequence of 1–50 characters. The `name` field cannot have any special characters other than spaces and hyphens.","example":"New York Branch Tunnels","$$ref":"#/components/schemas/name"},"organizationId":{"type":"integer","description":"The ID of the organization.","readOnly":true,"example":123556,"$$ref":"#/components/schemas/organizationId"},"deviceType":{"type":"string","description":"The type of device that establishes the network tunnel. The default value is `other`.","enum":["ASA","AWS S2S VPN","AZURE S2S VPN","FTD","ISR","Meraki MX","Viptela cEdge","Viptela vEdge","other"],"example":"ASA","$$ref":"#/components/schemas/deviceType"},"region":{"type":"string","description":"The name of the region that the system uses to obtain the primary and secondary data centers for the Hubs.","example":"us-east-1","$$ref":"#/components/schemas/region"},"status":{"type":"string","enum":["connected","disconnected","warning"],"description":"The status of the Network Tunnel Group.","example":"connected","$$ref":"#/components/schemas/status"},"hubs":{"type":"array","description":"The list of Hubs for a Network Tunnel Group.\nOnly one Hub is the primary data center.","items":{"type":"object","description":"The properties of the Hub.","properties":{"id":{"type":"integer","readOnly":true,"description":"The ID of the Hub.","example":987654321,"$$ref":"#/components/schemas/hubId"},"isPrimary":{"type":"boolean","description":"Specifies whether the Hub is a primary data center.","readOnly":true,"example":true,"$$ref":"#/components/schemas/isPrimary"},"datacenter":{"type":"object","properties":{"name":{"type":"string","description":"The name of the data center for the Hub.","readOnly":true,"example":"dc-1-0-0"},"ip":{"type":"string","description":"The IP address of the data center for the Hub.","readOnly":true,"example":"54.145.27.13"}},"$$ref":"#/components/schemas/datacenterWithIP"},"authId":{"type":"string","readOnly":true,"description":"An IP address or email used to authenticate the tunnel.","example":"newyorkbranchtunnels123@123456-987654321.sse.cisco.com","$$ref":"#/components/schemas/authId"},"status":{"type":"object","description":"The properties of a Hub for the Network Tunnel Group.","required":["time","status"],"properties":{"time":{"type":"string","readOnly":true,"format":"date-time","description":"The date and time (UTC time, with milliseconds) when the state event record was generated.","example":"2023-06-30T16:07:07.222Z"},"status":{"type":"string","readOnly":true,"description":"The high-level status of the Hub:\n* UP - The hub is active.\n* DOWN - The hub is inactive.\n","enum":["UP","DOWN"],"example":"UP"}},"example":{"time":"2023-06-30T16:07:07.222Z","status":"UP"},"$$ref":"#/components/schemas/hubState"},"tunnelsCount":{"type":"integer","description":"The number of tunnels in the hub.","readOnly":true,"example":5,"$$ref":"#/components/schemas/tunnelsCount"}}},"$$ref":"#/components/schemas/hubsWithIP"},"routing":{"type":"object","required":["type","data"],"description":"The routing information for the network tunnel.\n\nIf the routing type is `nat`, then the `data` field is empty.\nIf the routing type is `bgp`, then `data` includes the `asNumber` field.\nIf the routing type is `static`, then `data` includes the `networkCIDRs` field.","properties":{"type":{"type":"string","description":"The type of the route.","enum":["static","bgp","nat"]},"data":{"description":"The list of network CIDR addresses or the autonomous system (AS) number.","oneOf":[{"type":"object","description":"The list of network CIDRs.","required":["networkCIDRs"],"properties":{"networkCIDRs":{"type":"array","description":"The public and private address ranges that are used internally by your organization.","items":{"type":"string","example":"123.111.222.25/24"},"example":["123.111.222.25/24"],"$$ref":"#/components/schemas/networkCIDRS"}},"example":{"networkCIDRs":["123.111.222.25/24","111.222.39.1/32"]},"$$ref":"#/components/schemas/staticDataResponseObj"},{"type":"object","required":["asNumber"],"description":"The autonomous system (AS) number for the private access tunnels.","properties":{"asNumber":{"type":"string","description":"The border gateway protocol (BGP) autonomous system (AS) number for private access network tunnels.\nOnly required for the `bgp` routing type. Any other routing types except `bgp` are ignored.\nSpecify an integer between 0–65536.","example":"5432","$$ref":"#/components/schemas/asNumber"},"bgpHopCount":{"type":"integer","description":"Indicates how many network hops a packet can traverse before being discarded by a router. It can only\nbe an integer from 1 to 64 and if it is defined, then at least of BGP neighbor CIDR must be provided.","example":10,"$$ref":"#/components/schemas/bgpHopCount"},"bgpNeighborCIDRs":{"type":"array","description":"The list of CIDR netmasks to limit the customer peers that can talk to the headend BGP.\nThe system allows a maximum of 20 CIDRs.","example":["10.0.0.0/8","95.24.45.50/32"],"items":{"type":"string","example":"10.0.0.0/8"},"$$ref":"#/components/schemas/bgpNeighborCIDRs"},"bgpServerSubnets":{"type":"array","description":"The list of BGP server custom IP address ranges applicable only when the device type is `Azure S2S VPN`.\nThe two ranges must be unique and have the `/32` mask.","example":["169.254.0.1/32","169.254.0.1/32"],"items":{"type":"string","example":"169.254.0.1/32"},"$$ref":"#/components/schemas/bgpServerSubnets"}},"example":{"asNumber":"5432"},"$$ref":"#/components/schemas/bgpDataResponseObj"},{"type":"string"}],"example":{"networkCIDRs":["123.111.222.25/24","111.222.39.1/32"]}}},"example":{"type":"bgp","data":{"asNumber":"5432"}},"$$ref":"#/components/schemas/routingResponse"},"createdAt":{"type":"string","format":"date-time","readOnly":true,"description":"The date and time (timestamp) when the network tunnel group was created.","example":"2024-06-12T18:04:23Z","$$ref":"#/components/schemas/createdAt"},"modifiedAt":{"type":"string","format":"date-time","readOnly":true,"description":"The date and time of the last update (timestamp) for the network tunnel group.","example":"2024-06-25T15:21:32Z","$$ref":"#/components/schemas/modifiedAt"}},"example":{"id":4561237892,"name":"New York Branch Tunnels","organizationId":123456,"deviceType":"ASA","region":"us-east-1","status":"connected","hubs":[{"id":987654321,"isPrimary":true,"datacenter":{"name":"us-east-1","ip":"54.145.27.13"},"authId":"newyorkbranchtunnels123@123456-987654321.sse.cisco.com","status":{"status":"UP","time":"2025-02-05T17:53:05Z"},"tunnelsCount":5},{"id":147852369,"isPrimary":false,"datacenter":{"name":"us-central-1","ip":"25.132.42.15"},"authId":"newyorkbranchtunnels123@123456-147852369.sse.cisco.com","status":{"status":"UP","time":"2025-02-05T17:53:05Z"},"tunnelsCount":5}],"routing":{"type":"static","data":{"networkCIDRs":["123.111.222.25/24","111.222.39.1/32"]}},"createdAt":"2024-06-12T18:04:23Z","modifiedAt":"2024-06-25T15:21:32Z"},"$$ref":"#/components/schemas/networkTunnelGroupResponse"},"example":{"id":4561237892,"name":"New York Branch Tunnels","organizationId":123456,"deviceType":"ASA","region":"us-east-1","status":"connected","hubs":[{"id":987654321,"isPrimary":true,"datacenter":{"name":"us-east-1","ip":"54.145.27.13"},"authId":"newyorkbranchtunnels123@123456-987654321.sse.cisco.com","status":{"status":"UP","time":"2025-02-05T17:53:05Z"},"tunnelsCount":5},{"id":147852369,"isPrimary":false,"datacenter":{"name":"us-central-1","ip":"25.132.42.15"},"authId":"newyorkbranchtunnels123@123456-147852369.sse.cisco.com","status":{"status":"UP","time":"2025-02-05T17:53:05Z"},"tunnelsCount":5}],"routing":{"type":"static","data":{"networkCIDRs":["123.111.222.25/24","111.222.39.1/32"]}},"createdAt":"2024-06-12T18:04:23Z","modifiedAt":"2024-06-25T15:21:32Z"}}}},"400":{"description":"Bad Request","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"oneOf":[{"type":"object","properties":{"error":{"type":"string","description":"Error message explaining the reason for failure.","example":"Validation Error"},"requestId":{"type":"string","description":"The ID of the request.","example":"7d318524-d5a4-4fd8-8b29-ad295b2f035b"},"validationErrors":{"type":"object","properties":{"name":{"type":"string","description":"Indicates the problem with the tunnel name.","example":"Attribute value is blank."},"region":{"type":"string","description":"Indicates the problem with the region.","example":"Attribute value does not exist."},"deviceType":{"type":"string","description":"Indicates the problem with the device type.","example":"Attribute value is invalid."},"authId":{"type":"string","description":"Indicates the problem with the tunnel auth ID.","example":"Attribute value is invalid."},"passphrase":{"type":"string","description":"Indicates the problem with the passphrase.","example":"Attribute value is invalid."},"routing":{"type":"string","description":"Indicates the problem with the routing.","example":"Attribute value is invalid."}}}}},{"type":"object","properties":{"error":{"type":"string","description":"Error message explaining the reason for failure.","example":"Invalid request body."},"requestId":{"type":"string","description":"The ID of the request.","example":"7d318524-d5a4-4fd8-8b29-ad295b2f035b"}}}],"$$ref":"#/components/schemas/400ValidationError"}}},"$$ref":"#/components/responses/400ValidationError"},"401":{"description":"Unauthorized","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"error":{"type":"string","description":"Error message explaining the reason for failure.","example":"Authorization token is invalid."},"requestId":{"type":"string","description":"The ID of the request.","example":"7d318524-d5a4-4fd8-8b29-ad295b2f035b"}},"$$ref":"#/components/schemas/401Error"}}},"$$ref":"#/components/responses/401Error"},"403":{"description":"Forbidden","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"error":{"type":"string","description":"Error message explaining the reason for failure.","example":"Access Forbidden"},"requestId":{"type":"string","description":"The ID of the request.","example":"7d318524-d5a4-4fd8-8b29-ad295b2f035b"}},"$$ref":"#/components/schemas/403Error"}}},"$$ref":"#/components/responses/403Error"},"404":{"description":"Not Found","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"error":{"type":"string","description":"Error message explaining the reason for failure.","example":"Not Found"},"requestId":{"type":"string","description":"The ID of the request.","example":"7d318524-d5a4-4fd8-8b29-ad295b2f035b"}},"$$ref":"#/components/schemas/404Error"}}},"$$ref":"#/components/responses/404Error"},"409":{"description":"Duplicate network tunnel group name.","content":{"application/json":{"schema":{"type":"object","properties":{"error":{"type":"string","description":"Error message explaining the reason for failure.","example":"Conflict–Network tunnel group name must be unique."},"requestId":{"type":"string","description":"The ID of the request.","example":"7d318524-d5a4-4fd8-8b29-ad295b2f035b"}},"$$ref":"#/components/schemas/409Error"}}}},"500":{"description":"Internal Server Error","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"error":{"type":"string","description":"Error message explaining the reason for failure.","example":"Internal Server Error"},"requestId":{"type":"string","description":"The ID of the request.","example":"7d318524-d5a4-4fd8-8b29-ad295b2f035b"}},"$$ref":"#/components/schemas/500Error"}}},"$$ref":"#/components/responses/500Error"}},"__originalOperationId":"patchNetworkTunnelGroup","method":"patch","path":"/networktunnelgroups/{id}"}}