SCALAR
ID
The ID scalar type represents a unique identifier, often used to refetch an object or as key for a cache. The ID type appears in a JSON response as a String; however, it is not intended to be human-readable. When expected as an input type, any string (such as "4") or integer (such as 4) input value will be accepted as an ID.
link GraphQL Schema definition
- scalar ID
link Require by
- ActionDefinitionnull
- ActionRequestnull
- AriaNotificationTargetDescribes a notification target for Aria
- AriaNotificationTargetTypeDescribes a notification target type for Aria
- AriaNotificationUpsertTargetInputnull
- ArtifactAssessmentAn analysis done on an artifact is an assessment. An assessment is an operational data that captures user/project visibility information. Domain specific implementation may add to this as appropriate.
- ArtifactAssessmentRecommendationAn assessment may lead to one or more recommendations contributing to other tanzu hub products upsell.
- ArtifactMetadataArtifactMetadata is a container for additional information about an artifact. An artifact represents the files/images used to deploy a runnable resource whether that be an application, container or VM, not the actual running resource. As of now we support ArtifactSBOMInfo as metadata. Domain specific implementation may add more metadata as appropriate
- ArtifactMetadataVersionRepresents version of an artifact metadata. Each version of metadata may have different SBOM (Or any other future metadata) information.
- ArtifactSBOMRepresents a software bundle or unit. This is a hierarchical structure where one package may have other packages as dependencies.
- ArtifactVulnerabilityRepresents a software vulnerability that can potentially be exploited
- ArtifactVulnerabilityEntityDetailsDetails of how a vulnerability affects an Entity
- ArtifactVulnerabilityEntityRelationshipRelationship between a ArtifactVulnerability and Entities
- AuditEventType defining common audit event schema for a mutation
- AuthContextnull
- AuthPermissionnull
- AuthRolenull
- AuthRoleBindingnull
- AuthScopenull
- BuildRunA build run resource represents a single request to build an application
- BuildRunStepA build run log represents a single step in the build process
- BuildRunStepInputnull
- BuildRunUpdateInputnull
- CatalogA catalog resource represents a collection of software artifacts
- CatalogItemnull
- ConversationalEventStreamnull
- ConversationalPromptnull
- ConversationalSessionnull
- ConversationalStreamEventThe payload depends on stream's payloadType and can represent for instance graphQL query, graphQL query response, graphql response summary etc
- Dashboardnull
- DashboardBulkDeleteInputnull
- DashboardDefaultnull
- DashboardDeleteFailureResult of dashboard delete operation
- DashboardFilterInput filter parameters for filtering dashboards. If multiple filter objects are specified they are treated as an and.
- DashboardInputnull
- DashboardMutationnull
- Document Federation via Document Query
- DocumentMutationnull
- DocumentQuerynull
- EntityPrimary Entity type in the graph, implementing the individual EntityNode interface and with additional fields permitting traversals to other entities in the entity topology and to access other graph nodes with information related to the entity.
- EntityChangeLogEntrynull
- EntityNodeBare Entity type, implementing the individual EntityNode interface, but without the ability to traverse to other Entities or other graph nodes containing information about the Entity. This type may be used in situations such as notifications where it is not possible to navigate the graph from the Entity information.
- EntityNodeInterface ==================== File contents from entity.graphqls
- EntityRelationshipA typed relationship between two Entity instances
- EntityRelationshipNodenull
- EntityRelationshipNodeInterfacenull
- EntitySchema ==================== File contents from entity_schema.graphqls
- EventGroupRecordnull
- EventRecordnull
- EventsNotificationRulenull
- ExceptionGroupRecordnull
- ExceptionRecordnull
- FindingDescribes a Finding
- FindingApproveSuppressionInputnull
- FindingChangeSuppressionInputnull
- FindingDeleteInputnull
- FindingMutationDefines Mutations related to the Findings Sub-System
- FindingNotificationRulenull
- FindingNotificationRuleMutationProvidernull
- FindingNotificationTargetDescribes a Notification Target
- FindingNotificationTargetsMutationProvidernull
- FindingNotificationTargetTypeDescribes a Finding Target Type method
- FindingPatchNotificationRuleInputnull
- FindingPatchNotificationTargetInputnull
- FindingPatchReportConfigurationInputnull
- FindingPatchReportInputnull
- FindingPatchSuppressionInputnull
- FindingReportReport metadata.
- FindingReportConfigurationReport Configuration.
- FindingResubmitSuppressionInputnull
- FindingSuppressionDescribe a finding suppression
- FindingSuppressionTemplateDescribe a finding suppression template
- FindingUpdateNotificationRuleInputnull
- FindingUpdateNotificationTargetInputnull
- FindingUpdateReportConfigurationInputnull
- FindingUpdateSuppressionInputnull
- FindingUpdateSuppressionTemplateInputnull
- FinOpsAssetAsset interface
- FinOpsAwsAccountDetails of an AWS Account. For m1b milestone we will have this type "FinOpsAwsAccount" untill TanzuHub AWS accounts are synced to Hub. Once accounts are synced to Hub, this will be replaced with ManagementEndpoint
- FinOpsAzureSubscriptionDetails of an Azure Subscription. We will have this type "FinOpsAzureSubscription" until Cost Azure accounts are synced to Hub. Once accounts are synced to Hub, this will be replaced with ManagementEndpoint
- FinOpsAzureVmInstanceAzure VM instance type implementation
- FinOpsCloudCostSmartSummaryEventA Cloud Cost Smart Summary event object
- FinOpsCostAnomalyCost anomaly metadata.
- FinOpsCostAnomalyFeedbackUser feedback for the anomaly.
- FinOpsCostAnomalyQueriesnull
- FinOpsDatasetSchemanull
- FinOpsDatasetSummarynull
- FinOpsEBSVolumeEBSVolume Asset implementation
- FinOpsEC2InstanceEC2Instance Asset implementation
- FinOpsPerspectiveFilterInputnull
- FinOpsRDSInstanceRDSInstance Asset implementation
- FinOpsReportnull
- FinOpsReportMutationnull
- FinOpsRightsizingRecommendationDetails of Rightsizing recommendation
- FinOpsRightsizingRecommendationRequestInputThe rightsizing request which specifies the parameters for executing the request
- FinOpsRightsizingSummaryInputThe rightsizing summary request which specifies the parameters for executing the request
- FinOpsSaveCostAnomalyFeedbackInputfeedback input metadata.
- FinOpsSpendBasedDiscountOpportunitynull
- FinOpsUsageBasedDiscountOpportunitynull
- GuardrailsAccountStateGuardrails representation for an account state. All top level fields like name, description, accountStateType, accountStateProvider will be removed in future and will be coming from ManagementEndpoint. JIRA for the same VRAE-35809.
- GuardrailsDesiredStateIt is a combination of a guardrail template with required input parameters as well as the credentials metadata required to create infrastructure and enforce policies on the same. Guardrails DesiredState can be run on-demand, or on a pre-defined schedule, or in response to an event
- GuardrailsDesiredStateRunGuardrailsDesiredStateRun - It is a point-in-time instance of guardrails desired state run.
- GuardrailsDesiredStateRunResponseencapsulation of one or more runs resulting from a desired state being run
- GuardrailsEnforcedStateRepresents state that is enforced
- GuardrailsMutationsnull
- GuardrailsQueriesnull
- GuardrailsRemediationActionAction is a definition of which remediation Job is run when certain criteria are met
- GuardrailsRemediationActionDeleteResultnull
- GuardrailsRemediationCriteriaCriterion defines a single condition a finding should met to trigger a remediation Job
- GuardrailsRemediationRuleGuardrails Remediation Rules type
- GuardrailsRemediationRunsDefine the 'RemediationRuns' type. Run is single remediation Job execution
- GuardrailsTargetExpressionA Guardrails target expression is used to identify target accounts. This can static
- GuardrailsTemplateGuardrailsTemplate - It is a collection of guardrail states as code including landing zone, preventive guardrails, detective guardrails, all expressed as code.
- GuardrailsWorkerBootstrapInputnull
- GuardrailsWorkerBootstrapResultnull
- GuardrailsWorkerDeleteResultnull
- GuardrailsWorkerGroupnull
- GuardrailsWorkerGroupCloudAccountnull
- GuardrailsWorkerGroupDeleteResultnull
- GuardrailsWorkerGroupFilterInput filter parameter to help filtering the output of guardrails worker group query. If multiple filter objects are specified they are treated as an and.
- GuardrailsWorkerGroupInputnull
- GuardrailsWorkerGroupJobsGuardrails Worker Group jobs type
- GuardrailsWorkerGroupLogTODO need to enhance logs
- GuardrailsWorkerGroupWorkerGuardrails Worker Group Worker Edge Type.
- HubArtifactSbomInfonull
- HubArtifactVulnerabilitynull
- HubPolicyHub policy
- HubPolicyIdInputInput details to delete/disable/enable the policy
- HubPolicyRunPolicy run created after policy evaluation
- Insightnull
- InsightChangeLogEntryInsight change log entry
- InsightConfigurationInsightConfiguration type. InsightConfiguration is aggregated configurations per tenant
- InsightConfigurationInputInput to mutate the InsightConfiguration
- InsightCorrelationRuleInsightCorrelationRule type. InsightCorrelationRule are rules used to correlate Observations and create Insights
- InsightCorrelationRuleInputInput to update, insert or delete existing insight
- InsightDeltaInputInput specifying changes to a specific namespace of an entity
- InsightMutationnull
- InsightNotificationRulenull
- InsightRemediationActionnull
- InsightRemediationRecommendationnull
- InsightRuleBase Interface for insight rules
- InsightRuleQueryInsight Rule queries
- KubernetesCapabilityRepresents a capability which is a list of GVKs (CRDs) and is either provided or required by a package. This node is an entry from the cartesian product of capabilities and packages.
- KubernetesCapabilityInstallRepresents a specific installation of a capability.
- KubernetesDeletePackageInstallInputnull
- KubernetesKindAgentTargetnull
- KubernetesKindAvailabilityTargetAvailabilityTarget is the Schema for the availabilitytargets API
- KubernetesKindBindableResourceDefinition of a bindable resource
- KubernetesKindBuildConfigurationBuildConfiguration is the Schema for the buildconfiguaration API
- KubernetesKindCertificateProviderCertificateProvider is the Schema for the certificateproviders API
- KubernetesKindClassClaimClassClaim is the Schema for the classclaims API
- KubernetesKindClusterGroupClusterGroup is the schema for the ClusterGroup API
- KubernetesKindClusterRoleClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding.
- KubernetesKindClusterRoleBindingClusterRoleBinding references a ClusterRole, but not contain it. It can reference a ClusterRole in the global namespace, and adds who information via Subject.
- KubernetesKindClusterSyncResourceSetSyncResourceSet is the Schema for the ClusterSyncResourceSets API
- KubernetesKindConfigMapConfigMap holds configuration data for pods to consume.
- KubernetesKindContainerAppContainerApp is the Schema for the containerapps API
- KubernetesKindContainerAppBuildPlanContainerAppBuildPlan is the Schema for the containerappbuildplan API
- KubernetesKindCredentialCredential is the Schema for the credentials API
- KubernetesKindDNSProvidernull
- KubernetesKindDomainnull
- KubernetesKindDomainBindingDomainBinding CRD defines the connection between a Domain and a Space
- KubernetesKindEgressPointEgressPoint is the Schema for the egresspoints API
- KubernetesKindEKSClusterEKSCluster is the Schema for the EKSCluster API
- KubernetesKindEKSNodepoolEKSNodepool is the Schema for the EKSNodepool API
- KubernetesKindEKSOptionEKSOption is the Schema for the EKSOption API
- KubernetesKindEventEvent is a report of an event somewhere in the cluster.
- KubernetesKindEvictionEviction evicts a managed namespace from its scheduled cluster subject to space disruption budget
- KubernetesKindHealthProbeHealthProbe is the Schema for the HealthProbe API
- KubernetesKindHTTPRouteHTTPRoute provides a way to route HTTP requests. This includes the capability to match requests by hostname, path, header, or query param. Filters can be used to specify additional processing steps. Backends specify where matching requests should be routed.
- KubernetesKindKubernetesClusterKubernetesCluster is the Schema for the KubernetesCluster API
- KubernetesKindLimitRangeLimitRange sets resource usage limits for each kind of resource in a Namespace.
- KubernetesKindManagedNamespaceManagedNamespace is the Schema for the managednamespaces API
- KubernetesKindManagedNamespaceSetManagedNamespaceSet is the Schema for the managednamespacesets API
- KubernetesKindNamespaceNamespace provides a scope for Names. Use of multiple namespaces is optional.
- KubernetesKindNetworkNeighborSetNetworkNeighborSet is the Schema for the networkneighborsets API
- KubernetesKindPackagenull
- KubernetesKindPackageInstallA Package Install is an actual installation of a package and its underlying resources on a Kubernetes cluster. It is represented in kapp-controller by a PackageInstall CR. A PackageInstall CR must reference a Package CR.
- KubernetesKindPackageMetadatanull
- KubernetesKindPackageRepositoryA package repository is a collection of packages and their metadata. Similar to a maven repository or a rpm repository, adding a package repository to a cluster gives users of that cluster the ability to install any of the packages from that repository.
- KubernetesKindPodSecurityPolicyPodSecurityPolicy is the Schema for the PodSecurityPolicy API.
- KubernetesKindPreProvisionedServiceDescribes a pre-provisioned service instance
- KubernetesKindProfilenull
- KubernetesKindProjectnull
- KubernetesKindRoleRole is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding.
- KubernetesKindRoleBindingRoleBinding references a role, but does not contain it. It can reference a Role in the same namespace or a ClusterRole in the global namespace. It adds who information via Subjects and namespace information by which namespace it exists in. RoleBindings in a given namespace only have effect in that namespace.
- KubernetesKindSecretSecret holds secret data of a certain type. The total bytes of the values in the Data field must be less than MaxSecretSize bytes.
- KubernetesKindSecretExportnull
- KubernetesKindServiceAccountServiceAccount binds together: * a name, understood by users, and perhaps by peripheral systems, for an identity * a principal that can be authenticated and authorized * a set of secrets
- KubernetesKindServiceBindingServiceBinding is the Schema for the servicebindings API
- KubernetesKindSpaceSpace is the Schema for the spaces API
- KubernetesKindSpaceDisruptionBudgetSpaceDisruptionBudget is the Schema for the spacedisruptionbudget API
- KubernetesKindSpaceOutputSpaceOutput is the Schema for the spaceoutputs API
- KubernetesKindSpringCloudGatewayMappingnull
- KubernetesKindSpringCloudGatewayRouteConfignull
- KubernetesKindSyncResourceSetSyncResourceSet is the Schema for the SyncResourceSets API
- KubernetesKindTraitnull
- KubernetesPackageCatalogA catalog represents a collection of installable package definitions.
- KubernetesPackageCatalogItemRepresents a specific versioned release an installable package
- KubernetesResourceGeneric Kubernetes resource
- KubernetesResourceInterfaceApplication Engine Resource Interface
- KubernetesResourceKindDefinition of a resource kind
- KubernetesUpdatePackageInstallInputUpdates installationDescription, version and valueSchemaConfigurationYaml props. - Pass current value to keep it unmodified. - Pass 'null' value to clear it.
- LogRecordnull
- LogSchemanull
- ManagementEndpointA management endpoint is an abstraction of the place to which to connect to monitor/manage a system. In the public cloud world this can be considered as an "account" (AWS), "subscription" (Azure), or "project" (GCP). In the on-prem vCenter / VMX world a management endpoint can refer to a vCenter or NSX-Manager instance and its URL. In order to support other management endpoints in the future, the management endpoint is considered a point through which a system, with its discovered entities, can be monitored and/or managed.
- ManagementEndpointCollectorManagementEndpointCollector represents collector metadata for various kinds of collectors, Kubernetes is the supported collector type currently.
- ManagementEndpointCollectorQueryFilternull
- ManagementEndpointCredentialCredential - holds credential information that can be used to access one or more cloud accounts.
- ManagementEndpointCredentialBrokerManagement Endpoint Credential Broker represents credential broker deployment and it's metadata.
- ManagementEndpointCredentialMappingnull
- ManagementEndpointCredentialMappingInputnull
- ManagementEndpointCredentialsInputCredential - holds credential information that can be used to access one or more cloud accounts.
- ManagementEndpointCredentialUsageNodeManagement endpoint credential usage information
- ManagementEndpointDeployToCloudProxyAgentInputnull
- ManagementEndpointDeployToCloudProxyAgentResponsenull
- ManagementEndpointDiscoveredNodeDiscovered node represents a node in the organisation structure discovered for a root account. A node can either represent an account group or an actual account. The differentiation between account group and account can be made on the basis of entity type.
- ManagementEndpointInputA management endpoint is an abstraction of the place to which to connect to monitor/manage a system. In the public cloud world this can be considered as an "account" (AWS), "subscription" (Azure), or "project" (GCP). In the on-prem vCenter / VMX world a management endpoint can refer to a vCenter or NSX-Manager instance and its URL. In order to support other management endpoints in the future, the management endpoint is considered a point through which a system, with its discovered entities, can be monitored and/or managed.
- ManagementEndpointMutationnull
- ManagementEndpointQuerynull
- ManagementEndpointQueryFilter TODO extend filter with other fields, also add and implement for queryManagementEndpoints
- NetworkEntityFlowCountByFlowTypeEntrydescribes an entity to destination flow count
- NodeRelay-compatible interface implemented by all graph nodes that are expected to be cached / re-fetched by their globally unique ID Non-volatile graph nodes are expected to implement the Node interface. Note that not all types implement the Node interface - types such as Connections and Edges, and volatile query response types are typically not expected to be cached on the client side and thus do not implement the Node interface. Please see: [Global Object Identification](https://graphql.org/learn/global-object-identification)
- NodeVersionAn interface indicating that the given type is versioned, and providing an opaque version identifier. Optimistic locking on mutations on the given type can be performed by providing the `nodeVersion` field in the input type. If the `nodeVersion` field passed in the mutation input does not match the current node's `nodeVersion` field then the mutation should be rejected, since there has been a version change on the server since the last time that the mutation client read the node. Note that implementing `NodeVersion` does not require the `Node` interface to be implemented.
- NotificationRulenull
- NotificationTargetDescribes a notification target
- NotificationTargetTypeDescribes a notification target type
- ObservabilityAlertObservability Alert to trigger Alerts on metrics/logs
- ObservabilityAlertNotificationRulenull
- ObservabilityLogAlertObservability Log Alert to trigger Alerts on logs
- ObservabilityLogAlertUpdateInputObservability Log Alert provider create input.
- ObservabilityMetricAlertObservability Metric Alert to trigger Alerts on metrics
- ObservabilityMetricAlertUpdateInputObservability Metric Alert provider update input
- ObservabilityRunbookTroubleshooting steps for an observability alert
- ObservationA point-in-time observation about the state of something in the system which may interest our insight service
- ObservationMappingRuleObservationMappingRule type. ObservationMappingRule specifies how to map an alert from generic source to Observation object, along with paired alert template used to configure external monitor tool webhook. Paired alert template is a convenience to user, API doesn't enforce its presence, because if user has other ways to send alerts, so long as alert content conforms to spec, it can be mapped to Observation.
- ObservationMappingRuleInputInput to update, insert, or delete existing ObservationMappingRule
- ObservationMetricInfoResultnull
- ObservationQueryObservation queries
- ObservationTaggingRuleTaggingRule type. TaggingRules are rules used to add user-defined tags to Observations based on rule conditions.
- ObservationTaggingRuleInputInput to update, insert, or delete existing TaggingRule
- ObservationTagOccurrenceAn entity to keep metadata of a tag
- Repository Represents a repository available for a given repository endpoint Eg. cmbu/guardrails-service
- RepositoryEndpointRepresents an endpoint that can be used access one or more repositories. Eg. gitlab.eng.vmware.com Example providers (gitlab, github). Concrete implementation would also add other details like credentials to this as applicable.
- RepositoryVersionRepresents commit information for a repository. For a git repository this would be commit id
- SecurityAlertnull
- SecurityChangeLognull
- SecurityControlDescribes a security control
- SecurityDeleteInputnull
- SecurityDeleteSuppressionInputnull
- SecurityDownloadReportInputnull
- SecurityDownloadReportResponsenull
- SecurityFindingDescribes a security finding
- SecurityFindingsSourceDescribes a security findings source
- SecurityFindingsSourceMethodInfoDescribes a security Findings Source method
- SecurityFrameworkDescribes a security framework
- SecurityGroupDescribes security group
- SecurityIntegrationDescribes a security integration
- SecurityIntegrationMethodInfoDescribes a security integration method
- SecurityMutationMutate security subsystem
- SecurityPatchAlertInputnull
- SecurityPatchControlInputnull
- SecurityPatchFindingsSourceInputnull
- SecurityPatchFrameworkInputnull
- SecurityPatchGroupInputnull
- SecurityPatchIntegrationInputnull
- SecurityPatchReportConfigurationInputnull
- SecurityPatchRuleInputnull
- SecurityPatchSuppressionInputnull
- SecurityPolicyImpactedEntityRelationshipnull
- SecurityReportReport metadata.
- SecurityReportConfigurationReport Configuration.
- SecurityRulenull
- SecuritySuppressionDescribe a security suppression
- SecuritySuppressionsTemplateDescribe a security suppression template
- SecurityUpdateAlertInputnull
- SecurityUpdateControlInputnull
- SecurityUpdateFrameworkInputnull
- SecurityUpdateGroupInputnull
- SecurityUpdateReportConfigurationInputnull
- SecurityUpdateSuppressionInputnull
- SecurityUpsertFindingsSourceInputnull
- SecurityUpsertIntegrationInputnull
- SecurityUpsertRuleInputnull
- SecurityUpsertSuppressionInputnull
- SpringArtifactAssessmentAssessment is systematically evaluating and appraising a Spring or non-spring Artifacts/GIT Repository. This comprehensive analysis aims to derive valuable insights, findings, and recommendations, ultimately resulting in a detailed report that focuses on specific aspects of the Tanzu Hub product.
- SpringArtifactMetadataThis represents meta data for an Spring artifact. This meta data will be enriched by different assessments, where each assessment will add some information to the metadata
- SpringArtifactMetadataVersionSpring Artifact Metadata version
- SpringArtifactRecommendationAssessment recommendations based on the Artifact Metadata, contributing to other tanzu hub products upsell."
- SpringArtifactRepositoryRepository can be a git repository or just folder structure where source code is present. User will be generating the SBOM or library libraryDependency file from the source code repository.
- SpringArtifactRepositoryEndpointRepresents an endpoint that can be used access one or more repositories. Eg. gitlab.eng.vmware.com As of now we are only supporting PRIVATE repositories, so there is no need to configure credentials in SAAS. PUBLIC will be supported in next phase
- SpringArtifactRepositoryVersionSpring Artifact Repository commit information capturing repository snapshot
- SpringArtifactSBOMRepresents a software bundle or unit. This is a hierarchical structure where one package may have other packages as dependencies.
- SpringArtifactVulnerabilityRepresents a software vulnerability that can be exploited
- SpringPolicySpring policy
- TacCatalogA catalog resource represents a set of curated applications available for installation through Tanzu Application Catalog (TAC) for a given organization. Most resources extends graphql built-in Node type because they represent a persisted object in the TAC domain storage.
- TacCatalogItemRepresents a specific versioned release an installable package available through VMware Application Catalog. For example, version "6.1.0", revision 7 Also known as "Product" in TAC terminology
- TanzuHubPolicyHub policy
- TanzuHubPolicyEditInputPolicy input for editing
- TanzuHubPolicyRunPolicy run created after policy evaluation
- TanzuHubPolicyUpdateFailurenull
- UserUser type. Users are defined in CSP and this type has fields from CSP together with additional semantics from Ensemble
- UserInterestScore Represent User's Interest Score in a entity
- _CatalogFederatednull
- _CatalogItemFederatednull
- _NotificationRulePrivatenull
- _NotificationTargetPrivatenull
- _NotificationTargetTypePrivatenull