INTERFACE
Node
Relay-compatible interface implemented by all graph nodes that are expected to be cached / re-fetched by their globally unique ID Non-volatile graph nodes are expected to implement the Node interface. Note that not all types implement the Node interface - types such as Connections and Edges, and volatile query response types are typically not expected to be cached on the client side and thus do not implement the Node interface.
Please see: Global Object Identification
link Require by
- ActionDefinitionnull
- ActionRequestnull
- AriaNotificationTargetDescribes a notification target for Aria
- AriaNotificationTargetTypeDescribes a notification target type for Aria
- ArtifactAssessmentAn analysis done on an artifact is an assessment. An assessment is an operational data that captures user/project visibility information. Domain specific implementation may add to this as appropriate.
- ArtifactAssessmentRecommendationAn assessment may lead to one or more recommendations contributing to other tanzu hub products upsell.
- ArtifactMetadataArtifactMetadata is a container for additional information about an artifact. An artifact represents the files/images used to deploy a runnable resource whether that be an application, container or VM, not the actual running resource. As of now we support ArtifactSBOMInfo as metadata. Domain specific implementation may add more metadata as appropriate
- ArtifactMetadataVersionRepresents version of an artifact metadata. Each version of metadata may have different SBOM (Or any other future metadata) information.
- ArtifactSBOMRepresents a software bundle or unit. This is a hierarchical structure where one package may have other packages as dependencies.
- ArtifactVulnerabilityRepresents a software vulnerability that can potentially be exploited
- ArtifactVulnerabilityEntityDetailsDetails of how a vulnerability affects an Entity
- ArtifactVulnerabilityEntityRelationshipRelationship between a ArtifactVulnerability and Entities
- AuditEventType defining common audit event schema for a mutation
- AuthContextnull
- AuthPermissionnull
- AuthRolenull
- AuthRoleBindingnull
- AuthScopenull
- BuildRunA build run resource represents a single request to build an application
- BuildRunStepA build run log represents a single step in the build process
- CatalogA catalog resource represents a collection of software artifacts
- CatalogItemnull
- ConnectionEdgeRelay-compatible Edge interface. Please see: [GraphQL Cursor Connections Specification](https://relay.dev/graphql/connections.htm)
- ConversationalEventStreamnull
- ConversationalPromptnull
- ConversationalSessionnull
- ConversationalStreamEventThe payload depends on stream's payloadType and can represent for instance graphQL query, graphQL query response, graphql response summary etc
- Dashboardnull
- DashboardDefaultnull
- Document Federation via Document Query
- EntityPrimary Entity type in the graph, implementing the individual EntityNode interface and with additional fields permitting traversals to other entities in the entity topology and to access other graph nodes with information related to the entity.
- EntityChangeLogEntrynull
- EntityNodeBare Entity type, implementing the individual EntityNode interface, but without the ability to traverse to other Entities or other graph nodes containing information about the Entity. This type may be used in situations such as notifications where it is not possible to navigate the graph from the Entity information.
- EntityNodeInterface ==================== File contents from entity.graphqls
- EntityRelationshipA typed relationship between two Entity instances
- EntityRelationshipNodenull
- EntityRelationshipNodeInterfacenull
- EntitySchema ==================== File contents from entity_schema.graphqls
- EventGroupRecordnull
- EventRecordnull
- EventsNotificationRulenull
- ExceptionGroupRecordnull
- ExceptionRecordnull
- FindingDescribes a Finding
- FindingNotificationRulenull
- FindingNotificationTargetDescribes a Notification Target
- FindingNotificationTargetTypeDescribes a Finding Target Type method
- FindingReportReport metadata.
- FindingReportConfigurationReport Configuration.
- FindingSuppressionDescribe a finding suppression
- FindingSuppressionTemplateDescribe a finding suppression template
- FinOpsAwsAccountDetails of an AWS Account. For m1b milestone we will have this type "FinOpsAwsAccount" untill TanzuHub AWS accounts are synced to Hub. Once accounts are synced to Hub, this will be replaced with ManagementEndpoint
- FinOpsAzureSubscriptionDetails of an Azure Subscription. We will have this type "FinOpsAzureSubscription" until Cost Azure accounts are synced to Hub. Once accounts are synced to Hub, this will be replaced with ManagementEndpoint
- FinOpsCloudCostSmartSummaryEventA Cloud Cost Smart Summary event object
- FinOpsCostAnomalyCost anomaly metadata.
- FinOpsCostAnomalyFeedbackUser feedback for the anomaly.
- FinOpsDatasetSchemanull
- FinOpsDatasetSummarynull
- FinOpsRightsizingRecommendationDetails of Rightsizing recommendation
- FinOpsSpendBasedDiscountOpportunitynull
- FinOpsUsageBasedDiscountOpportunitynull
- GuardrailsAccountStateGuardrails representation for an account state. All top level fields like name, description, accountStateType, accountStateProvider will be removed in future and will be coming from ManagementEndpoint. JIRA for the same VRAE-35809.
- GuardrailsDesiredStateIt is a combination of a guardrail template with required input parameters as well as the credentials metadata required to create infrastructure and enforce policies on the same. Guardrails DesiredState can be run on-demand, or on a pre-defined schedule, or in response to an event
- GuardrailsDesiredStateRunGuardrailsDesiredStateRun - It is a point-in-time instance of guardrails desired state run.
- GuardrailsDesiredStateRunResponseencapsulation of one or more runs resulting from a desired state being run
- GuardrailsEnforcedStateRepresents state that is enforced
- GuardrailsRemediationActionAction is a definition of which remediation Job is run when certain criteria are met
- GuardrailsRemediationCriteriaCriterion defines a single condition a finding should met to trigger a remediation Job
- GuardrailsRemediationRuleGuardrails Remediation Rules type
- GuardrailsRemediationRunsDefine the 'RemediationRuns' type. Run is single remediation Job execution
- GuardrailsTargetExpressionA Guardrails target expression is used to identify target accounts. This can static
- GuardrailsTemplateGuardrailsTemplate - It is a collection of guardrail states as code including landing zone, preventive guardrails, detective guardrails, all expressed as code.
- GuardrailsWorkerGroupnull
- GuardrailsWorkerGroupCloudAccountnull
- GuardrailsWorkerGroupJobsGuardrails Worker Group jobs type
- GuardrailsWorkerGroupLogTODO need to enhance logs
- GuardrailsWorkerGroupWorkerGuardrails Worker Group Worker Edge Type.
- HubArtifactSbomInfonull
- HubArtifactVulnerabilitynull
- HubPolicyHub policy
- HubPolicyRunPolicy run created after policy evaluation
- Insightnull
- InsightChangeLogEntryInsight change log entry
- InsightConfigurationInsightConfiguration type. InsightConfiguration is aggregated configurations per tenant
- InsightCorrelationRuleInsightCorrelationRule type. InsightCorrelationRule are rules used to correlate Observations and create Insights
- InsightNotificationRulenull
- InsightRuleBase Interface for insight rules
- KubernetesCapabilityRepresents a capability which is a list of GVKs (CRDs) and is either provided or required by a package. This node is an entry from the cartesian product of capabilities and packages.
- KubernetesCapabilityInstallRepresents a specific installation of a capability.
- KubernetesKindAgentTargetnull
- KubernetesKindAvailabilityTargetAvailabilityTarget is the Schema for the availabilitytargets API
- KubernetesKindBindableResourceDefinition of a bindable resource
- KubernetesKindBuildConfigurationBuildConfiguration is the Schema for the buildconfiguaration API
- KubernetesKindCertificateProviderCertificateProvider is the Schema for the certificateproviders API
- KubernetesKindClassClaimClassClaim is the Schema for the classclaims API
- KubernetesKindClusterGroupClusterGroup is the schema for the ClusterGroup API
- KubernetesKindClusterRoleClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding.
- KubernetesKindClusterRoleBindingClusterRoleBinding references a ClusterRole, but not contain it. It can reference a ClusterRole in the global namespace, and adds who information via Subject.
- KubernetesKindClusterSyncResourceSetSyncResourceSet is the Schema for the ClusterSyncResourceSets API
- KubernetesKindConfigMapConfigMap holds configuration data for pods to consume.
- KubernetesKindContainerAppContainerApp is the Schema for the containerapps API
- KubernetesKindContainerAppBuildPlanContainerAppBuildPlan is the Schema for the containerappbuildplan API
- KubernetesKindCredentialCredential is the Schema for the credentials API
- KubernetesKindDNSProvidernull
- KubernetesKindDomainnull
- KubernetesKindDomainBindingDomainBinding CRD defines the connection between a Domain and a Space
- KubernetesKindEgressPointEgressPoint is the Schema for the egresspoints API
- KubernetesKindEKSClusterEKSCluster is the Schema for the EKSCluster API
- KubernetesKindEKSNodepoolEKSNodepool is the Schema for the EKSNodepool API
- KubernetesKindEKSOptionEKSOption is the Schema for the EKSOption API
- KubernetesKindEventEvent is a report of an event somewhere in the cluster.
- KubernetesKindEvictionEviction evicts a managed namespace from its scheduled cluster subject to space disruption budget
- KubernetesKindHealthProbeHealthProbe is the Schema for the HealthProbe API
- KubernetesKindHTTPRouteHTTPRoute provides a way to route HTTP requests. This includes the capability to match requests by hostname, path, header, or query param. Filters can be used to specify additional processing steps. Backends specify where matching requests should be routed.
- KubernetesKindKubernetesClusterKubernetesCluster is the Schema for the KubernetesCluster API
- KubernetesKindLimitRangeLimitRange sets resource usage limits for each kind of resource in a Namespace.
- KubernetesKindManagedNamespaceManagedNamespace is the Schema for the managednamespaces API
- KubernetesKindManagedNamespaceSetManagedNamespaceSet is the Schema for the managednamespacesets API
- KubernetesKindNamespaceNamespace provides a scope for Names. Use of multiple namespaces is optional.
- KubernetesKindNetworkNeighborSetNetworkNeighborSet is the Schema for the networkneighborsets API
- KubernetesKindPackagenull
- KubernetesKindPackageInstallA Package Install is an actual installation of a package and its underlying resources on a Kubernetes cluster. It is represented in kapp-controller by a PackageInstall CR. A PackageInstall CR must reference a Package CR.
- KubernetesKindPackageMetadatanull
- KubernetesKindPackageRepositoryA package repository is a collection of packages and their metadata. Similar to a maven repository or a rpm repository, adding a package repository to a cluster gives users of that cluster the ability to install any of the packages from that repository.
- KubernetesKindPodSecurityPolicyPodSecurityPolicy is the Schema for the PodSecurityPolicy API.
- KubernetesKindPreProvisionedServiceDescribes a pre-provisioned service instance
- KubernetesKindProfilenull
- KubernetesKindProjectnull
- KubernetesKindRoleRole is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding.
- KubernetesKindRoleBindingRoleBinding references a role, but does not contain it. It can reference a Role in the same namespace or a ClusterRole in the global namespace. It adds who information via Subjects and namespace information by which namespace it exists in. RoleBindings in a given namespace only have effect in that namespace.
- KubernetesKindSecretSecret holds secret data of a certain type. The total bytes of the values in the Data field must be less than MaxSecretSize bytes.
- KubernetesKindSecretExportnull
- KubernetesKindServiceAccountServiceAccount binds together: * a name, understood by users, and perhaps by peripheral systems, for an identity * a principal that can be authenticated and authorized * a set of secrets
- KubernetesKindServiceBindingServiceBinding is the Schema for the servicebindings API
- KubernetesKindSpaceSpace is the Schema for the spaces API
- KubernetesKindSpaceDisruptionBudgetSpaceDisruptionBudget is the Schema for the spacedisruptionbudget API
- KubernetesKindSpaceOutputSpaceOutput is the Schema for the spaceoutputs API
- KubernetesKindSpringCloudGatewayMappingnull
- KubernetesKindSpringCloudGatewayRouteConfignull
- KubernetesKindSyncResourceSetSyncResourceSet is the Schema for the SyncResourceSets API
- KubernetesKindTraitnull
- KubernetesPackageCatalogA catalog represents a collection of installable package definitions.
- KubernetesPackageCatalogItemRepresents a specific versioned release an installable package
- KubernetesResourceGeneric Kubernetes resource
- KubernetesResourceInterfaceApplication Engine Resource Interface
- KubernetesResourceKindDefinition of a resource kind
- LogRecordnull
- LogSchemanull
- ManagementEndpointA management endpoint is an abstraction of the place to which to connect to monitor/manage a system. In the public cloud world this can be considered as an "account" (AWS), "subscription" (Azure), or "project" (GCP). In the on-prem vCenter / VMX world a management endpoint can refer to a vCenter or NSX-Manager instance and its URL. In order to support other management endpoints in the future, the management endpoint is considered a point through which a system, with its discovered entities, can be monitored and/or managed.
- ManagementEndpointCollectorManagementEndpointCollector represents collector metadata for various kinds of collectors, Kubernetes is the supported collector type currently.
- ManagementEndpointCredentialCredential - holds credential information that can be used to access one or more cloud accounts.
- ManagementEndpointCredentialBrokerManagement Endpoint Credential Broker represents credential broker deployment and it's metadata.
- ManagementEndpointCredentialUsageNodeManagement endpoint credential usage information
- ManagementEndpointDiscoveredNodeDiscovered node represents a node in the organisation structure discovered for a root account. A node can either represent an account group or an actual account. The differentiation between account group and account can be made on the basis of entity type.
- NetworkEntityFlowCountByFlowTypeEntrydescribes an entity to destination flow count
- NotificationRulenull
- NotificationTargetDescribes a notification target
- NotificationTargetTypeDescribes a notification target type
- ObservabilityAlertObservability Alert to trigger Alerts on metrics/logs
- ObservabilityAlertNotificationRulenull
- ObservabilityLogAlertObservability Log Alert to trigger Alerts on logs
- ObservabilityMetricAlertObservability Metric Alert to trigger Alerts on metrics
- ObservabilityRunbookTroubleshooting steps for an observability alert
- ObservationA point-in-time observation about the state of something in the system which may interest our insight service
- ObservationMappingRuleObservationMappingRule type. ObservationMappingRule specifies how to map an alert from generic source to Observation object, along with paired alert template used to configure external monitor tool webhook. Paired alert template is a convenience to user, API doesn't enforce its presence, because if user has other ways to send alerts, so long as alert content conforms to spec, it can be mapped to Observation.
- ObservationTaggingRuleTaggingRule type. TaggingRules are rules used to add user-defined tags to Observations based on rule conditions.
- ObservationTagOccurrenceAn entity to keep metadata of a tag
- Repository Represents a repository available for a given repository endpoint Eg. cmbu/guardrails-service
- RepositoryEndpointRepresents an endpoint that can be used access one or more repositories. Eg. gitlab.eng.vmware.com Example providers (gitlab, github). Concrete implementation would also add other details like credentials to this as applicable.
- RepositoryVersionRepresents commit information for a repository. For a git repository this would be commit id
- SecurityAlertnull
- SecurityChangeLognull
- SecurityControlDescribes a security control
- SecurityFindingDescribes a security finding
- SecurityFindingsSourceDescribes a security findings source
- SecurityFindingsSourceMethodInfoDescribes a security Findings Source method
- SecurityFrameworkDescribes a security framework
- SecurityGroupDescribes security group
- SecurityIntegrationDescribes a security integration
- SecurityIntegrationMethodInfoDescribes a security integration method
- SecurityPolicyImpactedEntityRelationshipnull
- SecurityReportReport metadata.
- SecurityReportConfigurationReport Configuration.
- SecurityRulenull
- SecuritySuppressionDescribe a security suppression
- SecuritySuppressionsTemplateDescribe a security suppression template
- SpringArtifactAssessmentAssessment is systematically evaluating and appraising a Spring or non-spring Artifacts/GIT Repository. This comprehensive analysis aims to derive valuable insights, findings, and recommendations, ultimately resulting in a detailed report that focuses on specific aspects of the Tanzu Hub product.
- SpringArtifactMetadataThis represents meta data for an Spring artifact. This meta data will be enriched by different assessments, where each assessment will add some information to the metadata
- SpringArtifactMetadataVersionSpring Artifact Metadata version
- SpringArtifactRecommendationAssessment recommendations based on the Artifact Metadata, contributing to other tanzu hub products upsell."
- SpringArtifactRepositoryRepository can be a git repository or just folder structure where source code is present. User will be generating the SBOM or library libraryDependency file from the source code repository.
- SpringArtifactRepositoryEndpointRepresents an endpoint that can be used access one or more repositories. Eg. gitlab.eng.vmware.com As of now we are only supporting PRIVATE repositories, so there is no need to configure credentials in SAAS. PUBLIC will be supported in next phase
- SpringArtifactRepositoryVersionSpring Artifact Repository commit information capturing repository snapshot
- SpringArtifactSBOMRepresents a software bundle or unit. This is a hierarchical structure where one package may have other packages as dependencies.
- SpringArtifactVulnerabilityRepresents a software vulnerability that can be exploited
- SpringPolicySpring policy
- TacCatalogA catalog resource represents a set of curated applications available for installation through Tanzu Application Catalog (TAC) for a given organization. Most resources extends graphql built-in Node type because they represent a persisted object in the TAC domain storage.
- TacCatalogItemRepresents a specific versioned release an installable package available through VMware Application Catalog. For example, version "6.1.0", revision 7 Also known as "Product" in TAC terminology
- TanzuHubPolicyHub policy
- TanzuHubPolicyRunPolicy run created after policy evaluation
- UserUser type. Users are defined in CSP and this type has fields from CSP together with additional semantics from Ensemble
- UserInterestScore Represent User's Interest Score in a entity
- _CatalogFederatednull
- _CatalogItemFederatednull
- _NotificationRulePrivatenull
- _NotificationTargetPrivatenull
- _NotificationTargetTypePrivatenull