
1145 lines
35 KiB
Raw Normal View History

enum AffinityRuleType {
input AffinityRule {
key: String
type: AffinityRuleType
value: String
type MantaLocation {
manta_url: String
image_path: String
manifest_path: String
# todo: get source for this
enum NicState {
# Logical networks are used both on head nodes and compute nodes, and are associated with physical interfaces by using a system called NIC Tags
type NIC {
# NIC's IPv4 address
ip: String
# NIC's MAC address
mac: String
# Whether this is the instance's primary NIC
primary: Boolean
# IPv4 netmask
netmask: String
# IPv4 gateway
gateway: String
# Describes the state of the NIC (e.g. provisioning, running, or stopped)
state: NicState
# The NIC's network id
network: Network
# Logical networks in Triton model core network configurations to enable Triton to define Virtual Network Interfaces and IP addresses for instances
type Network {
# Unique id for this network
id: ID
# The network name
name: String
# Whether this a public or private (rfc1918) network'
public: Boolean
# Whether this network is created on a fabric'
fabric: Boolean
# Description of this network
description: String
# A CIDR formatted string that describes the network'
subnet: String
# The first IP on the network that may be assigned'
provision_start_ip: String
# The last IP on the network that may be assigned'
provision_end_ip: String
# Optional Gateway IP address'
gateway: String
# Optional Resolver IP addresses'
resolvers: [String]
# Optional Static routes for hosts on this network'
routes: [KeyValue]
# Provision internet NAT zone on gateway address',
internet_nat: Boolean
type VLAN {
# A number from 0-4095 that indicates the VLAN's id
id: ID
# A unique name to identify the VLAN
name: String
# An optional description of the VLAN
description: String
type FirewallRule {
# Unique identifier for this rule
id: ID
# Indicates if the rule is enabled
enabled: Boolean
# Firewall rule
rule: String
# Indicates if the rule is global
global: Boolean
# Human-readable description for the rule
description: String
# Lists all instances a firewall rule is applied to
machines: [Machine]
enum CallerType {
type Caller {
# Authentication type for the action request
type: CallerType
# When the authentication type is BASIC, this member will be present and include user login
user: String
# When the authentication type is BASIC, this member will be present and include user login
ip: String
# When authentication type is either SIGNATURE or TOKEN, SSH key identifier
keyId: String
type Action {
# The name of the action
name: String
# The original set of parameters sent when the action was requested
parameters: [KeyValue]
# `true` or `false`, depending on the action's success
success: Boolean
# Account requesting the action
caller: Caller
# When the action finished
time: String
enum SnapshotState {
type Snapshot {
# The name of this snapshot
name: ID
# The current state of the snapshot
state: SnapshotState
enum MachineState {
# An image contains the software packages that will be available on newly-provisioned instance. In the case of hardware virtual machines, the image also includes the operating system
type Machine {
# Unique id for this instance'
id: ID
# The "friendly" name for this instance'
name: String
# The type of instance (e.g. lx)'
brand: Brand
# The current state of this instance (e.g. running)'
state: MachineState
# The image id this instance was provisioned with'
image: Image
# The amount of RAM this instance has (in MiB)'
memory: Int
# The amount of disk this instance has (in MiB)'
disk: Int
# Any additional metadata this instance has',
# Name of metadata value to retrieve
name: String
): [KeyValue]
# The complete set of tags associated with this machine
# Name of tag value to retrieve
name: String
): [KeyValue]
# When this instance was created
created: String
# When this instance's details was last updated
updated: String
# Whether this instance is a Docker container, if present
docker: Boolean
# The IP addresses this instance has
ips: [String]
# The networks of the nics this instance has
networks: [Network]
# IP address of the primary nic of this instance
primary_ip: String
# Whether firewall rules are enforced on this instance
firewall_enabled: Boolean
# List of FirewallRules affecting this machine
# Unique identifier for this rule
id: ID
): [FirewallRule]
# UUID of the server on which the instance is located
compute_node: ID
# The id or name of the package used to create this instance
package: Package
# The snapshots based on this instance
# Snapshot name
name: String
): [Snapshot]
# Provides a list of an instance's accomplished actions. Results are sorted from newest to oldest action
actions: [Action]
type Package {
# Unique id for this package
id: ID
# The "friendly" name for this package
name: String
# How much memory will by available (in MiB)
memory: Int
# How much disk space will be available (in MiB)
disk: Int
# How much swap space will be available (in MiB)
swap: Int
# Maximum number of light-weight processes (threads) allowed
lwps: Int
# Number of vCPUs for this package
vcpus: Int
# The version of this package
version: String
# The group this package belongs to
group: String
# A human-friendly description about this package
description: String
enum ImageErrorCode {
# This typically means that the target KVM VM (e.g. Linux) has old guest
# tools that pre-date the image creation feature. Guest tools can be upgraded
# with installers at Other
# possibilities are: a boot time greater than the 5 minute timeout or a bug
# or crash in the image preparation script.
# Origin image data could not be found for the VM. Either the link to the image from which the VM was created has been broken (e.g. via 'zfs promote' or migration, see SYSOPS-6491) or there is some problem in either the 'image_uuid' value from vmadm get or in imgadm's DB of manifest info for that image.
# Indicates an error due to functionality that isn't currently supported. One example is that custom image creation of a VM based on a custom image isn't currently supported.
# An object providing details on failure of some asynchronous image action. Currently this is used during CreateImageFromVm. It is only present with state == 'failed'
type ImageError {
code: ImageErrorCode
# A short description of the image creation failure
message: String
# The current state of the image
enum ImageState {
# The image is ready for use, i.e. VMs can be provisioned using this image.
# The image has not yet been activated. See ActivateImage.
# The image is disabled. This will be the state if the image is activated, but also disabled == true. See EnableImage and DisableImage.
# A state for a placeholder image while an image is being asynchronously created. This is used during CreateImageFromVm.
# A state for a placeholder image indicating that asynchronous image creation failed. See the error field for details.
# The type of file compression used by an image file
enum ImageFileCompression {
type ImageFile {
# SHA-1 hex digest of the file content. Used for upload/download corruption checking.
sha1: ID
# Number of bytes. Maximum 20GiB. This maximum is meant to be a "you'll never hit it" cap, the purpose is to inform cache handling in IMGAPI servers.
size: Int
# The type of file compression used by the file. One of 'bzip2', 'gzip', 'none'.
compression: ImageFileCompression
# Optional. The ZFS internal unique identifier for this dataset's snapshot (available via zfs get guid SNAPSHOT, e.g. zfs get guid zones/f669428c-a939-11e2-a485-b790efc0f0c1@final). If available, this is used to ensure a common base snapshot for incremental images (via imgadm create -i) and VM migrations (via vmadm send/receive).
dataset_guid: ID
# Only included if ?inclAdminFields=true is passed to GetImage/ListImages. The IMGAPI storage type used to store this file.
stor: String
# Brands are related to the type of virtualization used among other factors
enum Brand {
# A grouping of various requirements for provisioning a VM with this image
type ImageRequirements {
# An array describing the minimum number of network interfaces
networks: [Network]
# Defines the SmartOS "brand" that is required to provision with this image
brand: Brand
# A boolean indicating that provisioning with this image requires that an SSH public key be provided
ssh_key: Boolean
# `min_ram` is an integer number of MiB specifying the minimum RAM required to provision this image
min_ram: Int
# `max_ram` is an integer number of MiB specifying the maximum RAM this image may provisioned with
max_ram: Int
# `min_platform` defines the minimum required SmartOS platform on which this image can be used (and hence in SDC on which it will be provisioned)
min_platform: [KeyValue]
# `max_platform` defines the maximum allowed SmartOS platform on which this image can be used (and hence in SDC on which it will be provisioned)
max_platform: [KeyValue]
# The type of the image file
enum ImageType {
# a ZFS dataset used to create a new SmartOS zone
# a dataset used to create a Lx-brand zone
# a KVM virtual machine image
# a Docker image
# an image that serves any other specific purpose
# The operating system of the image file
enum ImageOS {
# SmartOS
# Linux, e.g. CentOS, Ubuntu, etc.
# A Microsoft Windows OS image
# FreeBSD/netBSD
# Illumos
# A catch-all for other operating systems
# An image contains the software packages that will be available on newly-provisioned instance. In the case of hardware virtual machines, the image also includes the operating system
type Image {
# Unique id for this image
id: ID
# The "friendly" name for this image'
name: String
# The underlying operating system for this image'
os: ImageOS
# The version for this image'
version: String
# What kind of image this is. The values differ after v8.0.0+
type: ImageType
# Contains a grouping of various minimum requirements for provisioning an instance with this image. For example "password" indicates that a password must be provided
requirements: ImageRequirements
# The URL for a web page with more detailed information for this image
homepage: String
# An array of image files that make up each image. Currently only a single file per image is supported
files: [ImageFile]
# The time this image has been made publicly available
published_at: String
# The UUID of the user who owns this image
owner: ID
# Indicates if this image is publicly available
public: Boolean
# The current state of the image. One of "active", "unactivated", "disabled", "creating", "failed"
state: ImageState
# An object of key/value pairs that allows clients to categorize images by any given criteria
tags: [KeyValue]
# URL of the End User License Agreement (EULA) for the image
eula: String
# Access Control List. An array of account UUIDs given access to a private image. The field is only relevant to private images
acl: [User]
# If state==FAILED, resulting from CreateImageFromMachine failure, then there may be an error object of the form {"code": "<string error code>", "message": "<string desc>"}
error: ImageError
type Datacenter {
# Location of the datacenter
name: String
url: String
input KeyValueInput {
name: String!
value: String!
type KeyValue {
id: ID!
name: String!
value: String!
# Policies are lists of rules that describe access to resources
type Policy {
# Unique id for this policy
id: ID
# The policy name
name: String
# One or more Aperture sentences applying to the policy
rules: [String]
# A description for this policy
description: String
# Roles are lists of users and policies. Roles describe which users are allowed access according to the policies
type Role {
# Unique id for this role
id: ID
# The role name
name: String
# This account's policies which this role obeys
policies: [Policy]
# This account's user logins this role applies to
members: [User]
# This account's user logins this role applies to by default
default_members: [User]
type Key {
# Name for this key
name: String
# Key fingerprint
fingerprint: String
# Public key in OpenSSH format
value: String
type User {
# Unique id for this user/account
id: ID
# Account/Sub-user login name
login: String
# Email address
email: String
company_name: String
first_name: String @fake(type: firstName)
last_name: String
address: String
postal_code: String
city: String
state: String
country: String
phone: String
# When this user/account was created
created: String
# When this user/account's details was last updated
updated: String
# true if Triton CNS is enabled for account
triton_cns_enabled: Boolean
# lists all public keys we have on record for the specified account user
# name of the key to filter
name: String
): [Key]
type Query {
# Retrieves your account details
account: User
# Lists all public keys we have on record for the specified account
# only retrieve keys from specified username
login: String
# name of the key to filter
name: String
): [Key]
# Retrieves the record for an individual key
# name of the key to retrieve
name: String!
# only retrieve keys from specified username. required for sub-users
login: String
): Key
# Returns a list of an account's user objects
# user id to filter
id: ID
): [User]
# Get one user for an account
# username of user to filter
id: ID!
): User
# Returns an array of account roles
# filter by role `id`
id: ID
# filter by role `name`
name: String
): [Role]
# Get an account role (`:role`) by `id` or `name`
# retrieve role with `id`
id: ID
# retrieve role with `name`
name: String
): Role
# Retrieves a list of account policies
# filter by policy `id`
id: ID
): [Policy]
# Get an account policy (`:policy`) by `id`
# retrieve policy with `id`
id: ID!
): Policy
# Outputs configuration for your account
config: [KeyValue]
# Provides a list of all datacenters this cloud is aware of
datacenters: [Datacenter]
# Provides the URL endpoints for services for this datacenter. It is a mapping of service name to URL endpoint.
services: [KeyValue]
# Provides a list of images available in this datacenter
# The id of this image
id: ID
# The "friendly" name for this image
name: String
# The underlying operating system for this image
os: ImageOS
# The version for this image
version: String
# Filter public/private images
public: Boolean
# Filter on image state. By default only active images are shown. Use ALL to list all images
state: ImageState
# Filter on owner UUID
owner: ID
# Filter on image type
type: ImageType
): [Image]
# Gets an individual image by id
# Unique id of this image
id: ID
): Image
# Provides a list of packages available in this datacenter
# The id of for this package
id: ID
# The "friendly" name for this package
name: String
# How much memory will by available (in MiB)
memory: Int
# How much disk space will be available (in MiB)
disk: Int
# How much swap space will be available (in MiB)
swap: Int
# Maximum number of light-weight processes (threads) allowed
lwps: Int
# Number of vCPUs for this package
vcpus: Int
# The version of this package
version: String
# The group this package belongs to
group: String
): [Package]
# Gets a package by `name` or `id`
# The id of for this package
id: ID
): Package
# Lists all instances we have on record for your account
# The id of for this machine
id: ID
# The type of instance (e.g. lx)
brand: Brand
# Machine name to find (will make your list size 1, or 0 if nothing found)
name: String
# Image id; returns instances provisioned with that image
image: ID
# The current state of the instance (e.g. running)
state: MachineState
# The current size of the RAM deployed for the instance (in MiB)
memory: Int
# Include destroyed and failed instances available in instance history
tombstone: Boolean
# Return a max of N instances; default is 1000 (which is also the maximum allowable result set size)
limit: Int
# Get a limit number of instances starting at this offset
offset: Int
# Whether to only list Docker instances, or only non-Docker instances, if present. Defaults to showing all instances
docker: Boolean
# Whether to include the generated credentials for instances, if present. Defaults to false
credentials: Boolean
# An arbitrary set of tags can be used for querying
tags: [KeyValueInput]
): [Machine]
# Gets the details for an individual instance. Deleted instances are returned only if the instance history has not been purged from Triton
# The id of for this machine
id: ID
): Machine
# Lists all snapshots taken for a given machine
# Snapshot id
name: ID
# Machine id
machine: ID!
): [Snapshot]
# Gets the state of the named snapshot
# Machine id
machine: ID!
# Snapshot name
name: String!
): Snapshot
# Returns the complete set of metadata associated with a given machine
# Machine id
machine: ID!
# Whether or not to return instance credentials. Defaults to false
credentials: Boolean
# Name of metadata value to retrieve
name: String
): [KeyValue]
# Gets the state of the named snapshot
# Machine id
machine: ID!
# Name of metadata value to retrieve
name: String
): KeyValue
# Returns the complete set of tags associated with this machine
# Machine id
machine: ID!
# Name of tag value to retrieve
name: String
): [KeyValue]
# Returns the value for a single tag on this machine
# Machine id
machine: ID!
# Name of tag value to retrieve
name: String
): KeyValue
# Provides a list of an instance's accomplished actions. Results are sorted from newest to oldest action. Note that the complete audit trail is returned only if the instance history and job records have not been purged from Triton.
# Machine id
machine: ID!
): [Action]
# List all firewall rules for the current account
# Arguments
# id:
# machine:
# Unique identifier for this rule
id: ID
# Machine id
machine: ID
): [FirewallRule]
# Retrieves an individual firewall rule
# Unique identifier for this rule
id: ID!
): FirewallRule
# List all vlans for the current account
# Unique identifier for this vlan
id: ID
): [VLAN]
# Retrieves an individual vlan
# Unique identifier for this vlan
id: ID!
# Lists all of the networks. If the vlan parameter is specified, then only fabric networks are returned
id: ID
# VLAN id
vlan: ID
): [Network]
# Retrieves an individual network rule
id: ID!
# VLAN id
vlan: ID
): Network
# List all the NICs on an instance
# Machine id
machine: ID!
# NIC's MAC address
mac: String
): [NIC]
# Gets a specific NIC on an instance
# Machine id
machine: ID!
# NIC's MAC address
mac: String!
): [NIC]
type Mutation {
# Update your account details
# Email address
email: String
companyName: String
firstName: String
lastName: String
address: String
postalCode: String
city: String
state: String
country: String
phone: String
# Enable or disable the Triton CNS
triton_cns_enabled: Boolean
): User
# Uploads a new OpenSSH key to Triton for use in HTTP signing and SSH.
# User id. Use this for sub-user keys
user: ID
# Name for this key
name: String
# OpenSSH formatted public key
fingerprint: String!
): Key
# Deletes a single SSH key, by name or fingerprint
# User id. Use this for sub-user keys
user: ID
# Name for this key
name: String
# OpenSSH formatted public key
fingerprint: String
): Key
# Creates a new user under an account
# Email address
email: String
# Username
login: String
# Password
password: String
companyName: String
firstName: String
lastName: String
address: String
postalCode: String
city: String
state: String
country: String
phone: String
): User
# Update a user's modifiable properties
id: ID!
login: String
email: String
companyName: String
firstName: String
lastName: String
address: String
postalCode: String
city: String
state: String
country: String
phone: String
): User
# This is a separate rule for password changes, so different policies can be used for an user trying to modify other data, or only their own password
id: ID!
password: String
password_confirmation: String
): User
# Remove a user
deleteUser(id: ID!): User
# Create a new role for your account
# The role's name
name: String
# This account's policies to be given to this role
policies: [ID]
# This account's user logins to be added to this role
members: [ID]
# This account's user logins to be added to this role and have it enabled by default
default_members: [ID]
): Role
# Modifies an account role. Anything but id can be modified
# Role id
id: ID!
# The role's name
name: String
# This account's policies to be given to this role
policies: [ID]
# This account's user logins to be added to this role
members: [ID]
# This account's user logins to be added to this role and have it enabled by default
default_members: [ID]
): Role
# Remove a role
# Role id
id: ID!
): Role
# Creates a new account policy
# The policy name
name: String
# One or more Aperture sentences to be added to the current policy
rules: [String]!
# A description for this policy
description: String
): Policy
# Upgrades an existing account policy. Everything but id can be modified.
# Policy id
id: ID!
# The policy name
name: String
# One or more Aperture sentences to be added to the current policy
rules: [String]
# A description for this policy
description: String
): Policy
# Delete an RBAC policy
# Policy id
id: ID!
): Policy
# Updates configuration values for your account
# ID of the network used for provisioning docker containers
default_network: String
): [KeyValue]
# Delete an image. Caller must be the owner of the image to delete it
# Image id
id: ID
): Image
# Exports an image to the specified Manta path. Caller must be the owner of the image, and the correspondent Manta path prefix, in order to export it
# Arguments
# id:
# Manta path prefix used when exporting the image
manta_path: String!
): MantaLocation
# Create a new custom image from an instance
# The prepared and stopped instance UUID from which the image is to be created
machine: ID!
# The name of the custom image, e.g. "my-image"
name: String!
# The version of the custom image, e.g. "1.0.0"
version: String!
# The image description
description: String
# The image homepage
homepage: String
# The image eula
eula: String
# The image acl
acl: String
# The image tags
tags: [KeyValueInput]
): Image
# Create a new custom image from an instance
# Image id
id: ID!
# The name of the custom image, e.g. "my-image"
name: String!
# The version of the custom image, e.g. "1.0.0"
version: String!
# The image description
description: String
# The image homepage
homepage: String
# The image eula
eula: String
# The image acl
acl: String
# The image tags
tags: [KeyValueInput]
): Image
# Allows you to provision an instance.
# If you do not specify a name, CloudAPI will generate a random one for you. If you have enabled Triton CNS on your account, this name will also be used in DNS to refer to the new instance (and must therefore consist of DNS-safe characters only).
# Your instance will initially be not available for login (Triton must provision and boot it); you can poll [GetMachine]( for its status. When the `state` field is equal to `running`, you can log in. If the instance is a `brand` other than `kvm`, you can usually use any of the SSH keys managed under the [keys section]( of CloudAPI to login as any POSIX user on the OS. You can add/remove keys over time, and the instance will automatically work with that set.
# If the the instance has a brand `kvm`, and of a UNIX-derived OS (e.g. Linux), you must have keys uploaded before provisioning; that entire set of keys will be written out to `/root/.ssh/authorized_keys` in the new instance, and you can SSH in using one of those keys. Changing the keys over time under your account will not affect a running hardware virtual machine in any way; those keys are statically written at provisioning-time only, and you will need to manually manage them on the instance itself.
# If the image you create an instance from is set to generate passwords for you, the username/password pairs will be returned in the metadata response as a nested object, like so:
# ```json
# "metadata": {
# "credentials": {
# "root": "s8v9kuht5e",
# "admin": "mf4bteqhpy"
# }
# }
# ```
# You cannot overwrite the `credentials` key in CloudAPI.
# More generally, the metadata keys can be set either at the time of instance creation, or after the fact. You must either pass in plain-string values, or a JSON-encoded string. On metadata retrieval, you will get a JSON object back.
# Networks can be specified using the networks attribute. If it is absent from the input, the instance will default to attaching to one externally-accessible network (it will have one public IP), and one internally-accessible network from the datacenter network pools. It is possible to have an instance attached to only an internal network, or both public and internal, or just external.
# Be aware that CreateMachine does not return IP addresses or networks. To obtain the IP addresses and networks of a newly-provisioned instance, poll [GetMachine]( until the instance state is `running`.
# Typically, Triton will allocate the new instance somewhere reasonable within the cloud. See [affinity rules]( below for options on controlling server placement of new instances.
# When Triton CNS is enabled, the DNS search domain of the new VM will be automatically set to the suffix of the "instance" record that is created for that VM. For example, if the full CNS name of the new VM would be "", its automatic DNS search path would include "". This can be changed later within the instance, if desired.
# Friendly name for this instance; default is the first 8 characters of the machine id. If the name includes the string {{shortId}}, any instances of that tag within the name will be replaced by the first 8 characters of the machine id.
name: String
# Id of the package to use on provisioning, obtained from ListPackages
package: ID
# The image UUID
image: ID
# Desired networks ids
networks: [ID]
# Optional array of affinity rules
affinity: [AffinityRule]
# An arbitrary set of metadata key/value pairs can be set at provision time, but they must be prefixed with "metadata"
metadata: [KeyValueInput]
# An arbitrary set of tags can be set at provision time, but they must be prefixed with "tag"
tag: [KeyValueInput]
# Completely enable or disable firewall for this instance. Default is false
firewall_enabled: Boolean
): Machine
# Allows you to shut down an instance
# Machine id
id: ID!
): Machine
# Allows you to boot up an instance
# Machine id
id: ID!
): Machine
# Allows you to reboot an instance
# Machine id
id: ID!
): Machine
# Resize an instance to a new package
# Resizing is only supported for containers (instances which are not hardware virtual machines -- they have brand=kvm). Hardware virtual machines cannot be resized. Resizing is not guaranteed to work, especially when resizing upwards in resources. It is best-effort, and may fail. Resizing downwards will usually succeed.
# Machine id
id: ID!
# Package id
package: ID!
): Machine
# Allows you to rename an instance
# Machine id
id: ID!
# Package id
name: String!
): Machine
# Allows you to enable the firewall for an instance
# Machine id
id: ID!
): Machine
# Allows you to take a snapshot of an instance. Once you have one or more snapshots, you can boot the instance from a previous snapshot. Snapshots are not usable with other instances; they are a point-in-time snapshot of the current instance. Snapshots can also only be taken of instances that are not of brand 'kvm'.
# Machine id
id: ID!
name: String
): Snapshot
# If an instance is in the 'stopped' state, you can choose to start the instance from the referenced snapshot. This is effectively a means to roll back instance state.
# Machine id
id: ID!
snapshot: ID!
): Machine
# Deletes the specified snapshot of an instance
# Machine id
id: ID!
snapshot: ID!
): Snapshot
# Allows you to update the metadata for a given instance. Note that updating the metadata via CloudAPI will result in the metadata being updated in the running instance. The semantics of this call are subtly different that the AddMachineTags call -- any metadata keys passed in here are created if they do not exist, and overwritten if they do.
# Machine id
id: ID!
# Metadata key value pairs
metadata: [KeyValueInput]
): Machine
# Deletes a single metadata key from this instance
# Machine id
id: ID!
# Metadata key
key: String!
): String
# Deletes all metadata keys from this instance
# Machine id
id: ID!
): String
# Set tags on the given instance. A pre-existing tag with the same name as one given will be overwritten
# Machine id
id: ID!
# key value pairs
tags: [KeyValueInput]!
): Machine
# Fully replace all tags on an instance with the given tags
# Machine id
id: ID!
# key value pairs
tags: [KeyValueInput]!
): Machine
# Deletes a single tag from this instance
# Machine id
id: ID!
# tag key
tags: [KeyValueInput]!
): Machine
# Deletes all tags from an instance
# Machine id
id: ID!
): Machine
# Allows you to completely destroy an instance
# Machine id
id: ID!
): Machine
# Adds a new firewall rule for the specified account. This rule will be added to all the account's instances where it may be necessary
# Indicates if the rule is enabled (optional, false by default)
enabled: Boolean
# Firewall rule text
rule: String!
# Human-readable description for the rule
description: String
): FirewallRule
# Adds a new firewall rule for the specified account. This rule will be added to all the account's instances where it may be necessary
# Firewall rule id
id: ID!
# Indicates if the rule is enabled (false by default)
enabled: Boolean
# Firewall rule text
rule: String
# Human-readable description for the rule
description: String
): FirewallRule
# Enables the given firewall rule if it is disabled
# Firewall rule id
id: ID!
): FirewallRule
# Disables the given firewall rule if it is enabled
# Firewall rule id
id: ID!
): FirewallRule
# Removes the given firewall rule from all the required instances
# Firewall rule id
id: ID!
): FirewallRule
# Creates a new VLAN on the fabric
# A number from 0-4095 that indicates the VLAN's id
id: Int!
# A unique name to identify the VLAN
name: String!
# An optional description of the VLAN
descritpion: String
# Updates a fabric VLAN
# The VLAN id
id: Int!
# A unique name to identify the VLAN
name: String
# An optional description of the VLAN
descritpion: String
# Deletes the specified VLAN. Note there must be no networks on that VLAN in order for the VLAN to be deleted.
# The VLAN id
id: Int!
# Create Fabric network
# The network name; must be unique
name: String!
# Description of this network
description: String
# A CIDR formatted string that describes the network
subnet: String!
# The first IP on the network that may be assigned
provision_start_ip: String
# The last IP on the network that may be assigned
provision_end_ip: String
# Gateway IP address
gateway: String
# Optional resolver IP addresses
resolvers: [String]
# Optional Static routes for hosts on this network
routes: [KeyValueInput]
# Provision internet NAT zone on gateway address, default is true
internet_nat: Boolean
): Network
# Deletes the specified Network. Note that no instances may be provisioned on the Network
# The network id
id: ID
): Network
# Creates a new NIC on an instance belonging to a given account
# *WARNING*: this causes the instance to reboot while adding the NIC
# Machine id
machine: ID!
# ID of network this NIC should attach to
network: ID!
): NIC
# Removes a NIC on an instance belonging to a given account
# *WARNING*: this causes the instance to reboot while removing the NIC
# Machine id
machine: ID
# NIC mac address
mac: String
): NIC
schema {
query: Query
mutation: Mutation