openapi: 3.1.0 info: title: SP Interconnect Manage APIs version: '1.0' description: "These APIs provide the administrative tools necessary to configure and manage the lifecycle of Service Provider (SP) Interconnects \nand virtual VlanAttachments within the management plane. They enable administrators to establish private, secure bridges between Service Providers \nand Prisma Access to bypass public cloud backbones. Use these tools during initial deployment or regional expansion to provision high-capacity physical and virtual links. \nBy submitting specific interconnect requests, you can manage bandwidth allocations and routing parameters to ensure secure, dedicated connectivity for your global infrastructure. This spec was created on February 13, 2026. © 2026 Palo Alto Networks, Inc." paths: /mt/sp-interconnect/interconnects: get: tags: - Interconnect summary: Palo Alto Networks Retrieve All Interconnects description: Access a complete inventory of Service Provider Interconnects configured within the multi-tenant environment. This inventory resides in the management plane and allows administrators to audit existing connectivity across AWS and GCP providers. Use this during system audits or when mapping regional resource availability to verify that backbones align with tenant requirements. Query parameters facilitate targeted searches by including default interconnects or expanding associated tenant data. parameters: - name: includeDefaultInterconnect in: query schema: type: boolean example: false - name: includeTenantsAssociated in: query schema: type: boolean example: false responses: '200': description: Success content: application/json: examples: Get interconnects: value: data: - cloudProvider: GCP id: 1689a56a-9386-40b5-aa9a-0cebad2650d8 name: new-ic partnerEmail: acme@abc.com partnerName: acme permittedActions: [] region: us-west2 regionDisplayName: US Southwest status: INACTIVE tenantActivationCount: 0 tenantType: MT_ROOT tsgId: '1669501385' type: PARTNER usage: SHARED vlanAttachments: - bfdEnabled: false bgpPeerAsn: 9493 bgpPeerBfdSessionInitMode: DISABLED bgpPeerMd5AuthEnabled: false createTime: 1758576695399 edgeAvailability: AVAILABILITY_DOMAIN_2 id: d06a04c9-b6aa-4e40-8722-cfee46fc786c msg: Error getting network from gcp,Not Found name: test-2 permittedActions: - DELETE_CONNECTION stackType: IPV4_ONLY state: CREATE_VLAN_ATTACHMENT_FAILED status: INACTIVE tenantCount: 0 updateTime: 1758576779732 - cloudProvider: GCP id: 9fbb3e68-1760-4447-a8fa-381a28208477 name: sp-auto-pt partnerEmail: sp@example.com partnerName: equinix permittedActions: [] region: europe-southwest1 regionDisplayName: Andorra rootTsgId: '1669501385' status: DELETING tenantActivationCount: 0 tenantId: '1033430256' tenantType: MT_CHILD tsgId: '1021202872' type: PARTNER usage: PER_TENANT requestId: f6d99966-f98e-484d-a4f2-74237eaf79ab Get AWS interconnects: value: data: - cloudProvider: AWS id: 424f9837-68b3-11f0-92e9-4201ac16024e name: aws-ic-east partnerEmail: ops@company.com partnerName: company-ops permittedActions: - DELETE_BACKBONE region: us-east-1 regionDisplayName: US East status: ACTIVE tenantActivationCount: 5 tenantType: MT_ROOT tsgId: '1669501385' type: PARTNER usage: SHARED vlanAttachments: - awsAccountId: '123456789012' awsConnectionName: dx-connection-1 bandwidth: BPS_1G bgpPeerAsn: 65001 bgpPeerBfdSessionInitMode: ACTIVE bgpPeerMd5AuthEnabled: true createTime: 1758576695376 edgeAvailability: AVAILABILITY_DOMAIN_1 id: aa465af0-d241-4097-8ee6-31b1c29924f7 name: aws-vlan-1 permittedActions: - DELETE_CONNECTION stackType: IPV4_ONLY state: ACTIVE status: ACTIVE tenantCount: 3 updateTime: 1758576695404 requestId: b66e6d42-0af3-4b92-8ef9-1be242ded8f3 '500': description: Server Error operationId: GetMtSp-interconnectInterconnects x-microcks-operation: delay: 0 dispatcher: FALLBACK post: tags: - Interconnect summary: Palo Alto Networks Create New Interconnect description: Provision a top-level Interconnect resource to serve as the logical container for all subsequent virtual connectivity. This resource creates a private bridge between a Service Provider and Prisma Access to bypass public internet routes. Initialize this when onboarding a new region or establishing isolated per-tenant infrastructure for high-compliance environments. Provide the cloud provider, region, and usage model (SHARED or PER_TENANT) along with partner contact details to begin the automated setup process. requestBody: content: application/json: schema: $ref: '#/components/schemas/InterconnectRequest' examples: Create GCP Partner Interconnect: value: name: new-ic region: us-west2 partnerName: acme partnerEmail: acme@abc.com usage: SHARED cloudProvider: GCP type: PARTNER vlanAttachment: name: test bgpPeerAsn: 9493 bgpPeerBfdSessionInitMode: DISABLED stackType: IPV4_ONLY bgpPeerMd5AuthEnabled: false Create AWS Partner Interconnect: value: name: aws-ic region: us-east-1 partnerName: equinix partnerEmail: sp@equinix.com usage: SHARED cloudProvider: AWS type: PARTNER vlanAttachment: name: aws-conn-1 bgpPeerAsn: 65001 bgpPeerBfdSessionInitMode: ACTIVE bgpPeerBfdMinTransmitInterval: 1000 bgpPeerBfdMinReceiveInterval: 1000 bgpPeerBfdMultiplier: 5 Create GCP Dedicated Interconnect: value: name: ded-ic region: us-west2 partnerName: datacenter-ops partnerEmail: ops@datacenter.com usage: SHARED cloudProvider: GCP type: DEDICATED vlanAttachment: name: ded-vlan-1 bgpPeerAsn: 16363 bgpPeerBfdSessionInitMode: ACTIVE bandwidth: BPS_10G bgpPeerMd5AuthEnabled: true dedicatedConnectionDetails: - edgeAvailability: ZONE1 bandwidth: BPS_10G - edgeAvailability: ZONE2 bandwidth: BPS_10G Create Per-Tenant Interconnect: value: name: tenant-ic region: europe-west1 partnerName: tenant-partner partnerEmail: partner@tenant.com usage: PER_TENANT tsgId: '1021202872' cloudProvider: GCP type: PARTNER vlanAttachment: name: tenant-conn bgpPeerAsn: 65100 bgpPeerBfdSessionInitMode: DISABLED Create Interconnect with Custom IP Addresses: value: name: custom-ip-ic region: us-west2 partnerName: service-provider partnerEmail: sp@example.com usage: SHARED cloudProvider: GCP type: PARTNER vlanAttachment: name: custom-vlan bgpPeerAsn: 65001 bgpPeerBfdSessionInitMode: ACTIVE stackType: IPV4_ONLY bgpPeerMd5AuthEnabled: false primaryAttachmentCustomIpAddress: candidateCloudRouterIpAddress: 169.254.1.1/29 candidateCustomerRouterIpAddress: 169.254.1.2/29 redundantAttachmentCustomIpAddress: candidateCloudRouterIpAddress: 169.254.2.1/29 candidateCustomerRouterIpAddress: 169.254.2.2/29 required: true responses: '200': description: Success content: application/json: examples: Add an interconnect: value: data: cloudProvider: GCP id: 1689a56a-9386-40b5-aa9a-0cebad2650d8 name: new-ic partnerEmail: acme@abc.com partnerName: acme permittedActions: [] region: us-west2 regionDisplayName: US Southwest status: INACTIVE tenantActivationCount: 0 tenantType: MT_ROOT tsgId: '1669501385' type: PARTNER usage: SHARED vlanAttachments: - bfdEnabled: false bgpPeerAsn: 9493 bgpPeerBfdSessionInitMode: DISABLED bgpPeerMd5AuthEnabled: false createTime: 1758576695376 edgeAvailability: AVAILABILITY_DOMAIN_1 id: aa465af0-d241-4097-8ee6-31b1c29924f7 name: test-1 permittedActions: [] stackType: IPV4_ONLY state: NOT_STARTED status: INACTIVE tenantCount: 0 updateTime: 1758576695404 - bfdEnabled: false bgpPeerAsn: 9493 bgpPeerBfdSessionInitMode: DISABLED bgpPeerMd5AuthEnabled: false createTime: 1758576695399 edgeAvailability: AVAILABILITY_DOMAIN_2 id: d06a04c9-b6aa-4e40-8722-cfee46fc786c name: test-2 permittedActions: [] stackType: IPV4_ONLY state: NOT_STARTED status: INACTIVE tenantCount: 0 updateTime: 1758576695404 requestId: ae1dcb52-7086-4e18-a5a8-8ef8b991c585 '400': description: Bad Request content: application/json: examples: Add an interconnect with invalid payload: value: error: errorCode: 52046 errorType: VALIDATION_ERROR httpStatus: 400 msg: Connection input region unsupported requestId: 3c84be78-eee9-4751-ba03-91759a6e9321 Invalid interconnect name: value: error: errorCode: 52051 errorType: VALIDATION_ERROR httpStatus: 400 msg: Name must be lowercase letters,numbers or hyphens; max length 13 characters requestId: a1b2c3d4-5e6f-7890-abcd-ef1234567890 BGP ASN 16550 not allowed: value: error: errorCode: 52028 errorType: VALIDATION_ERROR httpStatus: 400 msg: BGP Peer ASN with value 16550 is not allowed requestId: b2c3d4e5-6f78-9012-bcde-f12345678901 Missing VPC association: value: error: errorCode: 52003 errorType: VALIDATION_ERROR httpStatus: 400 msg: Missing VPC association entry for tenant requestId: c3d4e5f6-7890-1234-cdef-012345678901 '409': description: Conflict content: application/json: examples: Interconnect already exists: value: error: errorCode: 52004 errorType: VALIDATION_ERROR httpStatus: 409 msg: Interconnect with same usage/cloud_provider/region already exists requestId: d4e5f678-9012-3456-def0-123456789012 Interconnect name exists: value: error: errorCode: 52049 errorType: VALIDATION_ERROR httpStatus: 409 msg: Interconnect with same name already exists requestId: e5f67890-1234-5678-ef01-234567890123 '500': description: Server Error content: application/json: examples: Add backbone failed due to internal error: value: error: errorCode: 50002 errorType: INTERNAL_ERROR httpStatus: 500 msg: Failed to add Backbone in db requestId: 432568e0-05e2-4baa-8595-ed6bb4f98b64 operationId: PostMtSp-interconnectInterconnects x-microcks-operation: delay: 0 dispatcher: FALLBACK /mt/sp-interconnect/interconnects/physical-connections: get: tags: - Physical Connection summary: Palo Alto Networks List Physical Connections description: Retrieve technical data regarding the underlying hardware links that support your Interconnects. This visibility allows network engineers to monitor link speeds (10G/100G) and MACsec encryption status at specific colocation sites. Access this information when troubleshooting layer-1 connectivity or performing routine infrastructure health checks. The system returns a list of physical resources, indicating their current operational status and colocation zone. responses: '200': description: Success content: application/json: examples: Get Physical Connections in a backbone: value: data: - address: "Telehouse - Global Data Centers\n65 Rue Léon Frot\n75011 Paris\nFrance" city: Paris coloFacility: cdg-zone1-53 ha: false id: 0c48519e-5738-4719-b2aa-92fcb9e4a96f linkType: LINK_TYPE_ETHERNET_100G_LR macSecEnabled: true permittedActions: - DELETE_CONNECTION physicalConnectionName: abc-1 region: C_EUROPE requestedLinkCount: 1 status: PENDING - address: "Telehouse - Global Data Centers\n65 Rue Léon Frot\n75011 Paris\nFrance" city: Paris coloFacility: cdg-zone2-53 ha: false id: fe3bff54-f4b2-4aac-958f-15c60913c9de linkType: LINK_TYPE_ETHERNET_100G_LR macSecEnabled: true permittedActions: - DELETE_CONNECTION physicalConnectionName: abc-2 region: C_EUROPE requestedLinkCount: 1 status: PENDING requestId: 0578a2a6-99a7-4fe6-969f-28eafecb362a '400': description: Bad Request '500': description: Server Error operationId: GetMtSp-interconnectInterconnectsPhysical-connections x-microcks-operation: delay: 0 dispatcher: FALLBACK post: tags: - Physical Connection summary: Palo Alto Networks Provision Physical Connection description: Initiate a physical link request within an Interconnect at a specific colocation facility. This establishes the core hardware foundation required before virtual circuits can be provisioned. Use this when expanding regional bandwidth capacity or establishing a new physical Point of Presence (PoP). To proceed, define the desired link speed, the link count, and the specific colocation facility IDs intended for deployment. requestBody: content: application/json: schema: $ref: '#/components/schemas/PhysicalConnectionEntry' examples: Create 10G physical connection: value: physicalConnectionName: abc-1 linkType: LINK_TYPE_ETHERNET_10G_LR requestedLinkCount: 1 coloFacilities: - cdg-zone1-53 - cdg-zone2-53 macSecEnabled: false partnerName: datacenter-ops partnerEmail: ops@datacenter.com Create 100G physical connection with MACsec: value: physicalConnectionName: high-speed-conn linkType: LINK_TYPE_ETHERNET_100G_LR requestedLinkCount: 2 coloFacilities: - yvr-zone1-1881 - yvr-zone2-1881 macSecEnabled: true partnerName: enterprise-net partnerEmail: network@enterprise.com required: true responses: '201': description: Success content: application/json: examples: Add physical connection in backbone: value: data: - address: "Telehouse - Global Data Centers\n65 Rue Léon Frot\n75011 Paris\nFrance" city: Paris coloFacility: cdg-zone1-53 ha: false id: 0c48519e-5738-4719-b2aa-92fcb9e4a96f linkType: LINK_TYPE_ETHERNET_100G_LR macSecEnabled: true physicalConnectionName: abc-1 region: C_EUROPE requestedLinkCount: 1 status: PENDING - address: "Telehouse - Global Data Centers\n65 Rue Léon Frot\n75011 Paris\nFrance" city: Paris coloFacility: cdg-zone2-53 ha: false id: fe3bff54-f4b2-4aac-958f-15c60913c9de linkType: LINK_TYPE_ETHERNET_100G_LR macSecEnabled: true physicalConnectionName: abc-2 region: C_EUROPE requestedLinkCount: 1 status: PENDING requestId: a14eb282-9e97-4cf0-b232-a7c9f4b06fc4 '404': description: Not Found content: application/json: examples: Add physical connection, interconnect not found: value: error: errorCode: 50004 errorType: NOT_FOUND httpStatus: 404 msg: Interconnect not found! requestId: d42dba1a-23f1-4818-813b-2da9f35c95bb '400': description: Bad Request content: application/json: examples: Physical connection name exists: value: error: errorCode: 52105 errorType: VALIDATION_ERROR httpStatus: 400 msg: Physical Connection name already exists requestId: a1b2c3d4-5e6f-7890-abcd-ef1234567890 Invalid link count for 10G: value: error: errorCode: 52109 errorType: VALIDATION_ERROR httpStatus: 400 msg: requestedLinkCount for LINK_TYPE_ETHERNET_10G_LR linkType must be 1 or 2 requestId: b2c3d4e5-6f78-9012-bcde-f12345678901 Invalid link count for 100G: value: error: errorCode: 52110 errorType: VALIDATION_ERROR httpStatus: 400 msg: requestedLinkCount for LINK_TYPE_ETHERNET_100G_LR linkType must be from 1-8 requestId: c3d4e5f6-7890-1234-cdef-012345678901 Invalid colo facilities count: value: error: errorCode: 52111 errorType: VALIDATION_ERROR httpStatus: 400 msg: two entries must be provided in coloFacilities for physical connection requestId: d4e5f678-9012-3456-def0-123456789012 '500': description: Server Error content: application/json: examples: Add physical connection failed: value: error: errorCode: 50018 errorType: INTERNAL_ERROR httpStatus: 500 msg: Failed to add connection in db! requestId: d42dba1a-23f1-4818-813b-2da9f35c95bb operationId: PostMtSp-interconnectInterconnectsPhysical-connections x-microcks-operation: delay: 0 dispatcher: FALLBACK /mt/sp-interconnect/interconnects/physical-connections/{physicalConnectionId}: delete: tags: - Physical Connection summary: Palo Alto Networks Delete Physical Connection description: Decommission a specific physical link from the environment using its unique identifier. Terminating these links helps release hardware resources and end service agreements when specific hardware paths are no longer required. Execute this during hardware refreshes or regional exit strategies. The system immediately marks the connection for deletion and initiates the teardown in the management database and provider portals. parameters: - name: physicalConnectionId in: path required: true schema: type: string example: '439965' responses: '200': description: Success content: application/json: examples: Delete Backbone: value: data: Successfully marked connection for deletion requestId: 7e656271-20f3-4fa4-9c4a-e0f455476fe9 '404': description: Not Found content: application/json: examples: Delete Connection not found: value: error: errorCode: 50007 errorType: NOT_FOUND httpStatus: 404 msg: Connection not found! requestId: cf32af05-7df6-4dd2-b27e-7b6ef2683145 '400': description: Bad Request '500': description: Server Error operationId: DeleteMtSp-interconnectInterconnectsPhysical-connectionsBy_physicalconnectionid x-microcks-operation: delay: 0 dispatcher: FALLBACK get: tags: - Physical Connection summary: Palo Alto Networks Get Physical Connection description: View the detailed technical specification of a single physical link. This displays configuration parameters such as colocation addresses, HA status, and link types. Use this when preparing for on-site maintenance at a data center or verifying link readiness before provisioning virtual circuits. By submitting the physicalConnectionId, you obtain the full state and list of permitted management actions for that specific resource. parameters: - name: physicalConnectionId in: path required: true schema: type: string example: '478801' - name: includeDetails in: query schema: type: boolean example: false responses: '200': description: Success content: application/json: examples: Get Physical Connection by Id: value: data: address: "Telehouse - Global Data Centers\n65 Rue Léon Frot\n75011 Paris\nFrance" city: Paris coloFacility: cdg-zone1-53 ha: false id: 0c48519e-5738-4719-b2aa-92fcb9e4a96f linkType: LINK_TYPE_ETHERNET_100G_LR macSecEnabled: true permittedActions: - DELETE_CONNECTION physicalConnectionName: abc-1 region: C_EUROPE requestedLinkCount: 1 status: PENDING requestId: 82923271-2db3-4895-b1cf-a5faa77d28e3 '404': description: Not Found content: application/json: examples: Get physical connection by Id not found: value: error: errorCode: 50007 errorType: NOT_FOUND httpStatus: 404 msg: Physical Connection not found requestId: 37e45511-7795-41ad-807f-ec38214e8c30 operationId: GetMtSp-interconnectInterconnectsPhysical-connectionsBy_physicalconnectionid x-microcks-operation: delay: 0 dispatcher: FALLBACK /mt/sp-interconnect/interconnects/summary: get: tags: - Interconnect summary: Palo Alto Networks Summarize All Interconnects description: View a high-level statistical snapshot of the current Interconnect ecosystem. This summary provides active/inactive counts, total IP Address pool usage, and bandwidth distribution across cloud providers. Utilize this for executive summaries or operational dashboards to monitor global health at a glance. Filtering by usage type allows you to isolate metrics for SHARED versus PER_TENANT deployment models. parameters: - name: usage in: query schema: $ref: '#/components/schemas/InterconnectUsage' example: SHARED responses: '200': description: Success content: application/json: examples: Get interconnect summary: value: data: - active: 4 bandwidth: 20Mbps cloudProvider: GCP inactive: 2 ipPoolCount: 1 requestId: b66e6d42-0af3-4b92-8ef9-1be242ded8f3 '400': description: Bad Request '500': description: Server Error operationId: GetMtSp-interconnectInterconnectsSummary x-microcks-operation: delay: 0 dispatcher: FALLBACK /mt/sp-interconnect/interconnects/{interconnectId}: get: tags: - Interconnect summary: Palo Alto Networks Retrieve Specific Interconnect description: Fetch the full configuration data and current operational state of a single Interconnect container. This reveals regional placement, current status, and the collection of virtual circuits (VlanAttachments) grouped within the Interconnect. Use this when diagnosing regional connectivity issues or retrieving internal IDs for sub-resource management. The response details cloud-specific parameters and optional data regarding tenants currently utilizing the resource. parameters: - name: interconnectId in: path required: true schema: type: string example: '890585' - name: includeTenantsAssociated in: query schema: type: boolean example: false responses: '200': description: Success content: application/json: examples: Get interconnects by id: value: data: cloudProvider: GCP id: 1689a56a-9386-40b5-aa9a-0cebad2650d8 name: new-ic partnerEmail: acme@abc.com partnerName: acme permittedActions: [] region: us-west2 regionDisplayName: US Southwest status: INACTIVE tenantActivationCount: 0 tenantType: MT_ROOT tsgId: '1669501385' type: PARTNER usage: SHARED vlanAttachments: - bfdEnabled: false bgpPeerAsn: 9493 bgpPeerBfdSessionInitMode: DISABLED bgpPeerMd5AuthEnabled: false createTime: 1758576695376 edgeAvailability: AVAILABILITY_DOMAIN_1 id: aa465af0-d241-4097-8ee6-31b1c29924f7 msg: Error getting network from gcp,Not Found name: test-1 permittedActions: [] stackType: IPV4_ONLY state: DELETING status: INACTIVE tenantCount: 0 updateTime: 1758577091897 - bfdEnabled: false bgpPeerAsn: 9493 bgpPeerBfdSessionInitMode: DISABLED bgpPeerMd5AuthEnabled: false createTime: 1758576695399 edgeAvailability: AVAILABILITY_DOMAIN_2 id: d06a04c9-b6aa-4e40-8722-cfee46fc786c msg: Error getting network from gcp,Not Found name: test-2 permittedActions: - DELETE_CONNECTION stackType: IPV4_ONLY state: CREATE_VLAN_ATTACHMENT_FAILED status: INACTIVE tenantCount: 0 updateTime: 1758576779732 requestId: 18b1bf70-8b07-42e2-907d-10365382dc63 '404': description: Not Found content: application/json: examples: Get interconnect by Id, interconnect not found: value: error: errorCode: 52008 errorType: VALIDATION_ERROR httpStatus: 404 msg: Interconnect not found requestId: d1c5b994-3ce5-4011-acff-498a2080535c '400': description: Bad Request '500': description: Server Error operationId: GetMtSp-interconnectInterconnectsBy_interconnectid x-microcks-operation: delay: 0 dispatcher: FALLBACK delete: summary: Palo Alto Networks Delete Interconnect by ID description: Permanently remove an Interconnect and its associated configuration from the environment. This retirees the bridge once all virtual attachments have been deleted and egress traffic has been rerouted. Execute this only when a regional Interconnect is no longer required for egress traffic. Success removes the resource from the database and ends its logical association with the Prisma Access backend. tags: - Interconnect parameters: - name: interconnectId in: path required: true schema: type: string example: '927743' responses: '200': description: Success content: application/json: examples: Delete Interconnect: value: data: Successfully Deleted Backbone requestId: 7e656271-20f3-4fa4-9c4a-e0f455476fe9 '400': description: Bad Request '404': description: Not Found content: application/json: examples: Delete Interconnect not found: value: error: errorCode: 52008 errorType: VALIDATION_ERROR httpStatus: 404 msg: Interconnect not found requestId: d56d092a-7cb2-4b85-bdbe-48c02c036c94 '500': description: Server Error operationId: DeleteMtSp-interconnectInterconnectsBy_interconnectid x-microcks-operation: delay: 0 dispatcher: FALLBACK /mt/sp-interconnect/interconnects/{interconnectId}/ip-pool: put: tags: - IP Pool summary: Palo Alto Networks Update IP Address Pool description: Update IP Address Pool. parameters: - name: interconnectId in: path required: true schema: type: string example: '716104' requestBody: content: application/json: schema: $ref: '#/components/schemas/IPPoolRequest' examples: Update IP Pool with new CIDRs: value: ipProvider: SP ipBlocks: - edgeLocation: mexico-central cidr: - 21.58.2.0/29 - 21.58.3.0/29 type: SECONDARY Add additional edge location: value: ipProvider: SP ipBlocks: - edgeLocation: us-west-1 cidr: - 12.2.2.0/26 type: SECONDARY - edgeLocation: us-east-1 cidr: - 12.3.3.0/26 type: SECONDARY required: true responses: '200': description: Success content: application/json: examples: Update IP Pool: value: data: id: 7673a661-a98b-4202-b70a-8edc3934a3f5 ipBlocks: - cidr: - 21.58.2.0/29 displayName: Mexico Central edgeLocation: mexico-central ipProvider: SP name: ip-pool-test permittedActions: [] region: us-south1 state: NOT_STARTED status: PENDING tsgId: '1091039496' requestId: 6eb154b3-5ac0-441c-a8e4-a092f5b5b588 '500': description: Internal Error '400': description: Bad Request operationId: PutMtSp-interconnectInterconnectsBy_interconnectidIp-pool x-microcks-operation: delay: 0 dispatcher: FALLBACK get: tags: - IP Pool summary: Palo Alto Networks Get IP Address Address Pool description: View the current IP Address address configuration assigned to an Interconnect, including CIDR ranges and provider status. This provides visibility into the addressing scheme used at the edge for egress routing. Access this to verify that the correct SP-provided or public IP Address ranges are in effect. The data returned includes the IP Address pool ID, its provisioning state, and a list of all active CIDR blocks. parameters: - name: interconnectId in: path required: true schema: type: string example: '698769' responses: '200': description: Success content: application/json: examples: Get IP Pool by id: value: data: cloudProvider: AWS createTime: 1748207866258 id: 64753c22-8234-4d06-8410-2fc7a949a8f5 interconnectId: 424f9837-68b3-11f0-92e9-4201ac16024e ipBlocks: - cidr: - 18.2.1.0/28 displayName: US Northwest edgeLocation: us-west-2 type: SECONDARY ipProvider: SP permittedActions: - ASSIGN_IP_POOL - DELETE_IP_POOL - UPDATE_IP_POOL state: NOT_STARTED status: PENDING updateTime: 1748207866258 requestId: 7d7de6bc-f96b-4cd7-bad4-fb7a5689eba7 '400': description: Bad Request operationId: GetMtSp-interconnectInterconnectsBy_interconnectidIp-pool x-microcks-operation: delay: 0 dispatcher: FALLBACK delete: tags: - IP Pool summary: Palo Alto Networks Delete IP Address Pool description: Remove all IP Address block associations and provider settings from the specified Interconnect. Terminating the pool stops the use of specific CIDRs for routing and returns the container to an unassigned state. Use this when retiring BYOIP ranges or preparing to swap service provider IP Address schemes. Note that deleting an active pool will immediately impact egress traffic relying on those addresses. parameters: - name: interconnectId in: path required: true schema: type: string example: '525495' responses: '200': description: Success content: application/json: examples: Delete IP Pool by id: value: data: IP Pool successfully deleted requestId: e34443d5-dfbd-482b-a76c-5d753034efc0 operationId: DeleteMtSp-interconnectInterconnectsBy_interconnectidIp-pool x-microcks-operation: delay: 0 dispatcher: FALLBACK post: tags: - IP Pool summary: Palo Alto Networks Create New Pool description: Provision and attach a new IP Address address pool to an existing Interconnect. This defines the addressing model (SP-provided or PANW-provided) that Prisma Access traffic will use at the edge. Use this when finalizing the egress setup for a new regional Interconnect container. When using SP-provided pools, you must include at least one valid public CIDR block mapped to a supported edge location. parameters: - name: interconnectId in: path required: true schema: type: string example: '614590' requestBody: content: application/json: schema: $ref: '#/components/schemas/IPPoolRequest' examples: Create SP provided IP Pool: value: ipProvider: SP ipBlocks: - edgeLocation: us-west-1 cidr: - 12.2.2.0/26 type: SECONDARY - edgeLocation: us-west2 cidr: - 12.1.2.0/26 type: PRIMARY Create PANW provided IP Pool: value: ipProvider: PANW Create AWS IP Pool: value: ipProvider: SP ipBlocks: - edgeLocation: us-east-1a cidr: - 18.2.1.0/28 - 18.2.2.0/28 type: SECONDARY required: true responses: '201': description: Success content: application/json: examples: Add an IP Pool: value: data: cloudProvider: GCP createTime: 1758577740021 id: 3dec9dea-c100-495b-9fb2-16b44c1eae3a interconnectId: 1689a56a-9386-40b5-aa9a-0cebad2650d8 ipBlocks: - cidr: - 12.2.2.0/26 displayName: US West edgeLocation: us-west-1 type: SECONDARY - cidr: - 12.1.2.0/26 edgeLocation: us-west2 type: PRIMARY ipProvider: SP permittedActions: [] state: VALIDATING_CIDR_IN_ORCHESTRATOR status: IN_PROGRESS updateTime: 1758577740331 requestId: 8c085ae4-bf26-4de5-86bd-2ba446b65d47 '400': description: Bad Request content: application/json: examples: CIDR already used: value: error: errorCode: 52070 errorType: VALIDATION_ERROR httpStatus: 400 msg: CIDR is already used requestId: a1b2c3d4-5e6f-7890-abcd-ef1234567890 Private IP not allowed: value: error: errorCode: 52068 errorType: VALIDATION_ERROR httpStatus: 400 msg: CIDR in IP Pool is private IP, only public IPs allowed requestId: b2c3d4e5-6f78-9012-bcde-f12345678901 Max CIDRs reached: value: error: errorCode: 52071 errorType: VALIDATION_ERROR httpStatus: 400 msg: Only ten cidr blocks allowed per edge location requestId: c3d4e5f6-7890-1234-cdef-012345678901 IP Pool already exists: value: error: errorCode: 52013 errorType: VALIDATION_ERROR httpStatus: 400 msg: IP Pool already exists in interconnect requestId: d4e5f678-9012-3456-def0-123456789012 Invalid CIDR range for GCP: value: error: errorCode: 52123 errorType: VALIDATION_ERROR httpStatus: 400 msg: GCP CloudProvider IP Block CIDRs must be between /25 to /29 requestId: e5f67890-1234-5678-ef01-234567890123 '500': description: Internal Error operationId: PostMtSp-interconnectInterconnectsBy_interconnectidIp-pool x-microcks-operation: delay: 0 dispatcher: FALLBACK /mt/sp-interconnect/interconnects/{interconnectId}/vlan-attachments: get: tags: - Vlan Attachment summary: Palo Alto Networks List Vlan Attachments description: Retrieve all virtual circuits configured within a specific Interconnect. This allows administrators to verify the regional distribution of attachments and their current BGP states. Use this when auditing high-availability (HA) domains or verifying pairing key availability. The response lists BGP parameters, edge availability domains, and current provisioning states for each circuit. parameters: - name: interconnectId in: path required: true schema: type: string example: '400911' responses: '200': description: Success content: application/json: examples: Get vlan attachments in an interconnect: value: data: - bfdEnabled: false bgpPeerAsn: 16363 bgpPeerBfdSessionInitMode: DISABLED bgpPeerMd5AuthEnabled: false createTime: 1758575564100 edgeAvailability: AVAILABILITY_DOMAIN_2 id: 0182b459-6ddd-41cc-9f45-60af08e7ec2b name: test-2 permittedActions: [] stackType: IPV4_ONLY state: NOT_STARTED status: INACTIVE tenantCount: 0 updateTime: 1758575564106 - bfdEnabled: false bgpPeerAsn: 16363 bgpPeerBfdSessionInitMode: DISABLED bgpPeerMd5AuthEnabled: false createTime: 1758575564075 edgeAvailability: AVAILABILITY_DOMAIN_1 id: 73d4c1c1-ee4a-4fc3-98f0-45e465c17c5e name: test-1 permittedActions: [] stackType: IPV4_ONLY state: NOT_STARTED status: INACTIVE tenantCount: 0 updateTime: 1758575564082 requestId: 21f951d8-0d34-48cb-ae3e-29fcc5339bea '400': description: Bad Request '500': description: Server Error operationId: GetMtSp-interconnectInterconnectsBy_interconnectidVlan-attachments x-microcks-operation: delay: 0 dispatcher: FALLBACK post: tags: - Vlan Attachment summary: Palo Alto Networks Provision Vlan Attachment description: Create a new virtual circuit, known as a VlanAttachment, within an Interconnect to enable data transfer. This establishes the actual logical path for Prisma Access traffic routing through the Service Provider. Deploy this when initializing new egress paths or adding redundant links for regional reliability. Required parameters include a unique name, BGP Peer ASN, and BFD initialization mode to ensure robust connectivity. parameters: - name: interconnectId in: path required: true schema: type: string example: '122475' requestBody: content: application/json: schema: $ref: '#/components/schemas/VlanAttachmentRequest' examples: Create Partner VLAN attachment: value: name: test bgpPeerAsn: 16550 bgpPeerBfdSessionInitMode: DISABLED stackType: IPV4_ONLY bgpPeerMd5AuthEnabled: false Create VLAN attachment with BFD enabled: value: name: bfd-conn bgpPeerAsn: 65001 bgpPeerBfdSessionInitMode: ACTIVE bgpPeerBfdMinTransmitInterval: 1000 bgpPeerBfdMinReceiveInterval: 1000 bgpPeerBfdMultiplier: 5 stackType: IPV4_ONLY bgpPeerMd5AuthEnabled: true Create VLAN attachment with IPv4/IPv6: value: name: dual-stack bgpPeerAsn: 64512 bgpPeerBfdSessionInitMode: PASSIVE stackType: IPV4_IPV6 bgpPeerMd5AuthEnabled: false Create Dedicated VLAN attachment: value: name: ded-vlan bgpPeerAsn: 16363 bgpPeerBfdSessionInitMode: ACTIVE bandwidth: BPS_10G stackType: IPV4_ONLY bgpPeerMd5AuthEnabled: true dedicatedConnectionDetails: - edgeAvailability: ZONE1 bandwidth: BPS_10G - edgeAvailability: ZONE2 bandwidth: BPS_10G Create VLAN attachment with custom IP addresses: value: name: custom-ip-vlan bgpPeerAsn: 65001 bgpPeerBfdSessionInitMode: ACTIVE stackType: IPV4_ONLY bgpPeerMd5AuthEnabled: false primaryAttachmentCustomIpAddress: candidateCloudRouterIpAddress: 169.254.1.1/29 candidateCustomerRouterIpAddress: 169.254.1.2/29 redundantAttachmentCustomIpAddress: candidateCloudRouterIpAddress: 169.254.2.1/29 candidateCustomerRouterIpAddress: 169.254.2.2/29 required: true responses: '201': description: Success content: application/json: examples: Add vlan attachment in interconnect: value: data: - bfdEnabled: false bgpPeerAsn: 16363 bgpPeerBfdSessionInitMode: DISABLED bgpPeerMd5AuthEnabled: false createTime: 1758575564075 edgeAvailability: AVAILABILITY_DOMAIN_1 id: 73d4c1c1-ee4a-4fc3-98f0-45e465c17c5e name: test-1 permittedActions: [] stackType: IPV4_ONLY state: NOT_STARTED status: INACTIVE tenantCount: 0 updateTime: 1758575564077 - bfdEnabled: false bgpPeerAsn: 16363 bgpPeerBfdSessionInitMode: DISABLED bgpPeerMd5AuthEnabled: false createTime: 1758575564100 edgeAvailability: AVAILABILITY_DOMAIN_2 id: 0182b459-6ddd-41cc-9f45-60af08e7ec2b name: test-2 permittedActions: [] stackType: IPV4_ONLY state: NOT_STARTED status: INACTIVE tenantCount: 0 updateTime: 1758575564101 requestId: 73811958-f1a9-4a3e-b5f1-b9373eeb4000 Add vlan attachment with custom IP addresses: value: data: - bfdEnabled: false bgpPeerAsn: 65001 bgpPeerBfdSessionInitMode: ACTIVE bgpPeerMd5AuthEnabled: false createTime: 1758575564075 edgeAvailability: AVAILABILITY_DOMAIN_1 id: 73d4c1c1-ee4a-4fc3-98f0-45e465c17c5e name: custom-ip-vlan-1 permittedActions: [] stackType: IPV4_ONLY state: NOT_STARTED status: INACTIVE tenantCount: 0 updateTime: 1758575564077 customIpAddress: candidateCloudRouterIpAddress: 169.254.1.1/29 candidateCustomerRouterIpAddress: 169.254.1.2/29 - bfdEnabled: false bgpPeerAsn: 65001 bgpPeerBfdSessionInitMode: ACTIVE bgpPeerMd5AuthEnabled: false createTime: 1758575564100 edgeAvailability: AVAILABILITY_DOMAIN_2 id: 0182b459-6ddd-41cc-9f45-60af08e7ec2b name: custom-ip-vlan-2 permittedActions: [] stackType: IPV4_ONLY state: NOT_STARTED status: INACTIVE tenantCount: 0 updateTime: 1758575564101 customIpAddress: candidateCloudRouterIpAddress: 169.254.2.1/29 candidateCustomerRouterIpAddress: 169.254.2.2/29 requestId: 73811958-f1a9-4a3e-b5f1-b9373eeb4000 '404': description: Not Found content: application/json: examples: Add vlan attachment, interconnect not found: value: error: errorCode: 52008 errorType: VALIDATION_ERROR httpStatus: 404 msg: Interconnect not found requestId: 95203e0e-e0f7-49ef-9b9d-04c9ba42e95b '400': description: Bad Request content: application/json: examples: VLAN attachment name exists: value: error: errorCode: 52011 errorType: VALIDATION_ERROR httpStatus: 400 msg: Connection name already exists requestId: a1b2c3d4-5e6f-7890-abcd-ef1234567890 Max vlan attachments reached: value: error: errorCode: 52018 errorType: VALIDATION_ERROR httpStatus: 400 msg: Reached maximum number of vlan attachments in an interconnect requestId: b2c3d4e5-6f78-9012-bcde-f12345678901 Dedicated connection details missing: value: error: errorCode: 52025 errorType: VALIDATION_ERROR httpStatus: 400 msg: dedicatedVlanAttachmentDetails cannot be null for Connection with type DEDICATED requestId: c3d4e5f6-7890-1234-cdef-012345678901 Bandwidth required for dedicated: value: error: errorCode: 52026 errorType: VALIDATION_ERROR httpStatus: 400 msg: Bandwidth is required input for dedicated VLAN Attachment requestId: d4e5f678-9012-3456-def0-123456789012 Invalid custom IP addresses: value: error: errorCode: 52027 errorType: VALIDATION_ERROR httpStatus: 400 msg: Cloud Router IP and Peer IP must both be set or must both be unset. If set, the prefix lengths must be the same, IP addresses must not be in reserved ranges, and must not be network or broadcast addresses. requestId: e6f78901-2345-6789-0123-456789012345 '500': description: Server Error operationId: PostMtSp-interconnectInterconnectsBy_interconnectidVlan-attachments x-microcks-operation: delay: 0 dispatcher: FALLBACK /mt/sp-interconnect/interconnects/{interconnectId}/vlan-attachments/{vlanAttachmentId}: get: tags: - Vlan Attachment summary: Palo Alto Networks Get Vlan Attachment description: View the full technical specification of a single virtual circuit by its unique identifier. This displays parameters such as MD5 authentication, BGP session timers, and stack type (IPv4/Dual-Stack). Use this to verify pairing key generation or to inspect the specific edge availability domain assigned for redundancy. The returned data provides the exact state needed for alignment with service provider configurations. parameters: - name: interconnectId in: path required: true schema: type: string example: '352666' - name: vlanAttachmentId in: path required: true schema: type: string example: '197660' responses: '200': description: Success content: application/json: examples: Get vlan attachment by Id: value: data: bandwidth: BPS_50M bgpPeerAsn: 16550 edgeAvailability: ZONE1 id: dee52272-d1e2-4b88-9ebc-a5e70e414d58 name: abc-edge-1 partnerEmail: sp@mail.com partnerName: sp_abc_name region: us-central1 state: CREATED_CONNECTION status: PENDING bgpPeerBfdMinReceiveInterval: 1000 bgpPeerBfdMinTransmitInterval: 1000 bgpPeerBfdMultiplier: 5 bgpPeerMd5AuthEnabled: true requestId: 138de731-25c2-4001-8ea5-d81992c146d7 '400': description: Bad Request '500': description: Server Error operationId: GetMtSp-interconnectInterconnectsBy_interconnectidVlan-attachmentsBy_vlanattachmentid x-microcks-operation: delay: 0 dispatcher: FALLBACK delete: tags: - Vlan Attachment summary: Palo Alto Networks Delete Vlan Attachment description: Permanently remove a specific virtual circuit and its logical configuration from the Interconnect. Terminating these circuits is necessary when network paths are being replaced or retired. Execute this during scheduled maintenance windows or regional re-architecting. Ensure the paired service provider resource is also manually decommissioned to prevent unintended billing. parameters: - name: interconnectId in: path required: true schema: type: string example: '106065' - name: vlanAttachmentId in: path required: true schema: type: string example: '238900' responses: '200': description: Success content: application/json: examples: Delete vlan attachment by Id: value: data: Successfully delete VLAN Attachment requestId: 7e656271-20f3-4fa4-9c4a-e0f455476fe9 '404': description: Not Found content: application/json: examples: Delete vlan attachment, interconnect not found: value: error: errorCode: 52008 errorType: VALIDATION_ERROR httpStatus: 404 msg: Interconnect not found requestId: d56d092a-7cb2-4b85-bdbe-48c02c036c94 '400': description: Bad Request '500': description: Server Error operationId: DeleteMtSp-interconnectInterconnectsBy_interconnectidVlan-attachmentsBy_vlanattachmentid x-microcks-operation: delay: 0 dispatcher: FALLBACK /mt/sp-interconnect/interconnects/{interconnectId}/vlan-attachments/{vlanAttachmentId}/accept: post: tags: - Vlan Attachment summary: Palo Alto Networks Accept AWS Attachment description: Transition a pending AWS Direct Connect attachment into the accepted state within the management plane. This serves as the final confirmation required by AWS to activate the virtual circuit. Trigger this action when the circuit state reaches PENDING_SP_ACCEPTANCE in the AWS console. Note that this action is exclusive to AWS deployments and cannot be used for GCP or other providers. parameters: - name: interconnectId in: path required: true schema: type: string example: '681643' - name: vlanAttachmentId in: path required: true schema: type: string example: '689952' responses: '200': description: Success content: application/json: examples: Accept AWS vlan attachment: value: data: Successfully accepted VLAN Attachment requestId: 7e656271-20f3-4fa4-9c4a-e0f455476fe9 '400': description: Bad Request content: application/json: examples: Accept non-AWS vlan attachment: value: error: errorCode: 52047 errorType: VALIDATION_ERROR httpStatus: 400 msg: Connections created in AWS can be accepted requestId: 95203e0e-e0f7-49ef-9b9d-04c9ba42e95b Accept vlan attachment not in pending state: value: error: errorCode: 52046 errorType: VALIDATION_ERROR httpStatus: 400 msg: VlanAttachment can be accepted only in PENDING_SP_ACCEPTANCE state requestId: a1b2c3d4-5e6f-7890-abcd-ef1234567890 '404': description: Not Found content: application/json: examples: Interconnect not found: value: error: errorCode: 52008 errorType: VALIDATION_ERROR httpStatus: 404 msg: Interconnect not found requestId: d56d092a-7cb2-4b85-bdbe-48c02c036c94 Vlan attachment not found: value: error: errorCode: 52029 errorType: VALIDATION_ERROR httpStatus: 404 msg: Vlan Attachment not found requestId: cf32af05-7df6-4dd2-b27e-7b6ef2683145 '500': description: Server Error content: application/json: examples: Accept AWS vlan attachment failed: value: error: errorCode: 52048 errorType: INTERNAL_ERROR httpStatus: 500 msg: Failed to accept vlan attachment in aws requestId: d42dba1a-23f1-4818-813b-2da9f35c95bb operationId: PostMtSp-interconnectInterconnectsBy_interconnectidVlan-attachmentsBy_vlanattachmentidAccept x-microcks-operation: delay: 0 dispatcher: FALLBACK /mt/sp-interconnect/interconnects/{interconnectId}/vlan-attachments/{vlanAttachmentId}/logs: get: tags: - Vlan Attachment summary: Palo Alto Networks Get GCP CloudRouter Logs description: Get GCP cloudRouter logs for vlan attachment from startTime to endTime milliseconds. parameters: - name: interconnectId in: path required: true schema: type: string example: '362191' - name: vlanAttachmentId in: path required: true schema: type: string example: '633509' - name: duration in: query description: 'Duration for logs. Allowed values: 15m, 1h, 1d, 3d' schema: type: string default: 1d enum: - 15m - 1h - 1d - 3d example: 1d responses: '200': description: Success content: application/json: examples: Get cloud router logs: value: data: logs: - timestamp: 1758576695399 severity: INFO message: BGP session established with peer 10.0.0.1 - timestamp: 1758576779732 severity: WARNING message: BGP hold timer expired, resetting session requestId: 82923271-2db3-4895-b1cf-a5faa77d28e3 '400': description: Bad Request content: application/json: examples: Invalid duration: value: error: errorCode: 52091 errorType: VALIDATION_ERROR httpStatus: 400 msg: Invalid duration, allowed duration are 15m, 1h, 1d, 3d requestId: 95203e0e-e0f7-49ef-9b9d-04c9ba42e95b Logs not supported for AWS: value: error: errorCode: 52092 errorType: VALIDATION_ERROR httpStatus: 400 msg: CloudRouter logs supported only for GCP connections requestId: a1b2c3d4-5e6f-7890-abcd-ef1234567890 '500': description: Server Error content: application/json: examples: Failed to get logs: value: error: errorCode: 52090 errorType: INTERNAL_ERROR httpStatus: 500 msg: Failed getting cloud router logs from GCP requestId: d42dba1a-23f1-4818-813b-2da9f35c95bb operationId: GetMtSp-interconnectInterconnectsBy_interconnectidVlan-attachmentsBy_vlanattachmentidLogs x-microcks-operation: delay: 0 dispatcher: FALLBACK /mt/sp-interconnect/regions: get: tags: - Interconnect summary: Palo Alto Networks List of Regions and Edge Locations description: Fetch the master list of all geographical regions and edge locations supported by the SP Interconnect service. This assists in network planning by identifying optimal locations for Interconnect placement. Consult this data to determine the closest edge location to your physical infrastructure for low-latency traffic egress. The response is dynamically filtered based on the cloudProvider to ensure regional compatibility. parameters: - name: cloudProvider in: query schema: $ref: '#/components/schemas/CloudProvider' example: GCP responses: '200': description: Success content: application/json: examples: Get IP Pool regions/edge locations: value: data: - edge_locations: - display_name: US Southwest edge_location: us-west-201 - display_name: US West edge_location: us-west-1 compute_region: us-west2 theater: North Americas - edge_locations: - display_name: US Central West edge_location: us-west-3 compute_region: us-west3 theater: North Americas requestId: e459bba9-ca17-4bfa-a55a-f7305a7e8f75 operationId: GetMtSp-interconnectRegions x-microcks-operation: delay: 0 dispatcher: FALLBACK /mt/sp-interconnect/regions/physical-connections: get: tags: - Interconnect summary: Palo Alto Networks List of Physical Connection Regions in GCP description: Retrieve the specific regions and colocation facilities available for physical interconnect deployments on the GCP network. This informs network engineers of the precise locations where high-speed physical links can be provisioned. Use this when developing a dedicated physical connectivity strategy for large-scale multi-tenant environments. The data provides a hierarchy of continents, cities, and specific facility names. responses: '200': description: Success content: application/json: examples: Get regions for Physical Interconencts in GCP: value: data: regions: - cities: - coloFacilities: - address: 'Cologix, Inc. 1050 W Pender Street Vancouver, V6E 3S7 Canada ' city: Vancouver continent: C_NORTH_AMERICA description: Cologix VAN2 status: AVAILABLE zones: - availabilityZone: zone1 facilityProvider: Cologix facilityProviderFacilityId: Cologix id: 1377 name: yvr-zone1-1881 peeringdbFacilityId: '1881' selfLink: https://www.googleapis.com/compute/v1/projects/host-gpcs-dev-01/global/interconnectLocations/yvr-zone1-1881 status: AVAILABLE - availabilityZone: zone2 facilityProvider: Cologix facilityProviderFacilityId: Cologix id: 1378 name: yvr-zone2-1881 peeringdbFacilityId: '1881' selfLink: https://www.googleapis.com/compute/v1/projects/host-gpcs-dev-01/global/interconnectLocations/yvr-zone2-1881 status: AVAILABLE name: Vancouver region: C_NORTH_AMERICA requestId: 709de72e-8004-41c8-9dc5-9d9b852876c4 operationId: GetMtSp-interconnectRegionsPhysical-connections x-microcks-operation: delay: 0 dispatcher: FALLBACK /mt/sp-interconnect/settings: post: tags: - Interconnect summary: Palo Alto Networks Configure Egress Settings description: Apply traffic routing preferences and egress behavior for a specific Tenant Service Group (TSG). This determines whether egress traffic utilizes the private Service Provider (SP) path or the standard Prisma Access (PA) path. Set this during tenant onboarding or when modifying existing regional traffic policies. If SP egress is selected, you must specify the CIDR ranges that should participate in the private routing. requestBody: content: application/json: schema: $ref: '#/components/schemas/SettingsEntry' examples: Set SP egress type with CIDRs: value: egressType: SP cidr: - 2.1.1.1/29 - 3.2.2.2/29 Set PA egress type: value: egressType: PA required: true responses: '200': description: Success content: application/json: examples: Update Egress type and cidr: value: data: cidr: - 2.1.1.1/29 - 3.2.2.2/29 egressType: SP requestId: 996e250d-e1bc-4499-a408-7ccbfdda0368 '400': description: Bad Request content: application/json: examples: Update Egress type and cidr failed on not vpc entry: value: error: errorCode: 52003 errorType: VALIDATION_ERROR httpStatus: 400 msg: Missing VPC association entry for tenant requestId: c33354e9-6fd0-491d-9dac-010240132fed '409': description: Conflict operationId: PostMtSp-interconnectSettings x-microcks-operation: delay: 0 dispatcher: FALLBACK get: summary: Palo Alto Networks Get Egress Settings description: View the current egress and routing configuration for the authenticated tenant context. This verifies whether the tenant is currently utilizing the SP Interconnect or the default public path for their egress traffic. Access this to validate that your network architecture policies have been correctly applied at the management plane. The response provides the egress type and all participating CIDR blocks. tags: - Interconnect responses: '200': description: Success content: application/json: examples: Get Egress type and cidr: value: data: cidr: - 3.2.2.2/29 - 2.1.1.1/29 egressType: SP requestId: d10ee1b0-b8ed-461b-af14-dfad5a782dc5 '400': description: Bad Request content: application/json: examples: Get Egress type and cidr failed on not vpc entry: value: error: errorCode: 52030 errorType: VALIDATION_ERROR httpStatus: 400 msg: Tenant does not have shared vpc assigned requestId: 130cb837-b3d8-43af-b15f-cd60724cab8d '404': description: Not Found operationId: GetMtSp-interconnectSettings x-microcks-operation: delay: 0 dispatcher: FALLBACK servers: - url: https://api.sase.paloaltonetworks.com security: - authKey: [] components: schemas: CloudProvider: type: string enum: - GCP - AWS ConnectionType: type: string enum: - DEDICATED - PARTNER DedicatedVlanAttachmentDetailsEntry: type: object properties: edgeAvailability: type: string example: example-edgeAvailability bandwidth: $ref: '#/components/schemas/Bandwidth' required: - edgeAvailability InterconnectRequest: type: object required: - name - region - partnerName - partnerEmail - usage - cloudProvider - type properties: name: type: string pattern: ^([-0-9a-z]){1,13}$ example: Staging Sensor 44 region: type: string pattern: \\S+ example: us-east-1 partnerName: type: string pattern: ^([a-zA-Z0-9\s\-]){1,30}$ example: Primary Agent 20 partnerEmail: type: string pattern: \\S example: example-partnerEmail usage: $ref: '#/components/schemas/InterconnectUsage' tsgId: type: string pattern: ^[0-9-]+$ example: '960838' cloudProvider: $ref: '#/components/schemas/CloudProvider' type: $ref: '#/components/schemas/ConnectionType' ipPool: $ref: '#/components/schemas/IPPoolRequest' physicalConnection: $ref: '#/components/schemas/PhysicalConnectionEntry' vlanAttachment: $ref: '#/components/schemas/VlanAttachmentRequest' InterconnectUsage: type: string enum: - SHARED - PER_TENANT IPPoolRequest: type: object required: - ipProvider properties: ipBlocks: type: array uniqueItems: true items: $ref: '#/components/schemas/IPBlockEntry' example: - edgeLocation: example-edgeLocation cidr: - example-cidr_item type: SECONDARY - edgeLocation: example-edgeLocation cidr: - example-cidr_item - example-cidr_item type: PRIMARY ipProvider: $ref: '#/components/schemas/IPProvider' IPBlockEntry: type: object required: - cidr properties: edgeLocation: type: string example: example-edgeLocation cidr: type: array minItems: 1 uniqueItems: true items: type: string example: - example-cidr_item - example-cidr_item type: $ref: '#/components/schemas/IPBlockType' IPBlockType: type: string enum: - PRIMARY - SECONDARY IPProvider: type: string enum: - SP - PANW PhysicalConnectionEntry: type: object required: - physicalConnectionName - linkType - coloFacilities - partnerName - partnerEmail properties: physicalConnectionName: type: string pattern: \\S example: Production Gateway 56 linkType: $ref: '#/components/schemas/PhysicalInterconnectLinkType' requestedLinkCount: type: integer format: int32 example: 299 coloFacilities: type: array minItems: 1 items: type: string example: - example-coloFacilities_item macSecEnabled: type: boolean example: true partnerName: type: string pattern: \\S example: Production Gateway 51 partnerEmail: type: string pattern: \\S example: example-partnerEmail PhysicalInterconnectLinkType: type: string enum: - LINK_TYPE_ETHERNET_10G_LR - LINK_TYPE_ETHERNET_100G_LR VlanAttachmentRequest: type: object required: - name - bgpPeerAsn - bgpPeerBfdSessionInitMode properties: name: type: string pattern: ^([-0-9a-z]){1,13}$ example: Production Agent 71 stackType: $ref: '#/components/schemas/StackType' bandwidth: $ref: '#/components/schemas/Bandwidth' bgpPeerAsn: type: integer format: int64 minimum: 1 example: 63 bgpPeerBfdSessionInitMode: $ref: '#/components/schemas/SessionInitializationMode' bgpPeerBfdMinTransmitInterval: type: integer format: int64 maximum: 30000 minimum: 1000 example: 10043 bgpPeerBfdMinReceiveInterval: type: integer format: int64 maximum: 30000 minimum: 1000 example: 12651 bgpPeerBfdMultiplier: type: integer format: int64 maximum: 16 minimum: 5 example: 5 dedicatedConnectionDetails: type: array items: $ref: '#/components/schemas/DedicatedVlanAttachmentDetailsEntry' example: - edgeAvailability: example-edgeAvailability bandwidth: BPS_300M - edgeAvailability: example-edgeAvailability bandwidth: BPS_50M primaryAttachmentCustomIpAddress: $ref: '#/components/schemas/VlanAttachmentCustomIpAddress' redundantAttachmentCustomIpAddress: $ref: '#/components/schemas/VlanAttachmentCustomIpAddress' bgpPeerMd5AuthEnabled: type: boolean example: true StackType: type: string enum: - IPV4_ONLY - IPV4_IPV6 Bandwidth: type: string enum: - BPS_50M - BPS_100M - BPS_200M - BPS_300M - BPS_400M - BPS_500M - BPS_1G - BPS_2G - BPS_5G - BPS_10G SessionInitializationMode: type: string enum: - ACTIVE - PASSIVE - DISABLED SettingsEntry: type: object required: - egressType properties: egressType: type: string pattern: SP|PA example: advanced cidr: type: array uniqueItems: true items: type: string pattern: ^((25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})(\.(25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})){3})\/(3[0-2]|[1-2][0-9]|[0-9])$ example: - example-cidr_item - example-cidr_item VlanAttachmentCustomIpAddress: type: object description: Custom IP address configuration for VLAN attachment BGP peering. Both Cloud Router and Customer Router IP addresses must be provided together with matching prefix lengths (/29 or /30). IP addresses must not be in reserved ranges (RFC1918 private IPs, loopback, etc.) and must not be network or broadcast addresses. properties: candidateCloudRouterIpAddress: type: string description: Cloud Router IP address in CIDR notation (e.g., 169.254.1.1/29). Must have prefix length /29 or /30 and match the prefix length of candidateCustomerRouterIpAddress. pattern: ^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))/(29|30)$ example: 10.163.80.221 candidateCustomerRouterIpAddress: type: string description: Customer Router IP address in CIDR notation (e.g., 169.254.1.2/29). Must have prefix length /29 or /30 and match the prefix length of candidateCloudRouterIpAddress. pattern: ^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))/(29|30)$ example: 10.34.238.244 securitySchemes: authKey: type: http scheme: Bearer ExternalTags: {}