Skip to content

Types of Resources

An overview of all available resources of a Layer7 gateway. Also how these are handled by the Gateway Manager with default settings and with which interface they are imported.

Resources

Resources handled by Gateway Manager
Restman Type Graphman Type Description Default Action Automatic Mapping Imported by
ACTIVE_CONNECTOR Active connectors are connectors that poll for messages. For example MQ Native Queues and SFTP Polling Listeners are examples of Active Connectors. NewOrExisting Default Restman and Graphman
ASSERTION_SECURITY_ZONE Assertion Security Zones entities are used to apply security zones to assertions. By default, assertions do not have a security zone assigned to them. NewOrExisting Default Restman
CASSANDRA_CONNECTION Cassandra connections allow the Gateway to query external databases and then use the query results during policy consumption. Cassandra Connection NewOrExisting Default Restman and Graphman
CLUSTER_PROPERTY Cluster properties are used to set global properties. Example cluster properties include "cluster.hostname" and "log.levels" NewOrExisting Default Restman and Graphman
CUSTOM_KEY_VALUE A Custom key value is an item that can be stored by a custom assertion. NewOrExisting Default Restman and Graphman
EMAIL_LISTENER An email listener will periodically poll an email server for messages to process. NewOrExisting Default Restman and Graphman
ENCAPSULATED_ASSERTION Encapsulated Assertion lets you turn any policy fragment into a self-contained "assertion" that accepts input values and sets output values. NewOrExisting Default Restman and Graphman
FIREWALL_RULE A firewall rule is a rule to accept or redirect traffic. This is only available on hardware installations. NewOrExisting Default Restman
FOLDER Folders are used to organize the policies, services, and aliases you have on the Gateway. NewOrExisting Default Restman
GENERIC_ENTITY A generic entities is used by some modular assertions to represent any entity. NewOrExisting Default Restman
GROUP A group represents a group identity in an identity provider. When no identity provider is specified in the url then the internal identity provider is assumed. Groups can only be retrieved, they can not be created. NewOrExisting Default Restman
HTTP_CONFIGURATION HTTP Configuration are used to configure various options to be used by the Gateway for HTTP/HTTPS connections. For example, you can configure the login credentials for an HTTPS host, define a proxy for the host, or specify a private key to be used for authentication. NewOrExisting Default Restman
IDENTITY_PROVIDER An Identity provider is used to store and provide identities. NewOrExisting Default Restman
INTERNAL_IDENTITY_PROVIDER Graphman distinguishes between the individual types of identity providers and has its own endpoints for these. NewOrExisting Default Restman and Graphman
LDAP_IDENTITY_PROVIDER NewOrExisting Default Restman and Graphman
FEDERATED_IDENTITY_PROVIDER NewOrExisting Default Restman and Graphman
INTERFACE_TAG Interfaces are used to specify IP addresses that can be monitored by a listen port. Defining an interface gives you greater control over the IP addresses that will be monitored. NewOrExisting Default Restman
JDBC_CONNECTION JDBC connections allow the Gateway to query external databases and then use the query results during policy consumption. NewOrExisting Default Restman and Graphman
JMS_DESTINATION A JMS destination is used to configure a connection to a JMS service. This is used for both inbound and outbound configurations. NewOrExisting Default Restman and Graphman
LISTEN_PORT A listen port is a TCP port that "listens" for incoming messages that are then passed to the Gateway message processor. NewOrExisting Default Restman and Graphman
POLICY This resource is used to manage policies. These can be internal, global or other special purpose policies. NewOrUpdate Default Restman
BACKGROUND_TASK_POLICY Graphman distinguishes between the individual types of policies and has its own endpoints for these. NewOrUpdate Default Restman and Graphman
GLOBAL_POLICY NewOrUpdate Default Restman and Graphman
POLICY_FRAGMENT NewOrUpdate Default Restman and Graphman
POLICY_BACKED_SERVICE Policy Backed Services allow for custom policies to be referred to from gateway processes. NewOrExisting Default Restman
PRIVATE_KEY This resource is used to manage private keys. NewOrExisting Default Restman and Graphman
RESOURCE_DOCUMENT Resource documents are documents schema documents. They are either a dtd or an xml schema. NewOrExisting Default Restman
REVOCATION_CHECK_POLICY A revocation checking policy defines the strategies used by the Gateway to determine whether a certificate has been revoked. NewOrExisting Default Restman
ROLE A role defines a set of permissions that a user or group is allowed to perform. A user must be assigned to at least one of these roles in order to connect to the Gateway and perform administrative tasks in the Policy Manager or through the API. NewOrExisting Default Restman
SCHEDULED_TASK Scheduled tasks allow the Gateway to schedule policy consumption. NewOrExisting Default Restman and Graphman
PASSWORD Secure passwords are used to securely store passwords and plain text PEM private keys in the Gateway database. NewOrExisting Default Restman and Graphman
SECURITY_ZONE Security zones are used to partition the Gateway into portions that can then be managed by other users. A security zone is a collection of related entities (for example: services, policies, folders, trusted certificates). NewOrExisting Default Restman
SERVER_MODULE_FILE A ServerModuleFile represents a Modular or a Custom Assertion(s) Module. NewOrExisting ModuleSha256 Restman
SERVICE This resource is used to manage services. NewOrUpdate Default Restman
INTERNAL_SOAP_SERVICE Graphman distinguishes between the individual types of services and has its own endpoints for these. NewOrUpdate Default Restman and Graphman
INTERNAL_WEBAPI_SERVICE NewOrUpdate Default Restman and Graphman
WEBAPI_SERVICE NewOrUpdate Default Restman and Graphman
SOAP_SERVICE NewOrUpdate Default Restman and Graphman
SITEMINDER_CONFIGURATION A SiteMinder Configuration describes a connection to site minder. NewOrExisting Default Restman and Graphman
SOLUTION_KIT This resource is used to list Solution Kits installed on the Gateway. NewOrExisting Default Restman
TRUSTED_CERTIFICATE Certificates are either HTTPS and LDAPS certificates.This resource enables the management of those certificates. NewOrExisting Fingerprint Restman and Graphman
USER A user represents a user identity in an identity provider. When no identity provider is specified in the url then the internal identity provider is assumed. Users can only be created and updated in the internal identity provider. NewOrExisting Default Restman

Restman Type

The type of the resource in Restman

Graphman Type

Most of the resources are identical from Restman to Graphman, but a few differ.

Description

A short description of what this resource does.

Default Action

The current standard action when migrating this type of resource.

These defaults can be changed here: Default Mappings

The possible actions are:

New, Update, Existing, Force New, Delete, Ignore, New or Update, New or Existing, Delete or ignore.

Automatic Mapping

The automatic migration mapping of resources behaves differently to the default for some resources. This is described here. By default, the system first searches for the ID of the resource; if this is not found, it searches for an element with the same type, name and path up to the root folder.

Imported by

We always prefer Graphman when available, as Graphman is significantly faster. However, Restman always acts as a fallback if a resource cannot be imported with Graphman.