core.oracle.com/v1beta1 &para;

DrgDefaultDrgRouteTables defines nested fields for Drg.DefaultDrgRouteTables.

Field	Description	Type	Required	Default	Enum
`ipsecTunnel`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the default DRG route table assigned to DRG attachments of type IPSEC_TUNNEL on creation.	`string`	No	-	-
`remotePeeringConnection`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the default DRG route table to be assigned to DRG attachments of type REMOTE_PEERING_CONNECTION on creation.	`string`	No	-	-
`vcn`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the default DRG route table to be assigned to DRG attachments of type VCN on creation.	`string`	No	-	-
`virtualCircuit`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the default DRG route table to be assigned to DRG attachments of type VIRTUAL_CIRCUIT on creation.	`string`	No	-	-

Status.status¶

Field	Description	Type	Required	Default	Enum
`async`	Async is the canonical controller-owned async contract. Resource-local legacy work-request fields may remain as compatibility mirrors while follow-on migrations land, but new async state should project here first.	`object`	No	-	-
`conditions`	-	`list[object]`	No	-	-
`createdAt`	-	`string (date-time)`	No	-	-
`deletedAt`	-	`string (date-time)`	No	-	-
`message`	-	`string`	No	-	-
`ocid`	-	`string`	No	-	-
`opcRequestId`	OpcRequestID is the latest non-empty OCI request ID from a mutating OCI response or surfaced OCI service error that materially contributed to the current shared status projection. Headerless follow-up observations keep the last non-empty value intact.	`string`	No	-	-
`reason`	-	`string`	No	-	-
`requestedAt`	-	`string (date-time)`	No	-	-
`updatedAt`	-	`string (date-time)`	No	-	-

Status.status.async¶

Async is the canonical controller-owned async contract. Resource-local legacy work-request fields may remain as compatibility mirrors while follow-on migrations land, but new async state should project here first.

Field	Description	Type	Required	Default	Enum
`current`	-	`object`	No	-	-

Status.status.async.current¶

Field	Description	Type	Required	Default	Enum
`message`	-	`string`	No	-	-
`normalizedClass`	-	`string`	Yes	-	`attention`, `canceled`, `failed`, `pending`, `succeeded`, `unknown`
`percentComplete`	-	`number`	No	-	-
`phase`	-	`string`	Yes	-	`create`, `delete`, `update`
`rawOperationType`	-	`string`	No	-	-
`rawStatus`	-	`string`	No	-	-
`source`	-	`string`	Yes	-	`lifecycle`, `none`, `workrequest`
`updatedAt`	-	`string (date-time)`	Yes	-	-
`workRequestId`	-	`string`	No	-	-

Status.status.conditions[]¶

Field	Description	Type	Required	Default	Enum
`lastTransitionTime`	-	`string (date-time)`	No	-	-
`message`	-	`string`	No	-	-
`reason`	-	`string`	No	-	-
`status`	-	`string`	Yes	-	-
`type`	-	`string`	Yes	-	-

Instance¶

Instance is the Schema for the instances API.

Plural: instances
Scope: Namespaced
APIVersion: core.oracle.com/v1beta1
Sample: Sample (config/samples/core_v1beta1_instance.yaml)
Packages: Core Compute (Not yet released)

Spec¶

InstanceSpec defines the desired state of Instance.

Field	Description	Type	Required	Default	Enum
`agentConfig`	InstanceAgentConfig defines nested fields for Instance.AgentConfig.	`object`	No	-	-
`availabilityConfig`	InstanceAvailabilityConfig defines nested fields for Instance.AvailabilityConfig.	`object`	No	-	-
`availabilityDomain`	The availability domain of the instance. Example: `Uocm:PHX-AD-1`	`string`	Yes	-	-
`capacityReservationId`	The OCID of the compute capacity reservation this instance is launched under. You can remove the instance from a reservation by specifying an empty string as input for this field. For more information, see Capacity Reservations (https://docs.oracle.com/iaas/Content/Compute/Tasks/reserve-capacity.htm#default).	`string`	No	-	-
`clusterPlacementGroupId`	The OCID of the cluster placement group of the instance.	`string`	No	-	-
`compartmentId`	The OCID of the compartment.	`string`	Yes	-	-
`computeClusterId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the compute cluster (https://docs.oracle.com/iaas/Content/Compute/Tasks/compute-clusters.htm) that the instance will be created in.	`string`	No	-	-
`createVnicDetails`	InstanceCreateVnicDetails defines nested fields for Instance.CreateVnicDetails.	`object`	No	-	-
`dedicatedVmHostId`	The OCID of the dedicated virtual machine host to place the instance on. Supported only if this VM instance was already placed on a dedicated virtual machine host - that is, you can't move an instance from on-demand capacity to dedicated capacity, nor can you move an instance from dedicated capacity to on-demand capacity.	`string`	No	-	-
`definedTags`	Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations": {"CostCenter": "42"}}`	`map[string, map[string, string]]`	No	-	-
`displayName`	A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.	`string`	No	-	-
`extendedMetadata`	Additional metadata key/value pairs that you provide. They serve the same purpose and functionality as fields in the `metadata` object. They are distinguished from `metadata` fields in that these can be nested JSON objects (whereas `metadata` fields are string/string maps only). The "user_data" field and the "ssh_authorized_keys" field cannot be changed after an instance has launched. Any request that updates, removes, or adds either of these fields will be rejected. You must provide the same values for "user_data" and "ssh_authorized_keys" that already exist on the instance. The combined size of the `metadata` and `extendedMetadata` objects can be a maximum of 32,000 bytes.	`map[string, object (preserves unknown fields)]`	No	-	-
`faultDomain`	A fault domain is a grouping of hardware and infrastructure within an availability domain. Each availability domain contains three fault domains. Fault domains let you distribute your instances so that they are not on the same physical hardware within a single availability domain. A hardware failure or Compute hardware maintenance that affects one fault domain does not affect instances in other fault domains. To get a list of fault domains, use the ListFaultDomains operation in the Identity and Access Management Service API. Example: `FAULT-DOMAIN-1`	`string`	No	-	-
`freeformTags`	Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}`	`map[string, string]`	No	-	-
`hostnameLabel`	Deprecated. Instead use `hostnameLabel` in CreateVnicDetails. If you provide both, the values must match.	`string`	No	-	-
`imageId`	Deprecated. Use `sourceDetails` with InstanceSourceViaImageDetails source type instead. If you specify values for both, the values must match.	`string`	No	-	-
`instanceConfigurationId`	The OCID of the Instance Configuration containing instance launch details. Any other fields supplied in this instance launch request will override the details stored in the Instance Configuration for this instance launch.	`string`	No	-	-
`instanceOptions`	InstanceOptions defines nested fields for Instance.InstanceOptions.	`object`	No	-	-
`ipxeScript`	This is an advanced option. When a bare metal or virtual machine instance boots, the iPXE firmware that runs on the instance is configured to run an iPXE script to continue the boot process. If you want more control over the boot process, you can provide your own custom iPXE script that will run when the instance boots. Be aware that the same iPXE script will run every time an instance boots, not only after the initial LaunchInstance call. The default iPXE script connects to the instance's local boot volume over iSCSI and performs a network boot. If you use a custom iPXE script and want to network-boot from the instance's local boot volume over iSCSI the same way as the default iPXE script, use the following iSCSI IP address: 169.254.0.2, and boot volume IQN: iqn.2015-02.oracle.boot. If your instance boot volume attachment type is paravirtualized, the boot volume is attached to the instance through virtio-scsi and no iPXE script is used. If your instance boot volume attachment type is paravirtualized and you use custom iPXE to network boot into your instance, the primary boot volume is attached as a data volume through virtio-scsi drive. For more information about the Bring Your Own Image feature of Oracle Cloud Infrastructure, see Bring Your Own Image (https://docs.oracle.com/iaas/Content/Compute/References/bringyourownimage.htm). For more information about iPXE, see http://ipxe.org.	`string`	No	-	-
`isAIEnterpriseEnabled`	Whether to enable AI enterprise on the instance.	`boolean`	No	-	-
`isPvEncryptionInTransitEnabled`	Whether to enable in-transit encryption for the data volume's paravirtualized attachment. This field applies to both block volumes and boot volumes. The default value is false.	`boolean`	No	-	-
`launchOptions`	InstanceLaunchOptions defines nested fields for Instance.LaunchOptions.	`object`	No	-	-
`launchVolumeAttachments`	Volume attachments to create as part of the launch instance operation.	`list[object]`	No	-	-
`licensingConfigs`	The list of liscensing configurations with target update values.	`list[object]`	No	-	-
`metadata`	Custom metadata key/value string pairs that you provide. Any set of key/value pairs provided here will completely replace the current set of key/value pairs in the `metadata` field on the instance. The "user_data" field and the "ssh_authorized_keys" field cannot be changed after an instance has launched. Any request that updates, removes, or adds either of these fields will be rejected. You must provide the same values for "user_data" and "ssh_authorized_keys" that already exist on the instance. The combined size of the `metadata` and `extendedMetadata` objects can be a maximum of 32,000 bytes.	`map[string, string]`	No	-	-
`placementConstraintDetails`	InstancePlacementConstraintDetails defines nested fields for Instance.PlacementConstraintDetails.	`object`	No	-	-
`platformConfig`	InstancePlatformConfig defines nested fields for Instance.PlatformConfig.	`object`	No	-	-
`preemptibleInstanceConfig`	InstancePreemptibleInstanceConfig defines nested fields for Instance.PreemptibleInstanceConfig.	`object`	No	-	-
`securityAttributes`	Security attributes (https://docs.oracle.com/iaas/Content/zero-trust-packet-routing/zpr-artifacts.htm#security-attributes) are labels for a resource that can be referenced in a Zero Trust Packet Routing (https://docs.oracle.com/iaas/Content/zero-trust-packet-routing/overview.htm) (ZPR) policy to control access to ZPR-supported resources. Example: `{"Oracle-DataSecurity-ZPR": {"MaxEgressCount": {"value":"42","mode":"audit"}}}`	`map[string, map[string, string]]`	No	-	-
`shape`	The shape of the instance. The shape determines the number of CPUs and the amount of memory allocated to the instance. For more information about how to change shapes, and a list of shapes that are supported, see Editing an Instance (https://docs.oracle.com/iaas/Content/Compute/Tasks/resizinginstances.htm). For details about the CPUs, memory, and other properties of each shape, see Compute Shapes (https://docs.oracle.com/iaas/Content/Compute/References/computeshapes.htm). The new shape must be compatible with the image that was used to launch the instance. You can enumerate all available shapes and determine image compatibility by calling ListShapes. To determine whether capacity is available for a specific shape before you change the shape of an instance, use the CreateComputeCapacityReport operation. If the instance is running when you change the shape, the instance is rebooted. Example: `VM.Standard2.1`	`string`	No	-	-
`shapeConfig`	InstanceShapeConfig defines nested fields for Instance.ShapeConfig.	`object`	No	-	-
`sourceDetails`	InstanceSourceDetails defines nested fields for Instance.SourceDetails.	`object`	No	-	-
`subnetId`	Deprecated. Instead use `subnetId` in CreateVnicDetails. At least one of them is required; if you provide both, the values must match.	`string`	No	-	-
`timeMaintenanceRebootDue`	For a VM instance, resets the scheduled time that the instance will be reboot migrated for infrastructure maintenance, in the format defined by RFC3339 (https://tools.ietf.org/html/rfc3339). If the instance hasn't been rebooted after this date, Oracle reboots the instance within 24 hours of the time and date that maintenance is due. To get the maximum possible date that a maintenance reboot can be extended, use GetInstanceMaintenanceReboot. Regardless of how the instance is stopped, this flag is reset to empty as soon as the instance reaches the Stopped state. To reboot migrate a bare metal instance, use the InstanceAction operation. For more information, see Infrastructure Maintenance (https://docs.oracle.com/iaas/Content/Compute/References/infrastructure-maintenance.htm). Example: `2018-05-25T21:10:29.600Z`	`string`	No	-	-
`updateOperationConstraint`	The parameter acts as a fail-safe to prevent unwanted downtime when updating a running instance. The default is ALLOW_DOWNTIME. * `ALLOW_DOWNTIME` - Compute might reboot the instance while updating the instance if a reboot is required. * `AVOID_DOWNTIME` - If the instance is in running state, Compute tries to update the instance without rebooting it. If the instance requires a reboot to be updated, an error is returned and the instance is not updated. If the instance is stopped, it is updated and remains in the stopped state.	`string`	No	-	-

Spec.agentConfig¶

InstanceAgentConfig defines nested fields for Instance.AgentConfig.

Field	Description	Type	Required	Default	Enum
`areAllPluginsDisabled`	Whether Oracle Cloud Agent can run all the available plugins. This includes the management and monitoring plugins. To get a list of available plugins, use the ListInstanceagentAvailablePlugins operation in the Oracle Cloud Agent API. For more information about the available plugins, see Managing Plugins with Oracle Cloud Agent (https://docs.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm).	`boolean`	No	-	-
`isManagementDisabled`	Whether Oracle Cloud Agent can run all the available management plugins. These are the management plugins: OS Management Service Agent and Compute Instance Run Command. The management plugins are controlled by this parameter and by the per-plugin configuration in the `pluginsConfig` object. - If `isManagementDisabled` is true, all of the management plugins are disabled, regardless of the per-plugin configuration. - If `isManagementDisabled` is false, all of the management plugins are enabled. You can optionally disable individual management plugins by providing a value in the `pluginsConfig` object.	`boolean`	No	-	-
`isMonitoringDisabled`	Whether Oracle Cloud Agent can gather performance metrics and monitor the instance using the monitoring plugins. These are the monitoring plugins: Compute Instance Monitoring and Custom Logs Monitoring. The monitoring plugins are controlled by this parameter and by the per-plugin configuration in the `pluginsConfig` object. - If `isMonitoringDisabled` is true, all of the monitoring plugins are disabled, regardless of the per-plugin configuration. - If `isMonitoringDisabled` is false, all of the monitoring plugins are enabled. You can optionally disable individual monitoring plugins by providing a value in the `pluginsConfig` object.	`boolean`	No	-	-
`pluginsConfig`	The configuration of plugins associated with this instance.	`list[object]`	No	-	-

Spec.agentConfig.pluginsConfig[]¶

InstanceAgentConfigPluginsConfig defines nested fields for Instance.AgentConfig.PluginsConfig.

Field	Description	Type	Required	Default	Enum
`desiredState`	Whether the plugin should be enabled or disabled. To enable the monitoring and management plugins, the `isMonitoringDisabled` and `isManagementDisabled` attributes must also be set to false.	`string`	Yes	-	-
`name`	The plugin name. To get a list of available plugins, use the ListInstanceagentAvailablePlugins operation in the Oracle Cloud Agent API. For more information about the available plugins, see Managing Plugins with Oracle Cloud Agent (https://docs.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm).	`string`	Yes	-	-

Spec.availabilityConfig¶

InstanceAvailabilityConfig defines nested fields for Instance.AvailabilityConfig.

Field	Description	Type	Required	Default	Enum
`isLiveMigrationPreferred`	Whether to live migrate supported VM instances to a healthy physical VM host without disrupting running instances during infrastructure maintenance events. If null, Oracle chooses the best option for migrating the VM during infrastructure maintenance events.	`boolean`	No	-	-
`recoveryAction`	The lifecycle state for an instance when it is recovered after infrastructure maintenance. * `RESTORE_INSTANCE` - The instance is restored to the lifecycle state it was in before the maintenance event. If the instance was running, it is automatically rebooted. This is the default action when a value is not set. * `STOP_INSTANCE` - The instance is recovered in the stopped state.	`string`	No	-	-

Spec.createVnicDetails¶

InstanceCreateVnicDetails defines nested fields for Instance.CreateVnicDetails.

Field	Description	Type	Required	Default	Enum
`assignIpv6Ip`	Whether to allocate an IPv6 address at instance and VNIC creation from an IPv6 enabled subnet. Default: False. When provided you may optionally provide an IPv6 prefix (`ipv6SubnetCidr`) of your choice to assign the IPv6 address from. If `ipv6SubnetCidr` is not provided then an IPv6 prefix is chosen for you.	`boolean`	No	-	-
`assignPrivateDnsRecord`	Whether the VNIC should be assigned a DNS record. If set to false, there will be no DNS record registration for the VNIC. If set to true, the DNS record will be registered. The default value is true. If you specify a `hostnameLabel`, then `assignPrivateDnsRecord` must be set to true.	`boolean`	No	-	-
`assignPublicIp`	Whether the VNIC should be assigned a public IP address. Defaults to whether the subnet is public or private. If not set and the VNIC is being created in a private subnet (that is, where `prohibitPublicIpOnVnic` = true in the Subnet), then no public IP address is assigned. If not set and the subnet is public (`prohibitPublicIpOnVnic` = false), then a public IP address is assigned. If set to true and `prohibitPublicIpOnVnic` = true, an error is returned. Note: This public IP address is associated with the primary private IP on the VNIC. For more information, see IP Addresses (https://docs.oracle.com/iaas/Content/Network/Tasks/managingIPaddresses.htm). Note: There's a limit to the number of PublicIp a VNIC or instance can have. If you try to create a secondary VNIC with an assigned public IP for an instance that has already reached its public IP limit, an error is returned. For information about the public IP limits, see Public IP Addresses (https://docs.oracle.com/iaas/Content/Network/Tasks/managingpublicIPs.htm). Example: `false` If you specify a `vlanId`, then `assignPublicIp` must be set to false. See Vlan.	`boolean`	No	-	-
`definedTags`	Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations": {"CostCenter": "42"}}`	`map[string, map[string, string]]`	No	-	-
`displayName`	A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.	`string`	No	-	-
`freeformTags`	Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}`	`map[string, string]`	No	-	-
`hostnameLabel`	The hostname for the VNIC's primary private IP. Used for DNS. The value is the hostname portion of the primary private IP's fully qualified domain name (FQDN) (for example, `bminstance1` in FQDN `bminstance1.subnet123.vcn1.oraclevcn.com`). Must be unique across all VNICs in the subnet and comply with RFC 952 (https://tools.ietf.org/html/rfc952) and RFC 1123 (https://tools.ietf.org/html/rfc1123). The value appears in the Vnic object and also the PrivateIp object returned by ListPrivateIps and GetPrivateIp. For more information, see DNS in Your Virtual Cloud Network (https://docs.oracle.com/iaas/Content/Network/Concepts/dns.htm). When launching an instance, use this `hostnameLabel` instead of the deprecated `hostnameLabel` in LaunchInstanceDetails. If you provide both, the values must match. Example: `bminstance1` If you specify a `vlanId`, the `hostnameLabel` cannot be specified. VNICs on a VLAN can not be assigned a hostname. See Vlan.	`string`	No	-	-
`ipv6AddressIpv6SubnetCidrPairDetails`	A list of IPv6 prefix ranges from which the VNIC is assigned an IPv6 address. You can provide only the prefix ranges from which OCI selects an available address from the range. You can optionally choose to leave the prefix range empty and instead provide the specific IPv6 address within that range to use.	`list[object]`	No	-	-
`nsgIds`	A list of the OCIDs of the network security groups (NSGs) to add the VNIC to. For more information about NSGs, see NetworkSecurityGroup. If a `vlanId` is specified, the `nsgIds` cannot be specified. The `vlanId` indicates that the VNIC will belong to a VLAN instead of a subnet. With VLANs, all VNICs in the VLAN belong to the NSGs that are associated with the VLAN. See Vlan.	`list[string]`	No	-	-
`privateIp`	A private IP address of your choice to assign to the VNIC. Must be an available IP address within the subnet's CIDR. If you don't specify a value, Oracle automatically assigns a private IP address from the subnet. This is the VNIC's primary private IP address. The value appears in the Vnic object and also the PrivateIp object returned by ListPrivateIps and GetPrivateIp. If you specify a `vlanId`, the `privateIp` cannot be specified. See Vlan. If you specify a 'privateIpId', the 'privateIp' cannot be specified. Example: `10.0.3.3`	`string`	No	-	-
`privateIpId`	An OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) that specifies a previously-reserved IP address to use for this VNIC.	`string`	No	-	-
`securityAttributes`	Security attributes (https://docs.oracle.com/iaas/Content/zero-trust-packet-routing/zpr-artifacts.htm#security-attributes) are labels for a resource that can be referenced in a Zero Trust Packet Routing (https://docs.oracle.com/iaas/Content/zero-trust-packet-routing/overview.htm) (ZPR) policy to control access to ZPR-supported resources. Example: `{"Oracle-DataSecurity-ZPR": {"MaxEgressCount": {"value":"42","mode":"audit"}}}`	`map[string, map[string, string]]`	No	-	-
`skipSourceDestCheck`	Whether the source/destination check is disabled on the VNIC. Defaults to `false`, which means the check is performed. For information about why you would skip the source/destination check, see Using a Private IP as a Route Target (https://docs.oracle.com/iaas/Content/Network/Tasks/managingroutetables.htm#privateip). If you specify a `vlanId`, the `skipSourceDestCheck` cannot be specified because the source/destination check is always disabled for VNICs in a VLAN. See Vlan. Example: `true`	`boolean`	No	-	-
`subnetCidr`	One of the IPv4 CIDR blocks allocated to the subnet. Represents the IP range from which the VNIC's private IP address will be assigned if `privateIp` or `privateIpId` is not specified. Either this field or the `privateIp` (or `privateIpId`, if applicable) field must be provided, but not both simultaneously. Example: `192.168.1.0/28`	`string`	No	-	-
`subnetId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the subnet to create the VNIC in. When launching an instance, use this `subnetId` instead of the deprecated `subnetId` in LaunchInstanceDetails. At least one of them is required; if you provide both, the values must match. If you are an Oracle Cloud VMware Solution customer and creating a secondary VNIC in a VLAN instead of a subnet, provide a `vlanId` instead of a `subnetId`. If you provide both a `vlanId` and `subnetId`, the request fails.	`string`	No	-	-
`vlanId`	Provide this attribute only if you are an Oracle Cloud VMware Solution customer and creating a secondary VNIC in a VLAN. The value is the OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VLAN. See Vlan. Provide a `vlanId` instead of a `subnetId`. If you provide both a `vlanId` and `subnetId`, the request fails.	`string`	No	-	-

Spec.createVnicDetails.ipv6AddressIpv6SubnetCidrPairDetails[]¶

InstanceCreateVnicDetailsIpv6AddressIpv6SubnetCidrPairDetail defines nested fields for Instance.CreateVnicDetails.Ipv6AddressIpv6SubnetCidrPairDetail.

Field	Description	Type	Required	Default	Enum
`ipv6Address`	An IPv6 address of your choice. Must be an available IPv6 address within the subnet's prefix. If an IPv6 address is not provided: - Oracle will automatically assign an IPv6 address from the subnet's IPv6 prefix if and only if there is only one IPv6 prefix on the subnet. - Oracle will automatically assign an IPv6 address from the subnet's IPv6 Oracle GUA prefix if it exists on the subnet.	`string`	No	-	-
`ipv6Id`	An OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) that specifies a previously-reserved ipv6 to use.	`string`	No	-	-
`ipv6SubnetCidr`	The IPv6 prefix allocated to the subnet.	`string`	No	-	-

Spec.instanceOptions¶

InstanceOptions defines nested fields for Instance.InstanceOptions.

Field	Description	Type	Required	Default	Enum
`areLegacyImdsEndpointsDisabled`	Whether to disable the legacy (/v1) instance metadata service endpoints. Customers who have migrated to /v2 should set this to true for added security. Default is false.	`boolean`	No	-	-

Spec.launchOptions¶

InstanceLaunchOptions defines nested fields for Instance.LaunchOptions.

Field	Description	Type	Required	Default	Enum
`bootVolumeType`	Emulation type for the boot volume. * `ISCSI` - ISCSI attached block storage device. * `PARAVIRTUALIZED` - Paravirtualized disk. This is the default for boot volumes and remote block storage volumes on platform images. Before you change the boot volume attachment type, detach all block volumes and VNICs except for the boot volume and the primary VNIC. If the instance is running when you change the boot volume attachment type, it will be rebooted. Note: Some instances might not function properly if you change the boot volume attachment type. After the instance reboots and is running, connect to it. If the connection fails or the OS doesn't behave as expected, the changes are not supported. Revert the instance to the original boot volume attachment type.	`string`	No	-	-
`isPvEncryptionInTransitEnabled`	Whether to enable in-transit encryption for the volume's paravirtualized attachment. To enable in-transit encryption for block volumes and boot volumes, this field must be set to `true`. Data in transit is transferred over an internal and highly secure network. If you have specific compliance requirements related to the encryption of the data while it is moving between the instance and the boot volume or the block volume, you can enable in-transit encryption. In-transit encryption is not enabled by default. All boot volumes and block volumes are encrypted at rest. For more information, see Block Volume Encryption (https://docs.oracle.com/iaas/Content/Block/Concepts/overview.htm#Encrypti).	`boolean`	No	-	-
`networkType`	Emulation type for the physical network interface card (NIC). * `VFIO` - Direct attached Virtual Function network controller. This is the networking type when you launch an instance using hardware-assisted (SR-IOV) networking. * `PARAVIRTUALIZED` - VM instances launch with paravirtualized devices using VirtIO drivers. Before you change the networking type, detach all VNICs and block volumes except for the primary VNIC and the boot volume. The image must have paravirtualized drivers installed. For more information, see Editing an Instance (https://docs.oracle.com/iaas/Content/Compute/Tasks/resizinginstances.htm). If the instance is running when you change the network type, it will be rebooted. Note: Some instances might not function properly if you change the networking type. After the instance reboots and is running, connect to it. If the connection fails or the OS doesn't behave as expected, the changes are not supported. Revert the instance to the original networking type.	`string`	No	-	-

Spec.launchVolumeAttachments[]¶

InstanceLaunchVolumeAttachment defines nested fields for Instance.LaunchVolumeAttachment.

Field	Description	Type	Required	Default	Enum
`device`	The device name. To retrieve a list of devices for a given instance, see ListInstanceDevices.	`string`	No	-	-
`displayName`	A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.	`string`	No	-	-
`encryptionInTransitType`	Refer the top-level definition of encryptionInTransitType. The default value is NONE.	`string`	No	-	-
`isAgentAutoIscsiLoginEnabled`	Whether to enable Oracle Cloud Agent to perform the iSCSI login and logout commands after the volume attach or detach operations for non multipath-enabled iSCSI attachments.	`boolean`	No	-	-
`isPvEncryptionInTransitEnabled`	Whether to enable in-transit encryption for the data volume's paravirtualized attachment. The default value is false.	`boolean`	No	-	-
`isReadOnly`	Whether the attachment was created in read-only mode.	`boolean`	No	-	-
`isShareable`	Whether the attachment should be created in shareable mode. If an attachment is created in shareable mode, then other instances can attach the same volume, provided that they also create their attachments in shareable mode. Only certain volume types can be attached in shareable mode. Defaults to false if not specified.	`boolean`	No	-	-
`jsonData`	-	`string`	No	-	-
`launchCreateVolumeDetails`	InstanceLaunchVolumeAttachmentLaunchCreateVolumeDetails defines nested fields for Instance.LaunchVolumeAttachment.LaunchCreateVolumeDetails.	`object`	No	-	-
`type`	-	`string`	No	-	-
`useChap`	Whether to use CHAP authentication for the volume attachment. Defaults to false.	`boolean`	No	-	-
`volumeId`	The OCID of the volume. If CreateVolumeDetails is specified, this field must be omitted from the request.	`string`	No	-	-

Spec.launchVolumeAttachments[].launchCreateVolumeDetails¶

InstanceLaunchVolumeAttachmentLaunchCreateVolumeDetails defines nested fields for Instance.LaunchVolumeAttachment.LaunchCreateVolumeDetails.

Field	Description	Type	Required	Default	Enum
`jsonData`	-	`string`	No	-	-
`volumeCreationType`	-	`string`	No	-	-

Spec.licensingConfigs[]¶

InstanceLicensingConfig defines nested fields for Instance.LicensingConfig.

Field	Description	Type	Required	Default	Enum
`jsonData`	-	`string`	No	-	-
`licenseType`	License Type for the OS license. * `OCI_PROVIDED` - OCI provided license (e.g. metered $/OCPU-hour). * `BRING_YOUR_OWN_LICENSE` - Bring your own license.	`string`	No	-	-
`type`	-	`string`	No	-	-

Spec.placementConstraintDetails¶

InstancePlacementConstraintDetails defines nested fields for Instance.PlacementConstraintDetails.

Field	Description	Type	Required	Default	Enum
`computeBareMetalHostId`	The OCID of the compute bare metal host. This is only available for dedicated capacity customers.	`string`	No	-	-
`computeHostGroupId`	The OCID of the compute host group. This is only available for dedicated capacity customers.	`string`	No	-	-
`jsonData`	-	`string`	No	-	-
`type`	-	`string`	No	-	-

Spec.platformConfig¶

InstancePlatformConfig defines nested fields for Instance.PlatformConfig.

Field	Description	Type	Required	Default	Enum
`isSymmetricMultiThreadingEnabled`	Whether symmetric multithreading is enabled on the instance. Symmetric multithreading is also called simultaneous multithreading (SMT) or Intel Hyper-Threading. Intel and AMD processors have two hardware execution threads per core (OCPU). SMT permits multiple independent threads of execution, to better use the resources and increase the efficiency of the CPU. When multithreading is disabled, only one thread is permitted to run on each core, which can provide higher or more predictable performance for some workloads.	`boolean`	No	-	-
`jsonData`	-	`string`	No	-	-
`type`	-	`string`	No	-	-

Spec.preemptibleInstanceConfig¶

InstancePreemptibleInstanceConfig defines nested fields for Instance.PreemptibleInstanceConfig.

Field	Description	Type	Required	Default	Enum
`preemptionAction`	InstancePreemptibleInstanceConfigPreemptionAction defines nested fields for Instance.PreemptibleInstanceConfig.PreemptionAction.	`object`	Yes	-	-

Spec.preemptibleInstanceConfig.preemptionAction¶

InstancePreemptibleInstanceConfigPreemptionAction defines nested fields for Instance.PreemptibleInstanceConfig.PreemptionAction.

Field	Description	Type	Required	Default	Enum
`jsonData`	-	`string`	No	-	-
`preserveBootVolume`	Whether to preserve the boot volume that was used to launch the preemptible instance when the instance is terminated. Defaults to false if not specified.	`boolean`	No	-	-
`type`	-	`string`	No	-	-

Spec.shapeConfig¶

InstanceShapeConfig defines nested fields for Instance.ShapeConfig.

Field	Description	Type	Required	Default	Enum
`baselineOcpuUtilization`	The baseline OCPU utilization for a subcore burstable VM instance. Leave this attribute blank for a non-burstable instance, or explicitly specify non-burstable with `BASELINE_1_1`. The following values are supported: - `BASELINE_1_8` - baseline usage is 1/8 of an OCPU. - `BASELINE_1_2` - baseline usage is 1/2 of an OCPU. - `BASELINE_1_1` - baseline usage is an entire OCPU. This represents a non-burstable instance.	`string`	No	-	-
`memoryInGBs`	The total amount of memory available to the instance, in gigabytes.	`number`	No	-	-
`nvmes`	The number of NVMe drives to be used for storage. A single drive has 6.8 TB available.	`integer`	No	-	-
`ocpus`	The total number of OCPUs available to the instance.	`number`	No	-	-
`resourceManagement`	This field is reserved for internal use.	`string`	No	-	-
`vcpus`	The total number of VCPUs available to the instance. This can be used instead of OCPUs, in which case the actual number of OCPUs will be calculated based on this value and the actual hardware. This must be a multiple of 2.	`integer`	No	-	-

Spec.sourceDetails¶

InstanceSourceDetails defines nested fields for Instance.SourceDetails.

Field	Description	Type	Required	Default	Enum
`bootVolumeId`	The OCID of the boot volume used to boot the instance.	`string`	No	-	-
`bootVolumeSizeInGBs`	The size of the boot volume in GBs. Minimum value is 50 GB and maximum value is 32,768 GB (32 TB).	`integer (int64)`	No	-	-
`imageId`	The OCID of the image used to boot the instance.	`string`	No	-	-
`isPreserveBootVolumeEnabled`	Whether to preserve the boot volume that was previously attached to the instance after a successful replacement of that boot volume.	`boolean`	No	-	-
`jsonData`	-	`string`	No	-	-
`kmsKeyId`	The OCID of the Vault service key to assign as the master encryption key for the boot volume.	`string`	No	-	-
`sourceType`	-	`string`	No	-	-

Status¶

InstanceStatus defines the observed state of Instance.

Field	Description	Type	Required	Default	Enum
`agentConfig`	InstanceAgentConfig defines nested fields for Instance.AgentConfig.	`object`	No	-	-
`availabilityConfig`	InstanceAvailabilityConfig defines nested fields for Instance.AvailabilityConfig.	`object`	No	-	-
`availabilityDomain`	The availability domain the instance is running in. Example: `Uocm:PHX-AD-1`	`string`	No	-	-
`capacityReservationId`	The OCID of the compute capacity reservation this instance is launched under. When this field contains an empty string or is null, the instance is not currently in a capacity reservation. For more information, see Capacity Reservations (https://docs.oracle.com/iaas/Content/Compute/Tasks/reserve-capacity.htm#default).	`string`	No	-	-
`clusterPlacementGroupId`	The OCID of the cluster placement group of the instance.	`string`	No	-	-
`compartmentId`	The OCID of the compartment that contains the instance.	`string`	No	-	-
`dedicatedVmHostId`	The OCID of the dedicated virtual machine host that the instance is placed on.	`string`	No	-	-
`definedTags`	Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations": {"CostCenter": "42"}}`	`map[string, map[string, string]]`	No	-	-
`displayName`	A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.	`string`	No	-	-
`extendedMetadata`	Additional metadata key/value pairs that you provide. They serve the same purpose and functionality as fields in the `metadata` object. They are distinguished from `metadata` fields in that these can be nested JSON objects (whereas `metadata` fields are string/string maps only).	`map[string, object (preserves unknown fields)]`	No	-	-
`faultDomain`	The name of the fault domain the instance is running in. A fault domain is a grouping of hardware and infrastructure within an availability domain. Each availability domain contains three fault domains. Fault domains let you distribute your instances so that they are not on the same physical hardware within a single availability domain. A hardware failure or Compute hardware maintenance that affects one fault domain does not affect instances in other fault domains. If you do not specify the fault domain, the system selects one for you. Example: `FAULT-DOMAIN-1`	`string`	No	-	-
`freeformTags`	Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}`	`map[string, string]`	No	-	-
`id`	The OCID of the instance.	`string`	No	-	-
`imageId`	Deprecated. Use `sourceDetails` instead.	`string`	No	-	-
`instanceConfigurationId`	The OCID of the Instance Configuration used to source launch details for this instance. Any other fields supplied in the instance launch request override the details stored in the Instance Configuration for this instance launch.	`string`	No	-	-
`instanceOptions`	InstanceOptions defines nested fields for Instance.InstanceOptions.	`object`	No	-	-
`ipxeScript`	When a bare metal or virtual machine instance boots, the iPXE firmware that runs on the instance is configured to run an iPXE script to continue the boot process. If you want more control over the boot process, you can provide your own custom iPXE script that will run when the instance boots. Be aware that the same iPXE script will run every time an instance boots, not only after the initial LaunchInstance call. The default iPXE script connects to the instance's local boot volume over iSCSI and performs a network boot. If you use a custom iPXE script and want to network-boot from the instance's local boot volume over iSCSI the same way as the default iPXE script, use the following iSCSI IP address: 169.254.0.2, and boot volume IQN: iqn.2015-02.oracle.boot. If your instance boot volume attachment type is paravirtualized, the boot volume is attached to the instance through virtio-scsi and no iPXE script is used. If your instance boot volume attachment type is paravirtualized and you use custom iPXE to network boot into your instance, the primary boot volume is attached as a data volume through virtio-scsi drive. For more information about the Bring Your Own Image feature of Oracle Cloud Infrastructure, see Bring Your Own Image (https://docs.oracle.com/iaas/Content/Compute/References/bringyourownimage.htm). For more information about iPXE, see http://ipxe.org.	`string`	No	-	-
`isAIEnterpriseEnabled`	Whether AI enterprise is enabled on the instance.	`boolean`	No	-	-
`isCrossNumaNode`	Whether the instance’s OCPUs and memory are distributed across multiple NUMA nodes.	`boolean`	No	-	-
`launchMode`	Specifies the configuration mode for launching virtual machine (VM) instances. The configuration modes are: * `NATIVE` - VM instances launch with iSCSI boot and VFIO devices. The default value for platform images. * `EMULATED` - VM instances launch with emulated devices, such as the E1000 network driver and emulated SCSI disk controller. * `PARAVIRTUALIZED` - VM instances launch with paravirtualized devices using VirtIO drivers. * `CUSTOM` - VM instances launch with custom configuration settings specified in the `LaunchOptions` parameter.	`string`	No	-	-
`launchOptions`	InstanceLaunchOptions defines nested fields for Instance.LaunchOptions.	`object`	No	-	-
`licensingConfigs`	List of licensing configurations associated with the instance.	`list[object]`	No	-	-
`lifecycleState`	The current state of the instance.	`string`	No	-	-
`loadBalancerBackends`	The load balancer backends that are configured for the instance pool instance.	`list[object]`	No	-	-
`metadata`	Custom metadata that you provide.	`map[string, string]`	No	-	-
`placementConstraintDetails`	InstancePlacementConstraintDetails defines nested fields for Instance.PlacementConstraintDetails.	`object`	No	-	-
`platformConfig`	InstancePlatformConfig defines nested fields for Instance.PlatformConfig.	`object`	No	-	-
`preemptibleInstanceConfig`	InstancePreemptibleInstanceConfig defines nested fields for Instance.PreemptibleInstanceConfig.	`object`	No	-	-
`region`	The region that contains the availability domain the instance is running in. For the us-phoenix-1 and us-ashburn-1 regions, `phx` and `iad` are returned, respectively. For all other regions, the full region name is returned. Examples: `phx`, `eu-frankfurt-1`	`string`	No	-	-
`securityAttributes`	Security attributes (https://docs.oracle.com/iaas/Content/zero-trust-packet-routing/zpr-artifacts.htm#security-attributes) are labels for a resource that can be referenced in a Zero Trust Packet Routing (https://docs.oracle.com/iaas/Content/zero-trust-packet-routing/overview.htm) (ZPR) policy to control access to ZPR-supported resources. Example: `{"Oracle-DataSecurity-ZPR": {"MaxEgressCount": {"value":"42","mode":"audit"}}}`	`map[string, map[string, string]]`	No	-	-
`securityAttributesState`	The lifecycle state of the `securityAttributes`	`string`	No	-	-
`shape`	The shape of the instance. The shape determines the number of CPUs and the amount of memory allocated to the instance. You can enumerate all available shapes by calling ListShapes.	`string`	No	-	-
`shapeConfig`	InstanceShapeConfig defines nested fields for Instance.ShapeConfig.	`object`	No	-	-
`sourceDetails`	InstanceSourceDetails defines nested fields for Instance.SourceDetails.	`object`	No	-	-
`state`	The current state of the instance pool instance.	`string`	No	-	-
`status`	-	`object`	Yes	-	-
`systemTags`	System tags for this resource. Each key is predefined and scoped to a namespace. Example: `{"foo-namespace": {"bar-key": "value"}}`	`map[string, map[string, string]]`	No	-	-
`timeCreated`	The date and time the instance was created, in the format defined by RFC3339 (https://tools.ietf.org/html/rfc3339). Example: `2016-08-25T21:10:29.600Z`	`string`	No	-	-
`timeMaintenanceRebootDue`	The date and time the instance is expected to be stopped / started, in the format defined by RFC3339 (https://tools.ietf.org/html/rfc3339). After that time if instance hasn't been rebooted, Oracle will reboot the instance within 24 hours of the due time. Regardless of how the instance was stopped, the flag will be reset to empty as soon as instance reaches Stopped state. Example: `2018-05-25T21:10:29.600Z`	`string`	No	-	-

Status.agentConfig¶

InstanceAgentConfig defines nested fields for Instance.AgentConfig.

Field	Description	Type	Required	Default	Enum
`areAllPluginsDisabled`	Whether Oracle Cloud Agent can run all the available plugins. This includes the management and monitoring plugins. To get a list of available plugins, use the ListInstanceagentAvailablePlugins operation in the Oracle Cloud Agent API. For more information about the available plugins, see Managing Plugins with Oracle Cloud Agent (https://docs.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm).	`boolean`	No	-	-
`isManagementDisabled`	Whether Oracle Cloud Agent can run all the available management plugins. These are the management plugins: OS Management Service Agent and Compute Instance Run Command. The management plugins are controlled by this parameter and by the per-plugin configuration in the `pluginsConfig` object. - If `isManagementDisabled` is true, all of the management plugins are disabled, regardless of the per-plugin configuration. - If `isManagementDisabled` is false, all of the management plugins are enabled. You can optionally disable individual management plugins by providing a value in the `pluginsConfig` object.	`boolean`	No	-	-
`isMonitoringDisabled`	Whether Oracle Cloud Agent can gather performance metrics and monitor the instance using the monitoring plugins. These are the monitoring plugins: Compute Instance Monitoring and Custom Logs Monitoring. The monitoring plugins are controlled by this parameter and by the per-plugin configuration in the `pluginsConfig` object. - If `isMonitoringDisabled` is true, all of the monitoring plugins are disabled, regardless of the per-plugin configuration. - If `isMonitoringDisabled` is false, all of the monitoring plugins are enabled. You can optionally disable individual monitoring plugins by providing a value in the `pluginsConfig` object.	`boolean`	No	-	-
`pluginsConfig`	The configuration of plugins associated with this instance.	`list[object]`	No	-	-

Status.agentConfig.pluginsConfig[]¶

InstanceAgentConfigPluginsConfig defines nested fields for Instance.AgentConfig.PluginsConfig.

Field	Description	Type	Required	Default	Enum
`desiredState`	Whether the plugin should be enabled or disabled. To enable the monitoring and management plugins, the `isMonitoringDisabled` and `isManagementDisabled` attributes must also be set to false.	`string`	Yes	-	-
`name`	The plugin name. To get a list of available plugins, use the ListInstanceagentAvailablePlugins operation in the Oracle Cloud Agent API. For more information about the available plugins, see Managing Plugins with Oracle Cloud Agent (https://docs.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm).	`string`	Yes	-	-

Status.availabilityConfig¶

InstanceAvailabilityConfig defines nested fields for Instance.AvailabilityConfig.

Field	Description	Type	Required	Default	Enum
`isLiveMigrationPreferred`	Whether to live migrate supported VM instances to a healthy physical VM host without disrupting running instances during infrastructure maintenance events. If null, Oracle chooses the best option for migrating the VM during infrastructure maintenance events.	`boolean`	No	-	-
`recoveryAction`	The lifecycle state for an instance when it is recovered after infrastructure maintenance. * `RESTORE_INSTANCE` - The instance is restored to the lifecycle state it was in before the maintenance event. If the instance was running, it is automatically rebooted. This is the default action when a value is not set. * `STOP_INSTANCE` - The instance is recovered in the stopped state.	`string`	No	-	-

Status.instanceOptions¶

InstanceOptions defines nested fields for Instance.InstanceOptions.

Field	Description	Type	Required	Default	Enum
`areLegacyImdsEndpointsDisabled`	Whether to disable the legacy (/v1) instance metadata service endpoints. Customers who have migrated to /v2 should set this to true for added security. Default is false.	`boolean`	No	-	-

Status.launchOptions¶

InstanceLaunchOptions defines nested fields for Instance.LaunchOptions.

Field	Description	Type	Required	Default	Enum
`bootVolumeType`	Emulation type for the boot volume. * `ISCSI` - ISCSI attached block storage device. * `PARAVIRTUALIZED` - Paravirtualized disk. This is the default for boot volumes and remote block storage volumes on platform images. Before you change the boot volume attachment type, detach all block volumes and VNICs except for the boot volume and the primary VNIC. If the instance is running when you change the boot volume attachment type, it will be rebooted. Note: Some instances might not function properly if you change the boot volume attachment type. After the instance reboots and is running, connect to it. If the connection fails or the OS doesn't behave as expected, the changes are not supported. Revert the instance to the original boot volume attachment type.	`string`	No	-	-
`isPvEncryptionInTransitEnabled`	Whether to enable in-transit encryption for the volume's paravirtualized attachment. To enable in-transit encryption for block volumes and boot volumes, this field must be set to `true`. Data in transit is transferred over an internal and highly secure network. If you have specific compliance requirements related to the encryption of the data while it is moving between the instance and the boot volume or the block volume, you can enable in-transit encryption. In-transit encryption is not enabled by default. All boot volumes and block volumes are encrypted at rest. For more information, see Block Volume Encryption (https://docs.oracle.com/iaas/Content/Block/Concepts/overview.htm#Encrypti).	`boolean`	No	-	-
`networkType`	Emulation type for the physical network interface card (NIC). * `VFIO` - Direct attached Virtual Function network controller. This is the networking type when you launch an instance using hardware-assisted (SR-IOV) networking. * `PARAVIRTUALIZED` - VM instances launch with paravirtualized devices using VirtIO drivers. Before you change the networking type, detach all VNICs and block volumes except for the primary VNIC and the boot volume. The image must have paravirtualized drivers installed. For more information, see Editing an Instance (https://docs.oracle.com/iaas/Content/Compute/Tasks/resizinginstances.htm). If the instance is running when you change the network type, it will be rebooted. Note: Some instances might not function properly if you change the networking type. After the instance reboots and is running, connect to it. If the connection fails or the OS doesn't behave as expected, the changes are not supported. Revert the instance to the original networking type.	`string`	No	-	-

Status.licensingConfigs[]¶

InstanceLicensingConfig defines nested fields for Instance.LicensingConfig.

Field	Description	Type	Required	Default	Enum
`jsonData`	-	`string`	No	-	-
`licenseType`	License Type for the OS license. * `OCI_PROVIDED` - OCI provided license (e.g. metered $/OCPU-hour). * `BRING_YOUR_OWN_LICENSE` - Bring your own license.	`string`	No	-	-
`type`	-	`string`	No	-	-

Status.loadBalancerBackends[]¶

InstanceLoadBalancerBackend defines nested fields for Instance.LoadBalancerBackend.

Field	Description	Type	Required	Default	Enum
`backendHealthStatus`	The health of the backend as observed by the load balancer.	`string`	No	-	-
`backendName`	The name of the backend in the backend set.	`string`	No	-	-
`backendSetName`	The name of the backend set on the load balancer.	`string`	No	-	-
`loadBalancerId`	The OCID of the load balancer attached to the instance pool.	`string`	No	-	-

Status.placementConstraintDetails¶

InstancePlacementConstraintDetails defines nested fields for Instance.PlacementConstraintDetails.

Field	Description	Type	Required	Default	Enum
`computeBareMetalHostId`	The OCID of the compute bare metal host. This is only available for dedicated capacity customers.	`string`	No	-	-
`computeHostGroupId`	The OCID of the compute host group. This is only available for dedicated capacity customers.	`string`	No	-	-
`jsonData`	-	`string`	No	-	-
`type`	-	`string`	No	-	-

Status.platformConfig¶

InstancePlatformConfig defines nested fields for Instance.PlatformConfig.

Field	Description	Type	Required	Default	Enum
`isSymmetricMultiThreadingEnabled`	Whether symmetric multithreading is enabled on the instance. Symmetric multithreading is also called simultaneous multithreading (SMT) or Intel Hyper-Threading. Intel and AMD processors have two hardware execution threads per core (OCPU). SMT permits multiple independent threads of execution, to better use the resources and increase the efficiency of the CPU. When multithreading is disabled, only one thread is permitted to run on each core, which can provide higher or more predictable performance for some workloads.	`boolean`	No	-	-
`jsonData`	-	`string`	No	-	-
`type`	-	`string`	No	-	-

Status.preemptibleInstanceConfig¶

InstancePreemptibleInstanceConfig defines nested fields for Instance.PreemptibleInstanceConfig.

Field	Description	Type	Required	Default	Enum
`preemptionAction`	InstancePreemptibleInstanceConfigPreemptionAction defines nested fields for Instance.PreemptibleInstanceConfig.PreemptionAction.	`object`	Yes	-	-

Status.preemptibleInstanceConfig.preemptionAction¶

InstancePreemptibleInstanceConfigPreemptionAction defines nested fields for Instance.PreemptibleInstanceConfig.PreemptionAction.

Field	Description	Type	Required	Default	Enum
`jsonData`	-	`string`	No	-	-
`preserveBootVolume`	Whether to preserve the boot volume that was used to launch the preemptible instance when the instance is terminated. Defaults to false if not specified.	`boolean`	No	-	-
`type`	-	`string`	No	-	-

Status.shapeConfig¶

InstanceShapeConfig defines nested fields for Instance.ShapeConfig.

Field	Description	Type	Required	Default	Enum
`baselineOcpuUtilization`	The baseline OCPU utilization for a subcore burstable VM instance. Leave this attribute blank for a non-burstable instance, or explicitly specify non-burstable with `BASELINE_1_1`. The following values are supported: - `BASELINE_1_8` - baseline usage is 1/8 of an OCPU. - `BASELINE_1_2` - baseline usage is 1/2 of an OCPU. - `BASELINE_1_1` - baseline usage is an entire OCPU. This represents a non-burstable instance.	`string`	No	-	-
`memoryInGBs`	The total amount of memory available to the instance, in gigabytes.	`number`	No	-	-
`nvmes`	The number of NVMe drives to be used for storage. A single drive has 6.8 TB available.	`integer`	No	-	-
`ocpus`	The total number of OCPUs available to the instance.	`number`	No	-	-
`resourceManagement`	This field is reserved for internal use.	`string`	No	-	-
`vcpus`	The total number of VCPUs available to the instance. This can be used instead of OCPUs, in which case the actual number of OCPUs will be calculated based on this value and the actual hardware. This must be a multiple of 2.	`integer`	No	-	-

Status.sourceDetails¶

InstanceSourceDetails defines nested fields for Instance.SourceDetails.

Field	Description	Type	Required	Default	Enum
`bootVolumeId`	The OCID of the boot volume used to boot the instance.	`string`	No	-	-
`bootVolumeSizeInGBs`	The size of the boot volume in GBs. Minimum value is 50 GB and maximum value is 32,768 GB (32 TB).	`integer (int64)`	No	-	-
`imageId`	The OCID of the image used to boot the instance.	`string`	No	-	-
`isPreserveBootVolumeEnabled`	Whether to preserve the boot volume that was previously attached to the instance after a successful replacement of that boot volume.	`boolean`	No	-	-
`jsonData`	-	`string`	No	-	-
`kmsKeyId`	The OCID of the Vault service key to assign as the master encryption key for the boot volume.	`string`	No	-	-
`sourceType`	-	`string`	No	-	-

Status.status¶

Field	Description	Type	Required	Default	Enum
`async`	Async is the canonical controller-owned async contract. Resource-local legacy work-request fields may remain as compatibility mirrors while follow-on migrations land, but new async state should project here first.	`object`	No	-	-
`conditions`	-	`list[object]`	No	-	-
`createdAt`	-	`string (date-time)`	No	-	-
`deletedAt`	-	`string (date-time)`	No	-	-
`message`	-	`string`	No	-	-
`ocid`	-	`string`	No	-	-
`opcRequestId`	OpcRequestID is the latest non-empty OCI request ID from a mutating OCI response or surfaced OCI service error that materially contributed to the current shared status projection. Headerless follow-up observations keep the last non-empty value intact.	`string`	No	-	-
`reason`	-	`string`	No	-	-
`requestedAt`	-	`string (date-time)`	No	-	-
`updatedAt`	-	`string (date-time)`	No	-	-

Status.status.async¶

Async is the canonical controller-owned async contract. Resource-local legacy work-request fields may remain as compatibility mirrors while follow-on migrations land, but new async state should project here first.

Field	Description	Type	Required	Default	Enum
`current`	-	`object`	No	-	-

Status.status.async.current¶

Field	Description	Type	Required	Default	Enum
`message`	-	`string`	No	-	-
`normalizedClass`	-	`string`	Yes	-	`attention`, `canceled`, `failed`, `pending`, `succeeded`, `unknown`
`percentComplete`	-	`number`	No	-	-
`phase`	-	`string`	Yes	-	`create`, `delete`, `update`
`rawOperationType`	-	`string`	No	-	-
`rawStatus`	-	`string`	No	-	-
`source`	-	`string`	Yes	-	`lifecycle`, `none`, `workrequest`
`updatedAt`	-	`string (date-time)`	Yes	-	-
`workRequestId`	-	`string`	No	-	-

Status.status.conditions[]¶

Field	Description	Type	Required	Default	Enum
`lastTransitionTime`	-	`string (date-time)`	No	-	-
`message`	-	`string`	No	-	-
`reason`	-	`string`	No	-	-
`status`	-	`string`	Yes	-	-
`type`	-	`string`	Yes	-	-

InternetGateway¶

InternetGateway is the Schema for the internetgateways API.

Plural: internetgateways
Scope: Namespaced
APIVersion: core.oracle.com/v1beta1
Sample: Sample (config/samples/core_v1beta1_internetgateway.yaml)
Packages: Core Networking (v2.0.0-alpha)

Spec¶

InternetGatewaySpec defines the desired state of InternetGateway.

Field	Description	Type	Required	Default	Enum
`compartmentId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the compartment to contain the internet gateway.	`string`	Yes	-	-
`definedTags`	Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations": {"CostCenter": "42"}}`	`map[string, map[string, string]]`	No	-	-
`displayName`	A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.	`string`	No	-	-
`freeformTags`	Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}`	`map[string, string]`	No	-	-
`isEnabled`	Whether the gateway is enabled upon creation.	`boolean`	Yes	-	-
`routeTableId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the route table the Internet Gateway is using.	`string`	No	-	-
`vcnId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN the Internet Gateway is attached to.	`string`	Yes	-	-

Status¶

InternetGatewayStatus defines the observed state of InternetGateway.

Field	Description	Type	Required	Default	Enum
`compartmentId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the compartment containing the internet gateway.	`string`	No	-	-
`definedTags`	Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations": {"CostCenter": "42"}}`	`map[string, map[string, string]]`	No	-	-
`displayName`	A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.	`string`	No	-	-
`freeformTags`	Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}`	`map[string, string]`	No	-	-
`id`	The internet gateway's Oracle ID (OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm)).	`string`	No	-	-
`isEnabled`	Whether the gateway is enabled. When the gateway is disabled, traffic is not routed to/from the Internet, regardless of route rules.	`boolean`	No	-	-
`lifecycleState`	The internet gateway's current state.	`string`	No	-	-
`routeTableId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the route table the Internet Gateway is using.	`string`	No	-	-
`status`	-	`object`	Yes	-	-
`timeCreated`	The date and time the internet gateway was created, in the format defined by RFC3339 (https://tools.ietf.org/html/rfc3339). Example: `2016-08-25T21:10:29.600Z`	`string`	No	-	-
`vcnId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN the Internet Gateway belongs to.	`string`	No	-	-

Status.status¶

Field	Description	Type	Required	Default	Enum
`async`	Async is the canonical controller-owned async contract. Resource-local legacy work-request fields may remain as compatibility mirrors while follow-on migrations land, but new async state should project here first.	`object`	No	-	-
`conditions`	-	`list[object]`	No	-	-
`createdAt`	-	`string (date-time)`	No	-	-
`deletedAt`	-	`string (date-time)`	No	-	-
`message`	-	`string`	No	-	-
`ocid`	-	`string`	No	-	-
`opcRequestId`	OpcRequestID is the latest non-empty OCI request ID from a mutating OCI response or surfaced OCI service error that materially contributed to the current shared status projection. Headerless follow-up observations keep the last non-empty value intact.	`string`	No	-	-
`reason`	-	`string`	No	-	-
`requestedAt`	-	`string (date-time)`	No	-	-
`updatedAt`	-	`string (date-time)`	No	-	-

Status.status.async¶

Async is the canonical controller-owned async contract. Resource-local legacy work-request fields may remain as compatibility mirrors while follow-on migrations land, but new async state should project here first.

Field	Description	Type	Required	Default	Enum
`current`	-	`object`	No	-	-

Status.status.async.current¶

Field	Description	Type	Required	Default	Enum
`message`	-	`string`	No	-	-
`normalizedClass`	-	`string`	Yes	-	`attention`, `canceled`, `failed`, `pending`, `succeeded`, `unknown`
`percentComplete`	-	`number`	No	-	-
`phase`	-	`string`	Yes	-	`create`, `delete`, `update`
`rawOperationType`	-	`string`	No	-	-
`rawStatus`	-	`string`	No	-	-
`source`	-	`string`	Yes	-	`lifecycle`, `none`, `workrequest`
`updatedAt`	-	`string (date-time)`	Yes	-	-
`workRequestId`	-	`string`	No	-	-

Status.status.conditions[]¶

Field	Description	Type	Required	Default	Enum
`lastTransitionTime`	-	`string (date-time)`	No	-	-
`message`	-	`string`	No	-	-
`reason`	-	`string`	No	-	-
`status`	-	`string`	Yes	-	-
`type`	-	`string`	Yes	-	-

NatGateway¶

NatGateway is the Schema for the natgateways API.

Plural: natgateways
Scope: Namespaced
APIVersion: core.oracle.com/v1beta1
Sample: Sample (config/samples/core_v1beta1_natgateway.yaml)
Packages: Core Networking (v2.0.0-alpha)

Spec¶

NatGatewaySpec defines the desired state of NatGateway.

Field	Description	Type	Required	Default	Enum
`blockTraffic`	Whether the NAT gateway blocks traffic through it. The default is `false`. Example: `true`	`boolean`	No	-	-
`compartmentId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the compartment to contain the NAT gateway.	`string`	Yes	-	-
`definedTags`	Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations": {"CostCenter": "42"}}`	`map[string, map[string, string]]`	No	-	-
`displayName`	A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.	`string`	No	-	-
`freeformTags`	Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}`	`map[string, string]`	No	-	-
`publicIpId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the public IP address associated with the NAT gateway.	`string`	No	-	-
`routeTableId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the route table used by the NAT gateway. If you don't specify a route table here, the NAT gateway is created without an associated route table. The Networking service does NOT automatically associate the attached VCN's default route table with the NAT gateway.	`string`	No	-	-
`vcnId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN the gateway belongs to.	`string`	Yes	-	-

Status¶

NatGatewayStatus defines the observed state of NatGateway.

Field	Description	Type	Required	Default	Enum
`blockTraffic`	Whether the NAT gateway blocks traffic through it. The default is `false`. Example: `true`	`boolean`	No	-	-
`compartmentId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the compartment that contains the NAT gateway.	`string`	No	-	-
`definedTags`	Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations": {"CostCenter": "42"}}`	`map[string, map[string, string]]`	No	-	-
`displayName`	A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.	`string`	No	-	-
`freeformTags`	Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}`	`map[string, string]`	No	-	-
`id`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the NAT gateway.	`string`	No	-	-
`lifecycleState`	The NAT gateway's current state.	`string`	No	-	-
`natIp`	The IP address associated with the NAT gateway.	`string`	No	-	-
`publicIpId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the public IP address associated with the NAT gateway.	`string`	No	-	-
`publicIpIdCreateIntent`	Tracks whether `spec.publicIpId` was explicitly set or omitted when the current tracked NAT gateway first became managed by this controller.	`string`	No	-	`Explicit`, `Omitted`
`routeTableId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the route table used by the NAT gateway. If you don't specify a route table here, the NAT gateway is created without an associated route table. The Networking service does NOT automatically associate the attached VCN's default route table with the NAT gateway.	`string`	No	-	-
`status`	-	`object`	Yes	-	-
`timeCreated`	The date and time the NAT gateway was created, in the format defined by RFC3339 (https://tools.ietf.org/html/rfc3339). Example: `2016-08-25T21:10:29.600Z`	`string`	No	-	-
`vcnId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN the NAT gateway belongs to.	`string`	No	-	-

Status.status¶

Field	Description	Type	Required	Default	Enum
`async`	Async is the canonical controller-owned async contract. Resource-local legacy work-request fields may remain as compatibility mirrors while follow-on migrations land, but new async state should project here first.	`object`	No	-	-
`conditions`	-	`list[object]`	No	-	-
`createdAt`	-	`string (date-time)`	No	-	-
`deletedAt`	-	`string (date-time)`	No	-	-
`message`	-	`string`	No	-	-
`ocid`	-	`string`	No	-	-
`opcRequestId`	OpcRequestID is the latest non-empty OCI request ID from a mutating OCI response or surfaced OCI service error that materially contributed to the current shared status projection. Headerless follow-up observations keep the last non-empty value intact.	`string`	No	-	-
`reason`	-	`string`	No	-	-
`requestedAt`	-	`string (date-time)`	No	-	-
`updatedAt`	-	`string (date-time)`	No	-	-

Status.status.async¶

Async is the canonical controller-owned async contract. Resource-local legacy work-request fields may remain as compatibility mirrors while follow-on migrations land, but new async state should project here first.

Field	Description	Type	Required	Default	Enum
`current`	-	`object`	No	-	-

Status.status.async.current¶

Field	Description	Type	Required	Default	Enum
`message`	-	`string`	No	-	-
`normalizedClass`	-	`string`	Yes	-	`attention`, `canceled`, `failed`, `pending`, `succeeded`, `unknown`
`percentComplete`	-	`number`	No	-	-
`phase`	-	`string`	Yes	-	`create`, `delete`, `update`
`rawOperationType`	-	`string`	No	-	-
`rawStatus`	-	`string`	No	-	-
`source`	-	`string`	Yes	-	`lifecycle`, `none`, `workrequest`
`updatedAt`	-	`string (date-time)`	Yes	-	-
`workRequestId`	-	`string`	No	-	-

Status.status.conditions[]¶

Field	Description	Type	Required	Default	Enum
`lastTransitionTime`	-	`string (date-time)`	No	-	-
`message`	-	`string`	No	-	-
`reason`	-	`string`	No	-	-
`status`	-	`string`	Yes	-	-
`type`	-	`string`	Yes	-	-

NetworkSecurityGroup¶

NetworkSecurityGroup is the Schema for the networksecuritygroups API.

Plural: networksecuritygroups
Scope: Namespaced
APIVersion: core.oracle.com/v1beta1
Sample: Sample (config/samples/core_v1beta1_networksecuritygroup.yaml)
Packages: Core Networking (v2.0.0-alpha)

Spec¶

NetworkSecurityGroupSpec defines the desired state of NetworkSecurityGroup.

Field	Description	Type	Required	Default	Enum
`compartmentId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the compartment to contain the network security group.	`string`	Yes	-	-
`definedTags`	Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations": {"CostCenter": "42"}}`	`map[string, map[string, string]]`	No	-	-
`displayName`	A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.	`string`	No	-	-
`freeformTags`	Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}`	`map[string, string]`	No	-	-
`vcnId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN to create the network security group in.	`string`	Yes	-	-

Status¶

NetworkSecurityGroupStatus defines the observed state of NetworkSecurityGroup.

Field	Description	Type	Required	Default	Enum
`compartmentId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the compartment the network security group is in.	`string`	No	-	-
`definedTags`	Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations": {"CostCenter": "42"}}`	`map[string, map[string, string]]`	No	-	-
`displayName`	A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.	`string`	No	-	-
`freeformTags`	Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}`	`map[string, string]`	No	-	-
`id`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the network security group.	`string`	No	-	-
`lifecycleState`	The network security group's current state.	`string`	No	-	-
`status`	-	`object`	Yes	-	-
`timeCreated`	The date and time the network security group was created, in the format defined by RFC3339 (https://tools.ietf.org/html/rfc3339). Example: `2016-08-25T21:10:29.600Z`	`string`	No	-	-
`vcnId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the network security group's VCN.	`string`	No	-	-

Status.status¶

Field	Description	Type	Required	Default	Enum
`async`	Async is the canonical controller-owned async contract. Resource-local legacy work-request fields may remain as compatibility mirrors while follow-on migrations land, but new async state should project here first.	`object`	No	-	-
`conditions`	-	`list[object]`	No	-	-
`createdAt`	-	`string (date-time)`	No	-	-
`deletedAt`	-	`string (date-time)`	No	-	-
`message`	-	`string`	No	-	-
`ocid`	-	`string`	No	-	-
`opcRequestId`	OpcRequestID is the latest non-empty OCI request ID from a mutating OCI response or surfaced OCI service error that materially contributed to the current shared status projection. Headerless follow-up observations keep the last non-empty value intact.	`string`	No	-	-
`reason`	-	`string`	No	-	-
`requestedAt`	-	`string (date-time)`	No	-	-
`updatedAt`	-	`string (date-time)`	No	-	-

Status.status.async¶

Async is the canonical controller-owned async contract. Resource-local legacy work-request fields may remain as compatibility mirrors while follow-on migrations land, but new async state should project here first.

Field	Description	Type	Required	Default	Enum
`current`	-	`object`	No	-	-

Status.status.async.current¶

Field	Description	Type	Required	Default	Enum
`message`	-	`string`	No	-	-
`normalizedClass`	-	`string`	Yes	-	`attention`, `canceled`, `failed`, `pending`, `succeeded`, `unknown`
`percentComplete`	-	`number`	No	-	-
`phase`	-	`string`	Yes	-	`create`, `delete`, `update`
`rawOperationType`	-	`string`	No	-	-
`rawStatus`	-	`string`	No	-	-
`source`	-	`string`	Yes	-	`lifecycle`, `none`, `workrequest`
`updatedAt`	-	`string (date-time)`	Yes	-	-
`workRequestId`	-	`string`	No	-	-

Status.status.conditions[]¶

Field	Description	Type	Required	Default	Enum
`lastTransitionTime`	-	`string (date-time)`	No	-	-
`message`	-	`string`	No	-	-
`reason`	-	`string`	No	-	-
`status`	-	`string`	Yes	-	-
`type`	-	`string`	Yes	-	-

RouteTable¶

RouteTable is the Schema for the routetables API.

Plural: routetables
Scope: Namespaced
APIVersion: core.oracle.com/v1beta1
Sample: Sample (config/samples/core_v1beta1_routetable.yaml)
Packages: Core Networking (v2.0.0-alpha)

Spec¶

RouteTableSpec defines the desired state of RouteTable.

Field	Description	Type	Required	Default	Enum
`compartmentId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the compartment to contain the route table.	`string`	Yes	-	-
`definedTags`	Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations": {"CostCenter": "42"}}`	`map[string, map[string, string]]`	No	-	-
`displayName`	A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.	`string`	No	-	-
`freeformTags`	Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}`	`map[string, string]`	No	-	-
`routeRules`	The collection of rules used for routing destination IPs to network devices.	`list[object]`	Yes	-	-
`vcnId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN the route table belongs to.	`string`	Yes	-	-

Spec.routeRules[]¶

Back to RouteTable spec

RouteTableRouteRule defines nested fields for RouteTable.RouteRule.

Field	Description	Type	Required	Default	Enum
`cidrBlock`	Deprecated. Instead use `destination` and `destinationType`. Requests that include both `cidrBlock` and `destination` will be rejected. A destination IP address range in CIDR notation. Matching packets will be routed to the indicated network entity (the target). Cannot be an IPv6 prefix. Example: `0.0.0.0/0`	`string`	No	-	-
`description`	An optional description of your choice for the rule.	`string`	No	-	-
`destination`	Conceptually, this is the range of IP addresses used for matching when routing traffic. Required if you provide a `destinationType`. Allowed values: * IP address range in CIDR notation. Can be an IPv4 CIDR block or IPv6 prefix. For example: `192.168.1.0/24` or `2001:0db8:0123:45::/56`. If you set this to an IPv6 prefix, the route rule's target can only be a DRG or internet gateway. IPv6 addressing is supported for all commercial and government regions. See IPv6 Addresses (https://docs.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). * The `cidrBlock` value for a Service, if you're setting up a route rule for traffic destined for a particular `Service` through a service gateway. For example: `oci-phx-objectstorage`.	`string`	No	-	-
`destinationType`	Type of destination for the rule. Required if you provide a `destination`. * `CIDR_BLOCK`: If the rule's `destination` is an IP address range in CIDR notation. * `SERVICE_CIDR_BLOCK`: If the rule's `destination` is the `cidrBlock` value for a Service (the rule is for traffic destined for a particular `Service` through a service gateway).	`string`	No	-	-
`networkEntityId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) for the route rule's target. For information about the type of targets you can specify, see Route Tables (https://docs.oracle.com/iaas/Content/Network/Tasks/managingroutetables.htm).	`string`	Yes	-	-
`routeType`	A route rule can be STATIC if manually added to the route table, LOCAL if added by OCI to the route table.	`string`	No	-	-

Status¶

RouteTableStatus defines the observed state of RouteTable.

Field	Description	Type	Required	Default	Enum
`compartmentId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the compartment containing the route table.	`string`	No	-	-
`definedTags`	Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations": {"CostCenter": "42"}}`	`map[string, map[string, string]]`	No	-	-
`displayName`	A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.	`string`	No	-	-
`freeformTags`	Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}`	`map[string, string]`	No	-	-
`id`	The route table's Oracle ID (OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm)).	`string`	No	-	-
`lifecycleState`	The route table's current state.	`string`	No	-	-
`routeRules`	The collection of rules for routing destination IPs to network devices.	`list[object]`	No	-	-
`status`	-	`object`	Yes	-	-
`timeCreated`	The date and time the route table was created, in the format defined by RFC3339 (https://tools.ietf.org/html/rfc3339). Example: `2016-08-25T21:10:29.600Z`	`string`	No	-	-
`vcnId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN the route table list belongs to.	`string`	No	-	-

Status.routeRules[]¶

RouteTableRouteRule defines nested fields for RouteTable.RouteRule.

Field	Description	Type	Required	Default	Enum
`cidrBlock`	Deprecated. Instead use `destination` and `destinationType`. Requests that include both `cidrBlock` and `destination` will be rejected. A destination IP address range in CIDR notation. Matching packets will be routed to the indicated network entity (the target). Cannot be an IPv6 prefix. Example: `0.0.0.0/0`	`string`	No	-	-
`description`	An optional description of your choice for the rule.	`string`	No	-	-
`destination`	Conceptually, this is the range of IP addresses used for matching when routing traffic. Required if you provide a `destinationType`. Allowed values: * IP address range in CIDR notation. Can be an IPv4 CIDR block or IPv6 prefix. For example: `192.168.1.0/24` or `2001:0db8:0123:45::/56`. If you set this to an IPv6 prefix, the route rule's target can only be a DRG or internet gateway. IPv6 addressing is supported for all commercial and government regions. See IPv6 Addresses (https://docs.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). * The `cidrBlock` value for a Service, if you're setting up a route rule for traffic destined for a particular `Service` through a service gateway. For example: `oci-phx-objectstorage`.	`string`	No	-	-
`destinationType`	Type of destination for the rule. Required if you provide a `destination`. * `CIDR_BLOCK`: If the rule's `destination` is an IP address range in CIDR notation. * `SERVICE_CIDR_BLOCK`: If the rule's `destination` is the `cidrBlock` value for a Service (the rule is for traffic destined for a particular `Service` through a service gateway).	`string`	No	-	-
`networkEntityId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) for the route rule's target. For information about the type of targets you can specify, see Route Tables (https://docs.oracle.com/iaas/Content/Network/Tasks/managingroutetables.htm).	`string`	Yes	-	-
`routeType`	A route rule can be STATIC if manually added to the route table, LOCAL if added by OCI to the route table.	`string`	No	-	-

Status.status¶

Field	Description	Type	Required	Default	Enum
`async`	Async is the canonical controller-owned async contract. Resource-local legacy work-request fields may remain as compatibility mirrors while follow-on migrations land, but new async state should project here first.	`object`	No	-	-
`conditions`	-	`list[object]`	No	-	-
`createdAt`	-	`string (date-time)`	No	-	-
`deletedAt`	-	`string (date-time)`	No	-	-
`message`	-	`string`	No	-	-
`ocid`	-	`string`	No	-	-
`opcRequestId`	OpcRequestID is the latest non-empty OCI request ID from a mutating OCI response or surfaced OCI service error that materially contributed to the current shared status projection. Headerless follow-up observations keep the last non-empty value intact.	`string`	No	-	-
`reason`	-	`string`	No	-	-
`requestedAt`	-	`string (date-time)`	No	-	-
`updatedAt`	-	`string (date-time)`	No	-	-

Status.status.async¶

Async is the canonical controller-owned async contract. Resource-local legacy work-request fields may remain as compatibility mirrors while follow-on migrations land, but new async state should project here first.

Field	Description	Type	Required	Default	Enum
`current`	-	`object`	No	-	-

Status.status.async.current¶

Field	Description	Type	Required	Default	Enum
`message`	-	`string`	No	-	-
`normalizedClass`	-	`string`	Yes	-	`attention`, `canceled`, `failed`, `pending`, `succeeded`, `unknown`
`percentComplete`	-	`number`	No	-	-
`phase`	-	`string`	Yes	-	`create`, `delete`, `update`
`rawOperationType`	-	`string`	No	-	-
`rawStatus`	-	`string`	No	-	-
`source`	-	`string`	Yes	-	`lifecycle`, `none`, `workrequest`
`updatedAt`	-	`string (date-time)`	Yes	-	-
`workRequestId`	-	`string`	No	-	-

Status.status.conditions[]¶

Field	Description	Type	Required	Default	Enum
`lastTransitionTime`	-	`string (date-time)`	No	-	-
`message`	-	`string`	No	-	-
`reason`	-	`string`	No	-	-
`status`	-	`string`	Yes	-	-
`type`	-	`string`	Yes	-	-

SecurityList¶

SecurityList is the Schema for the securitylists API.

Plural: securitylists
Scope: Namespaced
APIVersion: core.oracle.com/v1beta1
Sample: Sample (config/samples/core_v1beta1_securitylist.yaml)
Packages: Core Networking (v2.0.0-alpha)

Spec¶

SecurityListSpec defines the desired state of SecurityList.

Field	Description	Type	Required	Default	Enum
`compartmentId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the compartment to contain the security list.	`string`	Yes	-	-
`definedTags`	Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations": {"CostCenter": "42"}}`	`map[string, map[string, string]]`	No	-	-
`displayName`	A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.	`string`	No	-	-
`egressSecurityRules`	Rules for allowing egress IP packets.	`list[object]`	Yes	-	-
`freeformTags`	Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}`	`map[string, string]`	No	-	-
`ingressSecurityRules`	Rules for allowing ingress IP packets.	`list[object]`	Yes	-	-
`vcnId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN the security list belongs to.	`string`	Yes	-	-

Spec.egressSecurityRules[]¶

SecurityListEgressSecurityRule defines nested fields for SecurityList.EgressSecurityRule.

Field	Description	Type	Required	Default	Enum
`description`	An optional description of your choice for the rule.	`string`	No	-	-
`destination`	Conceptually, this is the range of IP addresses that a packet originating from the instance can go to. Allowed values: * IP address range in CIDR notation. For example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` Note that IPv6 addressing is currently supported only in certain regions. See IPv6 Addresses (https://docs.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). * The `cidrBlock` value for a Service, if you're setting up a security list rule for traffic destined for a particular `Service` through a service gateway. For example: `oci-phx-objectstorage`.	`string`	Yes	-	-
`destinationType`	Type of destination for the rule. The default is `CIDR_BLOCK`. Allowed values: * `CIDR_BLOCK`: If the rule's `destination` is an IP address range in CIDR notation. * `SERVICE_CIDR_BLOCK`: If the rule's `destination` is the `cidrBlock` value for a Service (the rule is for traffic destined for a particular `Service` through a service gateway).	`string`	No	-	-
`icmpOptions`	SecurityListEgressSecurityRuleIcmpOptions defines nested fields for SecurityList.EgressSecurityRule.IcmpOptions.	`object`	No	-	-
`isStateless`	A stateless rule allows traffic in one direction. Remember to add a corresponding stateless rule in the other direction if you need to support bidirectional traffic. For example, if egress traffic allows TCP destination port 80, there should be an ingress rule to allow TCP source port 80. Defaults to false, which means the rule is stateful and a corresponding rule is not necessary for bidirectional traffic.	`boolean`	No	-	-
`protocol`	The transport protocol. Specify either `all` or an IPv4 protocol number as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). Options are supported only for ICMP ("1"), TCP ("6"), UDP ("17"), and ICMPv6 ("58").	`string`	Yes	-	-
`tcpOptions`	SecurityListEgressSecurityRuleTcpOptions defines nested fields for SecurityList.EgressSecurityRule.TcpOptions.	`object`	No	-	-
`udpOptions`	SecurityListEgressSecurityRuleUdpOptions defines nested fields for SecurityList.EgressSecurityRule.UdpOptions.	`object`	No	-	-

Spec.egressSecurityRules[].icmpOptions¶

SecurityListEgressSecurityRuleIcmpOptions defines nested fields for SecurityList.EgressSecurityRule.IcmpOptions.

Field	Description	Type	Required	Default	Enum
`code`	The ICMP code (optional).	`integer`	No	-	-
`type`	The ICMP type.	`integer`	Yes	-	-

Spec.egressSecurityRules[].tcpOptions¶

SecurityListEgressSecurityRuleTcpOptions defines nested fields for SecurityList.EgressSecurityRule.TcpOptions.

Field	Description	Type	Required	Default	Enum
`destinationPortRange`	SecurityListEgressSecurityRuleTcpOptionsDestinationPortRange defines nested fields for SecurityList.EgressSecurityRule.TcpOptions.DestinationPortRange.	`object`	No	-	-
`sourcePortRange`	SecurityListEgressSecurityRuleTcpOptionsSourcePortRange defines nested fields for SecurityList.EgressSecurityRule.TcpOptions.SourcePortRange.	`object`	No	-	-

Spec.egressSecurityRules[].tcpOptions.destinationPortRange¶

SecurityListEgressSecurityRuleTcpOptionsDestinationPortRange defines nested fields for SecurityList.EgressSecurityRule.TcpOptions.DestinationPortRange.

Field	Description	Type	Required	Default	Enum
`max`	The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.	`integer`	Yes	-	-
`min`	The minimum port number, which must not be greater than the maximum port number.	`integer`	Yes	-	-

Spec.egressSecurityRules[].tcpOptions.sourcePortRange¶

SecurityListEgressSecurityRuleTcpOptionsSourcePortRange defines nested fields for SecurityList.EgressSecurityRule.TcpOptions.SourcePortRange.

Field	Description	Type	Required	Default	Enum
`max`	The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.	`integer`	Yes	-	-
`min`	The minimum port number, which must not be greater than the maximum port number.	`integer`	Yes	-	-

Spec.egressSecurityRules[].udpOptions¶

SecurityListEgressSecurityRuleUdpOptions defines nested fields for SecurityList.EgressSecurityRule.UdpOptions.

Field	Description	Type	Required	Default	Enum
`destinationPortRange`	SecurityListEgressSecurityRuleUdpOptionsDestinationPortRange defines nested fields for SecurityList.EgressSecurityRule.UdpOptions.DestinationPortRange.	`object`	No	-	-
`sourcePortRange`	SecurityListEgressSecurityRuleUdpOptionsSourcePortRange defines nested fields for SecurityList.EgressSecurityRule.UdpOptions.SourcePortRange.	`object`	No	-	-

Spec.egressSecurityRules[].udpOptions.destinationPortRange¶

SecurityListEgressSecurityRuleUdpOptionsDestinationPortRange defines nested fields for SecurityList.EgressSecurityRule.UdpOptions.DestinationPortRange.

Field	Description	Type	Required	Default	Enum
`max`	The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.	`integer`	Yes	-	-
`min`	The minimum port number, which must not be greater than the maximum port number.	`integer`	Yes	-	-

Spec.egressSecurityRules[].udpOptions.sourcePortRange¶

SecurityListEgressSecurityRuleUdpOptionsSourcePortRange defines nested fields for SecurityList.EgressSecurityRule.UdpOptions.SourcePortRange.

Field	Description	Type	Required	Default	Enum
`max`	The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.	`integer`	Yes	-	-
`min`	The minimum port number, which must not be greater than the maximum port number.	`integer`	Yes	-	-

Spec.ingressSecurityRules[]¶

SecurityListIngressSecurityRule defines nested fields for SecurityList.IngressSecurityRule.

Field	Description	Type	Required	Default	Enum
`description`	An optional description of your choice for the rule.	`string`	No	-	-
`icmpOptions`	SecurityListIngressSecurityRuleIcmpOptions defines nested fields for SecurityList.IngressSecurityRule.IcmpOptions.	`object`	No	-	-
`isStateless`	A stateless rule allows traffic in one direction. Remember to add a corresponding stateless rule in the other direction if you need to support bidirectional traffic. For example, if ingress traffic allows TCP destination port 80, there should be an egress rule to allow TCP source port 80. Defaults to false, which means the rule is stateful and a corresponding rule is not necessary for bidirectional traffic.	`boolean`	No	-	-
`protocol`	The transport protocol. Specify either `all` or an IPv4 protocol number as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). Options are supported only for ICMP ("1"), TCP ("6"), UDP ("17"), and ICMPv6 ("58").	`string`	Yes	-	-
`source`	Conceptually, this is the range of IP addresses that a packet coming into the instance can come from. Allowed values: * IP address range in CIDR notation. For example: `192.168.1.0/24` or `2001:0db8:0123:45::/56`. IPv6 addressing is supported for all commercial and government regions. See IPv6 Addresses (https://docs.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). * The `cidrBlock` value for a Service, if you're setting up a security list rule for traffic coming from a particular `Service` through a service gateway. For example: `oci-phx-objectstorage`.	`string`	Yes	-	-
`sourceType`	Type of source for the rule. The default is `CIDR_BLOCK`. * `CIDR_BLOCK`: If the rule's `source` is an IP address range in CIDR notation. * `SERVICE_CIDR_BLOCK`: If the rule's `source` is the `cidrBlock` value for a Service (the rule is for traffic coming from a particular `Service` through a service gateway).	`string`	No	-	-
`tcpOptions`	SecurityListIngressSecurityRuleTcpOptions defines nested fields for SecurityList.IngressSecurityRule.TcpOptions.	`object`	No	-	-
`udpOptions`	SecurityListIngressSecurityRuleUdpOptions defines nested fields for SecurityList.IngressSecurityRule.UdpOptions.	`object`	No	-	-

Spec.ingressSecurityRules[].icmpOptions¶

SecurityListIngressSecurityRuleIcmpOptions defines nested fields for SecurityList.IngressSecurityRule.IcmpOptions.

Field	Description	Type	Required	Default	Enum
`code`	The ICMP code (optional).	`integer`	No	-	-
`type`	The ICMP type.	`integer`	Yes	-	-

Spec.ingressSecurityRules[].tcpOptions¶

SecurityListIngressSecurityRuleTcpOptions defines nested fields for SecurityList.IngressSecurityRule.TcpOptions.

Field	Description	Type	Required	Default	Enum
`destinationPortRange`	SecurityListIngressSecurityRuleTcpOptionsDestinationPortRange defines nested fields for SecurityList.IngressSecurityRule.TcpOptions.DestinationPortRange.	`object`	No	-	-
`sourcePortRange`	SecurityListIngressSecurityRuleTcpOptionsSourcePortRange defines nested fields for SecurityList.IngressSecurityRule.TcpOptions.SourcePortRange.	`object`	No	-	-

Spec.ingressSecurityRules[].tcpOptions.destinationPortRange¶

SecurityListIngressSecurityRuleTcpOptionsDestinationPortRange defines nested fields for SecurityList.IngressSecurityRule.TcpOptions.DestinationPortRange.

Field	Description	Type	Required	Default	Enum
`max`	The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.	`integer`	Yes	-	-
`min`	The minimum port number, which must not be greater than the maximum port number.	`integer`	Yes	-	-

Spec.ingressSecurityRules[].tcpOptions.sourcePortRange¶

SecurityListIngressSecurityRuleTcpOptionsSourcePortRange defines nested fields for SecurityList.IngressSecurityRule.TcpOptions.SourcePortRange.

Field	Description	Type	Required	Default	Enum
`max`	The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.	`integer`	Yes	-	-
`min`	The minimum port number, which must not be greater than the maximum port number.	`integer`	Yes	-	-

Spec.ingressSecurityRules[].udpOptions¶

SecurityListIngressSecurityRuleUdpOptions defines nested fields for SecurityList.IngressSecurityRule.UdpOptions.

Field	Description	Type	Required	Default	Enum
`destinationPortRange`	SecurityListIngressSecurityRuleUdpOptionsDestinationPortRange defines nested fields for SecurityList.IngressSecurityRule.UdpOptions.DestinationPortRange.	`object`	No	-	-
`sourcePortRange`	SecurityListIngressSecurityRuleUdpOptionsSourcePortRange defines nested fields for SecurityList.IngressSecurityRule.UdpOptions.SourcePortRange.	`object`	No	-	-

Spec.ingressSecurityRules[].udpOptions.destinationPortRange¶

SecurityListIngressSecurityRuleUdpOptionsDestinationPortRange defines nested fields for SecurityList.IngressSecurityRule.UdpOptions.DestinationPortRange.

Field	Description	Type	Required	Default	Enum
`max`	The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.	`integer`	Yes	-	-
`min`	The minimum port number, which must not be greater than the maximum port number.	`integer`	Yes	-	-

Spec.ingressSecurityRules[].udpOptions.sourcePortRange¶

SecurityListIngressSecurityRuleUdpOptionsSourcePortRange defines nested fields for SecurityList.IngressSecurityRule.UdpOptions.SourcePortRange.

Field	Description	Type	Required	Default	Enum
`max`	The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.	`integer`	Yes	-	-
`min`	The minimum port number, which must not be greater than the maximum port number.	`integer`	Yes	-	-

Status¶

SecurityListStatus defines the observed state of SecurityList.

Field	Description	Type	Required	Default	Enum
`compartmentId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the compartment containing the security list.	`string`	No	-	-
`definedTags`	Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations": {"CostCenter": "42"}}`	`map[string, map[string, string]]`	No	-	-
`displayName`	A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.	`string`	No	-	-
`egressSecurityRules`	Rules for allowing egress IP packets.	`list[object]`	No	-	-
`freeformTags`	Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}`	`map[string, string]`	No	-	-
`id`	The security list's Oracle Cloud ID (OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm)).	`string`	No	-	-
`ingressSecurityRules`	Rules for allowing ingress IP packets.	`list[object]`	No	-	-
`lifecycleState`	The security list's current state.	`string`	No	-	-
`status`	-	`object`	Yes	-	-
`timeCreated`	The date and time the security list was created, in the format defined by RFC3339 (https://tools.ietf.org/html/rfc3339). Example: `2016-08-25T21:10:29.600Z`	`string`	No	-	-
`vcnId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN the security list belongs to.	`string`	No	-	-

Status.egressSecurityRules[]¶

SecurityListEgressSecurityRule defines nested fields for SecurityList.EgressSecurityRule.

Field	Description	Type	Required	Default	Enum
`description`	An optional description of your choice for the rule.	`string`	No	-	-
`destination`	Conceptually, this is the range of IP addresses that a packet originating from the instance can go to. Allowed values: * IP address range in CIDR notation. For example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` Note that IPv6 addressing is currently supported only in certain regions. See IPv6 Addresses (https://docs.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). * The `cidrBlock` value for a Service, if you're setting up a security list rule for traffic destined for a particular `Service` through a service gateway. For example: `oci-phx-objectstorage`.	`string`	Yes	-	-
`destinationType`	Type of destination for the rule. The default is `CIDR_BLOCK`. Allowed values: * `CIDR_BLOCK`: If the rule's `destination` is an IP address range in CIDR notation. * `SERVICE_CIDR_BLOCK`: If the rule's `destination` is the `cidrBlock` value for a Service (the rule is for traffic destined for a particular `Service` through a service gateway).	`string`	No	-	-
`icmpOptions`	SecurityListEgressSecurityRuleIcmpOptions defines nested fields for SecurityList.EgressSecurityRule.IcmpOptions.	`object`	No	-	-
`isStateless`	A stateless rule allows traffic in one direction. Remember to add a corresponding stateless rule in the other direction if you need to support bidirectional traffic. For example, if egress traffic allows TCP destination port 80, there should be an ingress rule to allow TCP source port 80. Defaults to false, which means the rule is stateful and a corresponding rule is not necessary for bidirectional traffic.	`boolean`	No	-	-
`protocol`	The transport protocol. Specify either `all` or an IPv4 protocol number as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). Options are supported only for ICMP ("1"), TCP ("6"), UDP ("17"), and ICMPv6 ("58").	`string`	Yes	-	-
`tcpOptions`	SecurityListEgressSecurityRuleTcpOptions defines nested fields for SecurityList.EgressSecurityRule.TcpOptions.	`object`	No	-	-
`udpOptions`	SecurityListEgressSecurityRuleUdpOptions defines nested fields for SecurityList.EgressSecurityRule.UdpOptions.	`object`	No	-	-

Status.egressSecurityRules[].icmpOptions¶

SecurityListEgressSecurityRuleIcmpOptions defines nested fields for SecurityList.EgressSecurityRule.IcmpOptions.

Field	Description	Type	Required	Default	Enum
`code`	The ICMP code (optional).	`integer`	No	-	-
`type`	The ICMP type.	`integer`	Yes	-	-

Status.egressSecurityRules[].tcpOptions¶

SecurityListEgressSecurityRuleTcpOptions defines nested fields for SecurityList.EgressSecurityRule.TcpOptions.

Field	Description	Type	Required	Default	Enum
`destinationPortRange`	SecurityListEgressSecurityRuleTcpOptionsDestinationPortRange defines nested fields for SecurityList.EgressSecurityRule.TcpOptions.DestinationPortRange.	`object`	No	-	-
`sourcePortRange`	SecurityListEgressSecurityRuleTcpOptionsSourcePortRange defines nested fields for SecurityList.EgressSecurityRule.TcpOptions.SourcePortRange.	`object`	No	-	-

Status.egressSecurityRules[].tcpOptions.destinationPortRange¶

SecurityListEgressSecurityRuleTcpOptionsDestinationPortRange defines nested fields for SecurityList.EgressSecurityRule.TcpOptions.DestinationPortRange.

Field	Description	Type	Required	Default	Enum
`max`	The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.	`integer`	Yes	-	-
`min`	The minimum port number, which must not be greater than the maximum port number.	`integer`	Yes	-	-

Status.egressSecurityRules[].tcpOptions.sourcePortRange¶

SecurityListEgressSecurityRuleTcpOptionsSourcePortRange defines nested fields for SecurityList.EgressSecurityRule.TcpOptions.SourcePortRange.

Field	Description	Type	Required	Default	Enum
`max`	The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.	`integer`	Yes	-	-
`min`	The minimum port number, which must not be greater than the maximum port number.	`integer`	Yes	-	-

Status.egressSecurityRules[].udpOptions¶

SecurityListEgressSecurityRuleUdpOptions defines nested fields for SecurityList.EgressSecurityRule.UdpOptions.

Field	Description	Type	Required	Default	Enum
`destinationPortRange`	SecurityListEgressSecurityRuleUdpOptionsDestinationPortRange defines nested fields for SecurityList.EgressSecurityRule.UdpOptions.DestinationPortRange.	`object`	No	-	-
`sourcePortRange`	SecurityListEgressSecurityRuleUdpOptionsSourcePortRange defines nested fields for SecurityList.EgressSecurityRule.UdpOptions.SourcePortRange.	`object`	No	-	-

Status.egressSecurityRules[].udpOptions.destinationPortRange¶

SecurityListEgressSecurityRuleUdpOptionsDestinationPortRange defines nested fields for SecurityList.EgressSecurityRule.UdpOptions.DestinationPortRange.

Field	Description	Type	Required	Default	Enum
`max`	The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.	`integer`	Yes	-	-
`min`	The minimum port number, which must not be greater than the maximum port number.	`integer`	Yes	-	-

Status.egressSecurityRules[].udpOptions.sourcePortRange¶

SecurityListEgressSecurityRuleUdpOptionsSourcePortRange defines nested fields for SecurityList.EgressSecurityRule.UdpOptions.SourcePortRange.

Field	Description	Type	Required	Default	Enum
`max`	The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.	`integer`	Yes	-	-
`min`	The minimum port number, which must not be greater than the maximum port number.	`integer`	Yes	-	-

Status.ingressSecurityRules[]¶

SecurityListIngressSecurityRule defines nested fields for SecurityList.IngressSecurityRule.

Field	Description	Type	Required	Default	Enum
`description`	An optional description of your choice for the rule.	`string`	No	-	-
`icmpOptions`	SecurityListIngressSecurityRuleIcmpOptions defines nested fields for SecurityList.IngressSecurityRule.IcmpOptions.	`object`	No	-	-
`isStateless`	A stateless rule allows traffic in one direction. Remember to add a corresponding stateless rule in the other direction if you need to support bidirectional traffic. For example, if ingress traffic allows TCP destination port 80, there should be an egress rule to allow TCP source port 80. Defaults to false, which means the rule is stateful and a corresponding rule is not necessary for bidirectional traffic.	`boolean`	No	-	-
`protocol`	The transport protocol. Specify either `all` or an IPv4 protocol number as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). Options are supported only for ICMP ("1"), TCP ("6"), UDP ("17"), and ICMPv6 ("58").	`string`	Yes	-	-
`source`	Conceptually, this is the range of IP addresses that a packet coming into the instance can come from. Allowed values: * IP address range in CIDR notation. For example: `192.168.1.0/24` or `2001:0db8:0123:45::/56`. IPv6 addressing is supported for all commercial and government regions. See IPv6 Addresses (https://docs.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). * The `cidrBlock` value for a Service, if you're setting up a security list rule for traffic coming from a particular `Service` through a service gateway. For example: `oci-phx-objectstorage`.	`string`	Yes	-	-
`sourceType`	Type of source for the rule. The default is `CIDR_BLOCK`. * `CIDR_BLOCK`: If the rule's `source` is an IP address range in CIDR notation. * `SERVICE_CIDR_BLOCK`: If the rule's `source` is the `cidrBlock` value for a Service (the rule is for traffic coming from a particular `Service` through a service gateway).	`string`	No	-	-
`tcpOptions`	SecurityListIngressSecurityRuleTcpOptions defines nested fields for SecurityList.IngressSecurityRule.TcpOptions.	`object`	No	-	-
`udpOptions`	SecurityListIngressSecurityRuleUdpOptions defines nested fields for SecurityList.IngressSecurityRule.UdpOptions.	`object`	No	-	-

Status.ingressSecurityRules[].icmpOptions¶

SecurityListIngressSecurityRuleIcmpOptions defines nested fields for SecurityList.IngressSecurityRule.IcmpOptions.

Field	Description	Type	Required	Default	Enum
`code`	The ICMP code (optional).	`integer`	No	-	-
`type`	The ICMP type.	`integer`	Yes	-	-

Status.ingressSecurityRules[].tcpOptions¶

SecurityListIngressSecurityRuleTcpOptions defines nested fields for SecurityList.IngressSecurityRule.TcpOptions.

Field	Description	Type	Required	Default	Enum
`destinationPortRange`	SecurityListIngressSecurityRuleTcpOptionsDestinationPortRange defines nested fields for SecurityList.IngressSecurityRule.TcpOptions.DestinationPortRange.	`object`	No	-	-
`sourcePortRange`	SecurityListIngressSecurityRuleTcpOptionsSourcePortRange defines nested fields for SecurityList.IngressSecurityRule.TcpOptions.SourcePortRange.	`object`	No	-	-

Status.ingressSecurityRules[].tcpOptions.destinationPortRange¶

SecurityListIngressSecurityRuleTcpOptionsDestinationPortRange defines nested fields for SecurityList.IngressSecurityRule.TcpOptions.DestinationPortRange.

Field	Description	Type	Required	Default	Enum
`max`	The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.	`integer`	Yes	-	-
`min`	The minimum port number, which must not be greater than the maximum port number.	`integer`	Yes	-	-

Status.ingressSecurityRules[].tcpOptions.sourcePortRange¶

SecurityListIngressSecurityRuleTcpOptionsSourcePortRange defines nested fields for SecurityList.IngressSecurityRule.TcpOptions.SourcePortRange.

Field	Description	Type	Required	Default	Enum
`max`	The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.	`integer`	Yes	-	-
`min`	The minimum port number, which must not be greater than the maximum port number.	`integer`	Yes	-	-

Status.ingressSecurityRules[].udpOptions¶

SecurityListIngressSecurityRuleUdpOptions defines nested fields for SecurityList.IngressSecurityRule.UdpOptions.

Field	Description	Type	Required	Default	Enum
`destinationPortRange`	SecurityListIngressSecurityRuleUdpOptionsDestinationPortRange defines nested fields for SecurityList.IngressSecurityRule.UdpOptions.DestinationPortRange.	`object`	No	-	-
`sourcePortRange`	SecurityListIngressSecurityRuleUdpOptionsSourcePortRange defines nested fields for SecurityList.IngressSecurityRule.UdpOptions.SourcePortRange.	`object`	No	-	-

Status.ingressSecurityRules[].udpOptions.destinationPortRange¶

SecurityListIngressSecurityRuleUdpOptionsDestinationPortRange defines nested fields for SecurityList.IngressSecurityRule.UdpOptions.DestinationPortRange.

Field	Description	Type	Required	Default	Enum
`max`	The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.	`integer`	Yes	-	-
`min`	The minimum port number, which must not be greater than the maximum port number.	`integer`	Yes	-	-

Status.ingressSecurityRules[].udpOptions.sourcePortRange¶

SecurityListIngressSecurityRuleUdpOptionsSourcePortRange defines nested fields for SecurityList.IngressSecurityRule.UdpOptions.SourcePortRange.

Field	Description	Type	Required	Default	Enum
`max`	The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.	`integer`	Yes	-	-
`min`	The minimum port number, which must not be greater than the maximum port number.	`integer`	Yes	-	-

Status.status¶

Field	Description	Type	Required	Default	Enum
`async`	Async is the canonical controller-owned async contract. Resource-local legacy work-request fields may remain as compatibility mirrors while follow-on migrations land, but new async state should project here first.	`object`	No	-	-
`conditions`	-	`list[object]`	No	-	-
`createdAt`	-	`string (date-time)`	No	-	-
`deletedAt`	-	`string (date-time)`	No	-	-
`message`	-	`string`	No	-	-
`ocid`	-	`string`	No	-	-
`opcRequestId`	OpcRequestID is the latest non-empty OCI request ID from a mutating OCI response or surfaced OCI service error that materially contributed to the current shared status projection. Headerless follow-up observations keep the last non-empty value intact.	`string`	No	-	-
`reason`	-	`string`	No	-	-
`requestedAt`	-	`string (date-time)`	No	-	-
`updatedAt`	-	`string (date-time)`	No	-	-

Status.status.async¶

Async is the canonical controller-owned async contract. Resource-local legacy work-request fields may remain as compatibility mirrors while follow-on migrations land, but new async state should project here first.

Field	Description	Type	Required	Default	Enum
`current`	-	`object`	No	-	-

Status.status.async.current¶

Field	Description	Type	Required	Default	Enum
`message`	-	`string`	No	-	-
`normalizedClass`	-	`string`	Yes	-	`attention`, `canceled`, `failed`, `pending`, `succeeded`, `unknown`
`percentComplete`	-	`number`	No	-	-
`phase`	-	`string`	Yes	-	`create`, `delete`, `update`
`rawOperationType`	-	`string`	No	-	-
`rawStatus`	-	`string`	No	-	-
`source`	-	`string`	Yes	-	`lifecycle`, `none`, `workrequest`
`updatedAt`	-	`string (date-time)`	Yes	-	-
`workRequestId`	-	`string`	No	-	-

Status.status.conditions[]¶

Back to ServiceGateway spec

Field	Description	Type	Required	Default	Enum
`lastTransitionTime`	-	`string (date-time)`	No	-	-
`message`	-	`string`	No	-	-
`reason`	-	`string`	No	-	-
`status`	-	`string`	Yes	-	-
`type`	-	`string`	Yes	-	-

ServiceGateway¶

ServiceGateway is the Schema for the servicegateways API.

Plural: servicegateways
Scope: Namespaced
APIVersion: core.oracle.com/v1beta1
Sample: Sample (config/samples/core_v1beta1_servicegateway.yaml)
Packages: Core Networking (v2.0.0-alpha)

Spec¶

ServiceGatewaySpec defines the desired state of ServiceGateway.

Field	Description	Type	Required	Default	Enum
`blockTraffic`	Whether the service gateway blocks all traffic through it. The default is `false`. When this is `true`, traffic is not routed to any services, regardless of route rules. Example: `true`	`boolean`	No	-	-
`compartmentId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the compartment to contain the service gateway.	`string`	Yes	-	-
`definedTags`	Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations": {"CostCenter": "42"}}`	`map[string, map[string, string]]`	No	-	-
`displayName`	A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.	`string`	No	-	-
`freeformTags`	Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}`	`map[string, string]`	No	-	-
`routeTableId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the route table the service gateway will use. If you don't specify a route table here, the service gateway is created without an associated route table. The Networking service does NOT automatically associate the attached VCN's default route table with the service gateway. For information about why you would associate a route table with a service gateway, see Transit Routing: Private Access to Oracle Services (https://docs.oracle.com/iaas/Content/Network/Tasks/transitroutingoracleservices.htm).	`string`	No	-	-
`services`	List of the OCIDs of the Service objects to enable for the service gateway. This list can be empty if you don't want to enable any `Service` objects when you create the gateway. You can enable a `Service` object later by using either AttachServiceId or UpdateServiceGateway. For each enabled `Service`, make sure there's a route rule with the `Service` object's `cidrBlock` as the rule's destination and the service gateway as the rule's target. See RouteTable.	`list[object]`	Yes	-	-
`vcnId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN.	`string`	Yes	-	-

Spec.services[]¶

ServiceGatewayService defines nested fields for ServiceGateway.Service.

Field	Description	Type	Required	Default	Enum
`serviceId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the Service.	`string`	Yes	-	-

Status¶

ServiceGatewayStatus defines the observed state of ServiceGateway.

Field	Description	Type	Required	Default	Enum
`blockTraffic`	Whether the service gateway blocks all traffic through it. The default is `false`. When this is `true`, traffic is not routed to any services, regardless of route rules. Example: `true`	`boolean`	No	-	-
`compartmentId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the compartment that contains the service gateway.	`string`	No	-	-
`definedTags`	Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations": {"CostCenter": "42"}}`	`map[string, map[string, string]]`	No	-	-
`displayName`	A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.	`string`	No	-	-
`freeformTags`	Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}`	`map[string, string]`	No	-	-
`id`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the service gateway.	`string`	No	-	-
`lifecycleState`	The service gateway's current state.	`string`	No	-	-
`routeTableId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the route table the service gateway is using. For information about why you would associate a route table with a service gateway, see Transit Routing: Private Access to Oracle Services (https://docs.oracle.com/iaas/Content/Network/Tasks/transitroutingoracleservices.htm).	`string`	No	-	-
`services`	List of the Service objects enabled for this service gateway. The list can be empty. You can enable a particular `Service` by using AttachServiceId or UpdateServiceGateway.	`list[object]`	No	-	-
`status`	-	`object`	Yes	-	-
`timeCreated`	The date and time the service gateway was created, in the format defined by RFC3339 (https://tools.ietf.org/html/rfc3339). Example: `2016-08-25T21:10:29.600Z`	`string`	No	-	-
`vcnId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN the service gateway belongs to.	`string`	No	-	-

Status.services[]¶

ServiceGatewayService defines nested fields for ServiceGateway.Service.

Field	Description	Type	Required	Default	Enum
`serviceId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the Service.	`string`	Yes	-	-

Status.status¶

Field	Description	Type	Required	Default	Enum
`async`	Async is the canonical controller-owned async contract. Resource-local legacy work-request fields may remain as compatibility mirrors while follow-on migrations land, but new async state should project here first.	`object`	No	-	-
`conditions`	-	`list[object]`	No	-	-
`createdAt`	-	`string (date-time)`	No	-	-
`deletedAt`	-	`string (date-time)`	No	-	-
`message`	-	`string`	No	-	-
`ocid`	-	`string`	No	-	-
`opcRequestId`	OpcRequestID is the latest non-empty OCI request ID from a mutating OCI response or surfaced OCI service error that materially contributed to the current shared status projection. Headerless follow-up observations keep the last non-empty value intact.	`string`	No	-	-
`reason`	-	`string`	No	-	-
`requestedAt`	-	`string (date-time)`	No	-	-
`updatedAt`	-	`string (date-time)`	No	-	-

Status.status.async¶

Async is the canonical controller-owned async contract. Resource-local legacy work-request fields may remain as compatibility mirrors while follow-on migrations land, but new async state should project here first.

Field	Description	Type	Required	Default	Enum
`current`	-	`object`	No	-	-

Status.status.async.current¶

Field	Description	Type	Required	Default	Enum
`message`	-	`string`	No	-	-
`normalizedClass`	-	`string`	Yes	-	`attention`, `canceled`, `failed`, `pending`, `succeeded`, `unknown`
`percentComplete`	-	`number`	No	-	-
`phase`	-	`string`	Yes	-	`create`, `delete`, `update`
`rawOperationType`	-	`string`	No	-	-
`rawStatus`	-	`string`	No	-	-
`source`	-	`string`	Yes	-	`lifecycle`, `none`, `workrequest`
`updatedAt`	-	`string (date-time)`	Yes	-	-
`workRequestId`	-	`string`	No	-	-

Status.status.conditions[]¶

Field	Description	Type	Required	Default	Enum
`lastTransitionTime`	-	`string (date-time)`	No	-	-
`message`	-	`string`	No	-	-
`reason`	-	`string`	No	-	-
`status`	-	`string`	Yes	-	-
`type`	-	`string`	Yes	-	-

Subnet¶

Subnet is the Schema for the subnets API.

Plural: subnets
Scope: Namespaced
APIVersion: core.oracle.com/v1beta1
Sample: Sample (config/samples/core_v1beta1_subnet.yaml)
Packages: Core Networking (v2.0.0-alpha)

Spec¶

SubnetSpec defines the desired state of Subnet.

Field	Description	Type	Required	Default	Enum
`availabilityDomain`	Controls whether the subnet is regional or specific to an availability domain. Oracle recommends creating regional subnets because they're more flexible and make it easier to implement failover across availability domains. Originally, AD-specific subnets were the only kind available to use. To create a regional subnet, omit this attribute. Then any resources later created in this subnet (such as a Compute instance) can be created in any availability domain in the region. To instead create an AD-specific subnet, set this attribute to the availability domain you want this subnet to be in. Then any resources later created in this subnet can only be created in that availability domain. Example: `Uocm:PHX-AD-1`	`string`	No	-	-
`cidrBlock`	The CIDR IP address range of the subnet. The CIDR must maintain the following rules - a. The CIDR block is valid and correctly formatted. b. The new range is within one of the parent VCN ranges. Example: `10.0.1.0/24`	`string`	No	-	-
`compartmentId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the compartment to contain the subnet.	`string`	Yes	-	-
`definedTags`	Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations": {"CostCenter": "42"}}`	`map[string, map[string, string]]`	No	-	-
`dhcpOptionsId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the set of DHCP options the subnet will use. If you don't provide a value, the subnet uses the VCN's default set of DHCP options.	`string`	No	-	-
`displayName`	A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.	`string`	No	-	-
`dnsLabel`	A DNS label for the subnet, used in conjunction with the VNIC's hostname and VCN's DNS label to form a fully qualified domain name (FQDN) for each VNIC within this subnet (for example, `bminstance1.subnet123.vcn1.oraclevcn.com`). Must be an alphanumeric string that begins with a letter and is unique within the VCN. The value cannot be changed. This value must be set if you want to use the Internet and VCN Resolver to resolve the hostnames of instances in the subnet. It can only be set if the VCN itself was created with a DNS label. For more information, see DNS in Your Virtual Cloud Network (https://docs.oracle.com/iaas/Content/Network/Concepts/dns.htm). Example: `subnet123`	`string`	No	-	-
`freeformTags`	Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}`	`map[string, string]`	No	-	-
`ipv4CidrBlocks`	The list of all IPv4 CIDR blocks for the subnet that meets the following criteria: - Ipv4 CIDR blocks must be valid. - Multiple Ipv4 CIDR blocks must not overlap each other or the on-premises network CIDR block. - The number of prefixes must not exceed the limit of IPv4 prefixes allowed to a subnet.	`list[string]`	No	-	-
`ipv6CidrBlock`	Use this to enable IPv6 addressing for this subnet. The VCN must be enabled for IPv6. You can't change this subnet characteristic later. All subnets are /64 in size. The subnet portion of the IPv6 address is the fourth hextet from the left (1111 in the following example). For important details about IPv6 addressing in a VCN, see IPv6 Addresses (https://docs.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). Example: `2001:0db8:0123:1111::/64`	`string`	No	-	-
`ipv6CidrBlocks`	The list of all IPv6 prefixes (Oracle allocated IPv6 GUA, ULA or private IPv6 prefixes, BYOIPv6 prefixes) for the subnet that meets the following criteria: - The prefixes must be valid. - Multiple prefixes must not overlap each other or the on-premises network prefix. - The number of prefixes must not exceed the limit of IPv6 prefixes allowed to a subnet.	`list[string]`	No	-	-
`prohibitInternetIngress`	Whether to disallow ingress internet traffic to VNICs within this subnet. Defaults to false. For IPv6, if `prohibitInternetIngress` is set to `true`, internet access is not allowed for any IPv6s assigned to VNICs in the subnet. Otherwise, ingress internet traffic is allowed by default. `prohibitPublicIpOnVnic` will be set to the value of `prohibitInternetIngress` to dictate IPv4 behavior in this subnet. Only one or the other flag should be specified. Example: `true`	`boolean`	No	-	-
`prohibitPublicIpOnVnic`	Whether VNICs within this subnet can have public IP addresses. Defaults to false, which means VNICs created in this subnet will automatically be assigned public IP addresses unless specified otherwise during instance launch or VNIC creation (with the `assignPublicIp` flag in CreateVnicDetails). If `prohibitPublicIpOnVnic` is set to true, VNICs created in this subnet cannot have public IP addresses (that is, it's a private subnet). If you intend to use an IPv6 prefix, you should use the flag `prohibitInternetIngress` to specify ingress internet traffic behavior of the subnet. Example: `true`	`boolean`	No	-	-
`routeTableId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the route table the subnet will use. If you don't provide a value, the subnet uses the VCN's default route table.	`string`	No	-	-
`securityListIds`	The OCIDs of the security list or lists the subnet will use. If you don't provide a value, the subnet uses the VCN's default security list. Remember that security lists are associated with the subnet, but the rules are applied to the individual VNICs in the subnet.	`list[string]`	No	-	-
`vcnId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN to contain the subnet.	`string`	Yes	-	-

Status¶

SubnetStatus defines the observed state of Subnet.

Field	Description	Type	Required	Default	Enum
`availabilityDomain`	The subnet's availability domain. This attribute will be null if this is a regional subnet instead of an AD-specific subnet. Oracle recommends creating regional subnets. Example: `Uocm:PHX-AD-1`	`string`	No	-	-
`cidrBlock`	The subnet's CIDR block. Example: `10.0.1.0/24`	`string`	No	-	-
`compartmentId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the compartment containing the subnet.	`string`	No	-	-
`definedTags`	Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations": {"CostCenter": "42"}}`	`map[string, map[string, string]]`	No	-	-
`dhcpOptionsId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the set of DHCP options that the subnet uses.	`string`	No	-	-
`displayName`	A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.	`string`	No	-	-
`dnsLabel`	A DNS label for the subnet, used in conjunction with the VNIC's hostname and VCN's DNS label to form a fully qualified domain name (FQDN) for each VNIC within this subnet (for example, `bminstance1.subnet123.vcn1.oraclevcn.com`). Must be an alphanumeric string that begins with a letter and is unique within the VCN. The value cannot be changed. The absence of this parameter means the Internet and VCN Resolver will not resolve hostnames of instances in this subnet. For more information, see DNS in Your Virtual Cloud Network (https://docs.oracle.com/iaas/Content/Network/Concepts/dns.htm). Example: `subnet123`	`string`	No	-	-
`freeformTags`	Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}`	`map[string, string]`	No	-	-
`id`	The subnet's Oracle ID (OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm)).	`string`	No	-	-
`ipv4CidrBlocks`	The list of all IPv4 CIDR blocks for the subnet that meets the following criteria: - Ipv4 CIDR blocks must be valid. - Multiple Ipv4 CIDR blocks must not overlap each other or the on-premises network CIDR block. - The number of prefixes must not exceed the limit of IPv4 prefixes allowed to a subnet.	`list[string]`	No	-	-
`ipv6CidrBlock`	For an IPv6-enabled subnet, this is the IPv6 prefix for the subnet's IP address space. The subnet size is always /64. See IPv6 Addresses (https://docs.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). Example: `2001:0db8:0123:1111::/64`	`string`	No	-	-
`ipv6CidrBlocks`	The list of all IPv6 prefixes (Oracle allocated IPv6 GUA, ULA or private IPv6 prefixes, BYOIPv6 prefixes) for the subnet.	`list[string]`	No	-	-
`ipv6VirtualRouterIp`	For an IPv6-enabled subnet, this is the IPv6 address of the virtual router. Example: `2001:0db8:0123:1111:89ab:cdef:1234:5678`	`string`	No	-	-
`lifecycleState`	The subnet's current state.	`string`	No	-	-
`prohibitInternetIngress`	Whether to disallow ingress internet traffic to VNICs within this subnet. Defaults to false. For IPV4, `prohibitInternetIngress` behaves similarly to `prohibitPublicIpOnVnic`. If it is set to false, VNICs created in this subnet will automatically be assigned public IP addresses unless specified otherwise during instance launch or VNIC creation (with the `assignPublicIp` flag in CreateVnicDetails). If `prohibitInternetIngress` is set to true, VNICs created in this subnet cannot have public IP addresses (that is, it's a privatesubnet). For IPv6, if `prohibitInternetIngress` is set to `true`, internet access is not allowed for any IPv6s assigned to VNICs in the subnet. Otherwise, ingress internet traffic is allowed by default. Example: `true`	`boolean`	No	-	-
`prohibitPublicIpOnVnic`	Whether VNICs within this subnet can have public IP addresses. Defaults to false, which means VNICs created in this subnet will automatically be assigned public IP addresses unless specified otherwise during instance launch or VNIC creation (with the `assignPublicIp` flag in CreateVnicDetails). If `prohibitPublicIpOnVnic` is set to true, VNICs created in this subnet cannot have public IP addresses (that is, it's a private subnet). Example: `true`	`boolean`	No	-	-
`routeTableId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the route table that the subnet uses.	`string`	No	-	-
`securityListIds`	The OCIDs of the security list or lists that the subnet uses. Remember that security lists are associated with the subnet, but the rules are applied to the individual VNICs in the subnet.	`list[string]`	No	-	-
`status`	-	`object`	Yes	-	-
`subnetDomainName`	The subnet's domain name, which consists of the subnet's DNS label, the VCN's DNS label, and the `oraclevcn.com` domain. For more information, see DNS in Your Virtual Cloud Network (https://docs.oracle.com/iaas/Content/Network/Concepts/dns.htm). Example: `subnet123.vcn1.oraclevcn.com`	`string`	No	-	-
`timeCreated`	The date and time the subnet was created, in the format defined by RFC3339 (https://tools.ietf.org/html/rfc3339). Example: `2016-08-25T21:10:29.600Z`	`string`	No	-	-
`vcnId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN the subnet is in.	`string`	No	-	-
`virtualRouterIp`	The IP address of the virtual router. Example: `10.0.14.1`	`string`	No	-	-
`virtualRouterMac`	The MAC address of the virtual router. Example: `00:00:00:00:00:01`	`string`	No	-	-

Status.status¶

Field	Description	Type	Required	Default	Enum
`async`	Async is the canonical controller-owned async contract. Resource-local legacy work-request fields may remain as compatibility mirrors while follow-on migrations land, but new async state should project here first.	`object`	No	-	-
`conditions`	-	`list[object]`	No	-	-
`createdAt`	-	`string (date-time)`	No	-	-
`deletedAt`	-	`string (date-time)`	No	-	-
`message`	-	`string`	No	-	-
`ocid`	-	`string`	No	-	-
`opcRequestId`	OpcRequestID is the latest non-empty OCI request ID from a mutating OCI response or surfaced OCI service error that materially contributed to the current shared status projection. Headerless follow-up observations keep the last non-empty value intact.	`string`	No	-	-
`reason`	-	`string`	No	-	-
`requestedAt`	-	`string (date-time)`	No	-	-
`updatedAt`	-	`string (date-time)`	No	-	-

Status.status.async¶

Async is the canonical controller-owned async contract. Resource-local legacy work-request fields may remain as compatibility mirrors while follow-on migrations land, but new async state should project here first.

Field	Description	Type	Required	Default	Enum
`current`	-	`object`	No	-	-

Status.status.async.current¶

Field	Description	Type	Required	Default	Enum
`message`	-	`string`	No	-	-
`normalizedClass`	-	`string`	Yes	-	`attention`, `canceled`, `failed`, `pending`, `succeeded`, `unknown`
`percentComplete`	-	`number`	No	-	-
`phase`	-	`string`	Yes	-	`create`, `delete`, `update`
`rawOperationType`	-	`string`	No	-	-
`rawStatus`	-	`string`	No	-	-
`source`	-	`string`	Yes	-	`lifecycle`, `none`, `workrequest`
`updatedAt`	-	`string (date-time)`	Yes	-	-
`workRequestId`	-	`string`	No	-	-

Status.status.conditions[]¶

Field	Description	Type	Required	Default	Enum
`lastTransitionTime`	-	`string (date-time)`	No	-	-
`message`	-	`string`	No	-	-
`reason`	-	`string`	No	-	-
`status`	-	`string`	Yes	-	-
`type`	-	`string`	Yes	-	-

Vcn¶

Vcn is the Schema for the vcns API.

Plural: vcns
Scope: Namespaced
APIVersion: core.oracle.com/v1beta1
Sample: Sample (config/samples/core_v1beta1_vcn.yaml)
Packages: Core Networking (v2.0.0-alpha)

Spec¶

VcnSpec defines the desired state of Vcn.

Field	Description	Type	Required	Default	Enum
`byoipv6CidrDetails`	The list of BYOIPv6 OCIDs and BYOIPv6 prefixes required to create a VCN that uses BYOIPv6 address ranges.	`list[object]`	No	-	-
`cidrBlock`	Deprecated. Do not set this value. Use `cidrBlocks` instead. Example: `10.0.0.0/16`	`string`	No	-	-
`cidrBlocks`	The list of one or more IPv4 CIDR blocks for the VCN that meet the following criteria: - The CIDR blocks must be valid. - They must not overlap with each other or with the on-premises network CIDR block. - The number of CIDR blocks must not exceed the limit of CIDR blocks allowed per VCN. Important: Do not specify a value for `cidrBlock`. Use this parameter instead.	`list[string]`	No	-	-
`compartmentId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the compartment to contain the VCN.	`string`	Yes	-	-
`definedTags`	Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations": {"CostCenter": "42"}}`	`map[string, map[string, string]]`	No	-	-
`displayName`	A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.	`string`	No	-	-
`dnsLabel`	A DNS label for the VCN, used in conjunction with the VNIC's hostname and subnet's DNS label to form a fully qualified domain name (FQDN) for each VNIC within this subnet (for example, `bminstance1.subnet123.vcn1.oraclevcn.com`). Not required to be unique, but it's a best practice to set unique DNS labels for VCNs in your tenancy. Must be an alphanumeric string that begins with a letter. The value cannot be changed. You must set this value if you want instances to be able to use hostnames to resolve other instances in the VCN. Otherwise the Internet and VCN Resolver will not work. For more information, see DNS in Your Virtual Cloud Network (https://docs.oracle.com/iaas/Content/Network/Concepts/dns.htm). Example: `vcn1`	`string`	No	-	-
`freeformTags`	Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}`	`map[string, string]`	No	-	-
`ipv6PrivateCidrBlocks`	The list of one or more ULA or Private IPv6 prefixes for the VCN that meets the following criteria: - The CIDR blocks must be valid. - Multiple CIDR blocks must not overlap each other or the on-premises network prefix. - The number of CIDR blocks must not exceed the limit of IPv6 prefixes allowed to a VCN. Important: Do not specify a value for `ipv6CidrBlock`. Use this parameter instead.	`list[string]`	No	-	-
`isIpv6Enabled`	Whether IPv6 is enabled for the VCN. Default is `false`. If enabled, Oracle will assign the VCN a IPv6 /56 CIDR block. You may skip having Oracle allocate the VCN a IPv6 /56 CIDR block by setting isOracleGuaAllocationEnabled to `false`. For important details about IPv6 addressing in a VCN, see IPv6 Addresses (https://docs.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). Example: `true`	`boolean`	No	-	-
`isOracleGuaAllocationEnabled`	Specifies whether to skip Oracle allocated IPv6 GUA. By default, Oracle will allocate one GUA of /56 size for an IPv6 enabled VCN.	`boolean`	No	-	-
`isZprOnly`	Indicates whether ZPR Only mode is enforced.	`boolean`	No	-	-
`securityAttributes`	Security attributes (https://docs.oracle.com/iaas/Content/zero-trust-packet-routing/zpr-artifacts.htm#security-attributes) are labels for a resource that can be referenced in a Zero Trust Packet Routing (https://docs.oracle.com/iaas/Content/zero-trust-packet-routing/overview.htm) (ZPR) policy to control access to ZPR-supported resources. Example: `{"Oracle-DataSecurity-ZPR": {"MaxEgressCount": {"value":"42","mode":"audit"}}}`	`map[string, map[string, string]]`	No	-	-

Spec.byoipv6CidrDetails[]¶

Back to Vcn spec

VcnByoipv6CidrDetail defines nested fields for Vcn.Byoipv6CidrDetail.

Field	Description	Type	Required	Default	Enum
`byoipv6RangeId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the `ByoipRange` resource to which the CIDR block belongs.	`string`	Yes	-	-
`ipv6CidrBlock`	An IPv6 prefix required to create a VCN with a BYOIP prefix. It could be the whole prefix identified in `byoipv6RangeId`, or a subrange. Example: `2001:0db8:0123::/48`	`string`	Yes	-	-

Status¶

VcnStatus defines the observed state of Vcn.

Field	Description	Type	Required	Default	Enum
`byoipv6CidrBlocks`	The list of BYOIPv6 prefixes required to create a VCN that uses BYOIPv6 ranges.	`list[string]`	No	-	-
`cidrBlock`	Deprecated. The first CIDR IP address from cidrBlocks. Example: `172.16.0.0/16`	`string`	No	-	-
`cidrBlocks`	The list of IPv4 CIDR blocks the VCN will use.	`list[string]`	No	-	-
`compartmentId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the compartment containing the VCN.	`string`	No	-	-
`defaultDhcpOptionsId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) for the VCN's default set of DHCP options.	`string`	No	-	-
`defaultRouteTableId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) for the VCN's default route table.	`string`	No	-	-
`defaultSecurityListId`	The OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm) for the VCN's default security list.	`string`	No	-	-
`definedTags`	Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations": {"CostCenter": "42"}}`	`map[string, map[string, string]]`	No	-	-
`displayName`	A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.	`string`	No	-	-
`dnsLabel`	A DNS label for the VCN, used in conjunction with the VNIC's hostname and subnet's DNS label to form a fully qualified domain name (FQDN) for each VNIC within this subnet (for example, `bminstance1.subnet123.vcn1.oraclevcn.com`). Must be an alphanumeric string that begins with a letter. The value cannot be changed. The absence of this parameter means the Internet and VCN Resolver will not work for this VCN. For more information, see DNS in Your Virtual Cloud Network (https://docs.oracle.com/iaas/Content/Network/Concepts/dns.htm). Example: `vcn1`	`string`	No	-	-
`freeformTags`	Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags (https://docs.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}`	`map[string, string]`	No	-	-
`id`	The VCN's Oracle ID (OCID (https://docs.oracle.com/iaas/Content/General/Concepts/identifiers.htm)).	`string`	No	-	-
`ipv6CidrBlocks`	For an IPv6-enabled VCN, this is the list of IPv6 prefixes for the VCN's IP address space. The prefixes are provided by Oracle and the sizes are always /56.	`list[string]`	No	-	-
`ipv6PrivateCidrBlocks`	For an IPv6-enabled VCN, this is the list of Private IPv6 prefixes for the VCN's IP address space.	`list[string]`	No	-	-
`isZprOnly`	Indicates whether ZPR Only mode is enforced.	`boolean`	No	-	-
`lifecycleState`	The VCN's current state.	`string`	No	-	-
`securityAttributes`	Security attributes (https://docs.oracle.com/iaas/Content/zero-trust-packet-routing/zpr-artifacts.htm#security-attributes) are labels for a resource that can be referenced in a Zero Trust Packet Routing (https://docs.oracle.com/iaas/Content/zero-trust-packet-routing/overview.htm) (ZPR) policy to control access to ZPR-supported resources. Example: `{"Oracle-DataSecurity-ZPR": {"MaxEgressCount": {"value":"42","mode":"audit"}}}`	`map[string, map[string, string]]`	No	-	-
`status`	-	`object`	Yes	-	-
`timeCreated`	The date and time the VCN was created, in the format defined by RFC3339 (https://tools.ietf.org/html/rfc3339). Example: `2016-08-25T21:10:29.600Z`	`string`	No	-	-
`vcnDomainName`	The VCN's domain name, which consists of the VCN's DNS label, and the `oraclevcn.com` domain. For more information, see DNS in Your Virtual Cloud Network (https://docs.oracle.com/iaas/Content/Network/Concepts/dns.htm). Example: `vcn1.oraclevcn.com`	`string`	No	-	-

Status.status¶

Field	Description	Type	Required	Default	Enum
`async`	Async is the canonical controller-owned async contract. Resource-local legacy work-request fields may remain as compatibility mirrors while follow-on migrations land, but new async state should project here first.	`object`	No	-	-
`conditions`	-	`list[object]`	No	-	-
`createdAt`	-	`string (date-time)`	No	-	-
`deletedAt`	-	`string (date-time)`	No	-	-
`message`	-	`string`	No	-	-
`ocid`	-	`string`	No	-	-
`opcRequestId`	OpcRequestID is the latest non-empty OCI request ID from a mutating OCI response or surfaced OCI service error that materially contributed to the current shared status projection. Headerless follow-up observations keep the last non-empty value intact.	`string`	No	-	-
`reason`	-	`string`	No	-	-
`requestedAt`	-	`string (date-time)`	No	-	-
`updatedAt`	-	`string (date-time)`	No	-	-

Status.status.async¶

Async is the canonical controller-owned async contract. Resource-local legacy work-request fields may remain as compatibility mirrors while follow-on migrations land, but new async state should project here first.

Field	Description	Type	Required	Default	Enum
`current`	-	`object`	No	-	-

Status.status.async.current¶

Field	Description	Type	Required	Default	Enum
`message`	-	`string`	No	-	-
`normalizedClass`	-	`string`	Yes	-	`attention`, `canceled`, `failed`, `pending`, `succeeded`, `unknown`
`percentComplete`	-	`number`	No	-	-
`phase`	-	`string`	Yes	-	`create`, `delete`, `update`
`rawOperationType`	-	`string`	No	-	-
`rawStatus`	-	`string`	No	-	-
`source`	-	`string`	Yes	-	`lifecycle`, `none`, `workrequest`
`updatedAt`	-	`string (date-time)`	Yes	-	-
`workRequestId`	-	`string`	No	-	-

Status.status.conditions[]¶