Documentation Index
Fetch the complete documentation index at: https://www.truefoundry.com/llms.txt
Use this file to discover all available pages before exploring further.
A2AFramework
Type
Path to the agent card JSON, relative to the base URL
Account
Account manifest
AccountInfo
ActivateUserResponse
Union, One Of:AddonComponent
unsupported_cluster_types
typing_extensions.Annotated[(typing.Optional[typing.List[ClusterType]], Any, Any)]
π RecommendationRecommendations
Addon metadata. autopilotEnabled is true when the backing addon application has autopilot enabled; otherwise false.
AddOnComponentSource
Repository URL of the source
Chart of the source
AddonComponentStatus
Indicates whether the addon is installed
AgentFramework
Union, One Of:AgentManifest
Union, One Of:AgentSkill
AgentSkillManifest
Name of the skill.
Key value metadata. Should be valid JSON. For e.g.
\{"business-unit": "sales", "quality": "good", "rating": 4.5\}Name of the ML Repo
Version of the entity
AgentSkillManifestSource
Union, One Of:AgentSkillSourceBlobStorage
1β1024 chars.
Storage URI of the blob storage object where the skill is stored.
AgentSkillSourceInline
Main body of SKILL.md file.
AgentSkillSourceLocal
Path to the skill root directory, including SKILL.md and related assets.
AgentSkillVersion
Unique identifier for the artifact version
Fully qualified name of the artifact version in the format β{artifact_type}:{tenant_name}/{ml_repo_name}/{artifact_name}:{version}β
π SubjectSubject (user, team, or service account) that created this artifact version
Timestamp when the artifact version was created
Timestamp when the artifact version was last updated
π AgentSkillManifestManifest containing metadata specific to this agent skill version
ID of the ML Repo that this artifact version belongs to
ID of the parent agent skill artifact that this version belongs to
AgentSource
Union, One Of:Ai21KeyAuth
The API key for AI21 authentication
Ai21Model
A descriptive name to identify this model integration in the UI
The AI21 model identifier (e.g., jamba-large, jamba-mini). This is the model name from AI21βs model catalog.
π ModelTypeSpecify the type of the AI21 model
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
Ai21ProviderAccount
The name of the AI21 provider account
List of integrations that are associated with the AI21 provider account
π CollaboratorList of users who have access to this provider account
AiFeaturesSettings
Enable/Disable AI features. Other fields only apply when this is true
AI provider to use for AI features When TrueFoundry is selected, TrueFoundry will manage and provide the AI models for the features.
AktoGuardrailConfig
The name of the Guardrail Config.
Optional description for this Guardrail Config.
The operation type for this guardrail. Akto guardrails can only be used for validation.
AktoGuardrailConfigConfig
The base URL of the Akto guardrails service (e.g. https://your-akto-host:port)
AktoTokenAuth
JWT token for authenticating with the Akto guardrails service
Alert
AlertConfig
Type
Name - 3 to 35 lower case characters long alphanumeric word, may contain - in between, cannot start with a number
π NotificationTargetForAlertRuleConfigure one or more notification targets where alerts will be sent. Each target specifies a notification channel (email or slack).
π PrometheusAlertRuleDefine one or more alert rules that specify the conditions to monitor, when to trigger alerts, and how they should be handled.
AlertConfigResource
π AlertConfigResourceTypeThe type of resource this alert config belongs to. Can be either an application or a cluster.
FQN of the resource this alert config belongs to.
AllDataAccessRule
Data access scope - access to all data with optional filters
π AllDataAccessRuleFiltersItemOptional filters to restrict data access (only applicable for all_data scope)
AllDataAccessRuleFiltersItem
Union, One Of:AmqpInputConfig
AMQP Queue URL of Subscriber
AMQP Queue Name
Wait timeout for long polling.
AmqpMetricConfig
Upper limit of the number of backlog messages the auto-scaler will try to maintain per replica. If you set this number to 10 and have 30 messages in the stream and one replica, the auto-scaler will scale the number of replicas to 3.
AmqpOutputConfig
AMQP Queue URL of Publisher
AMQP Routing Key to publish to.
AMQP Exchange Name
AnthropicKeyAuth
The API key for Anthropic authentication
AnthropicModel
A descriptive name to identify this model integration in the UI
The Anthropic model identifier (e.g., claude-3-5-sonnet-20241022, claude-3-opus-20240229, claude-3-haiku-20240307). This is the standard model name from Anthropicβs API documentation.
π ModelTypeSpecify the type of the Anthropic model
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
AnthropicProviderAccount
The name of the Anthropic provider account
List of integrations that are associated with the Anthropic provider account
π CollaboratorList of users who have access to this provider account
Application
π RecommendationRecommendations for this application
π AlertAlerts for this application
alerts_summary
typing_extensions.Annotated[(typing.Optional[typing.Dict[(str, typing.Any)]], Any, Any)]
application_debug_infos
typing_extensions.Annotated[(typing.Optional[typing.List[Any]], Any, Any)]
potential_problems
typing_extensions.Annotated[(typing.Optional[typing.List[ApplicationProblem]], Any, Any)]
ApplicationDebugInfo
ApplicationMetadata
ApplicationProblem
ApplicationsCancelDeploymentResponse
Deployment cancelled
ApplicationSet
Name of the application set.
π ApplicationSetComponentsItemArray of components with their specifications.
Template to be used for the application set.
Values to be used to render components for the application set.
Fully qualified name of the workspace
Flag to indicate if the template manifest should be converted to TrueFoundry manifest
ApplicationSetComponentsItem
Union, One Of:ApplyMlEntityResponse
π ApplyMlEntityResponseDataThe created or updated ML entity (model version, prompt version, agent skill version, artifact version, or data directory)
ApplyMlEntityResponseData
Union, One Of:Artifact
Unique identifier for the artifact
ID of the ML Repo that this artifact belongs to
π ArtifactTypeType of the artifact (e.g., βartifactβ, βmodelβ, βchat_promptβ, βagent-skillβ, βplotβ, βimageβ)
Name of the artifact (alphanumeric characters, hyphens, and underscores only, max 256 characters)
Fully qualified name of the artifact in the format β{artifact_type}:{tenant_name}/{ml_repo_name}/{artifact_name}β
π SubjectSubject (user, team, or service account) that created this artifact
Timestamp when the artifact was created
Timestamp when the artifact was last updated
π BaseArtifactVersionThe most recent version of this artifact
List of run step numbers where this artifact was created or updated
ArtifactManifest
Name of the artifact (alphanumeric characters, hyphens, and underscores only, max 256 characters)
Key value metadata. Should be valid JSON. For e.g.
\{"business-unit": "sales", "quality": "good", "rating": 4.5\}Name of the ML Repo that this artifact belongs to (must start and end with alphanumeric, 2-100 characters)
Version of the entity
Version alias is alternate, ideally human readable, version string to reference an artifact version. It should start with
v followed by alphanumeric and it can include . and - in between (e.g. v1.0.0, v1-prod, v3-dev, etc)Step/Epoch number in an iterative training loop the artifact version was created. Generally useful when logging a model version from a MLRepo Run
ID of the MLRepo Run that generated the artifact version
ArtifactManifestSource
Union, One Of:ArtifactPath
Local file or folder path
Relative path where the file or folder will be uploaded to in the artifact
ArtifactsCacheVolume
Storage class of the Volume where artifacts will be cached
Size of the Volume (in GB) where artifacts will be cached. Should be greater than twice the size of artifacts getting cached
ArtifactsDownload
π ArtifactsDownloadArtifactsItemList of artifacts to be cached
ArtifactsDownloadArtifactsItem
Union, One Of:ArtifactVersion
Unique identifier for the artifact version
Fully qualified name of the artifact version in the format β{artifact_type}:{tenant_name}/{ml_repo_name}/{artifact_name}:{version}β
π SubjectSubject (user, team, or service account) that created this artifact version
Timestamp when the artifact version was created
Timestamp when the artifact version was last updated
π ArtifactManifestManifest containing metadata for a generic artifact version
ID of the ML Repo that this artifact version belongs to
List of tags associated with this artifact version for filtering and organization
Optional human-readable version alias (e.g. v1.0.0)
Code snippet demonstrating how to use this artifact version
ID of the parent artifact that this version belongs to
AssistantMessage
Role of the message
π AssistantMessageContentText content for the assistant message
π ToolCallList of tool calls made by the assistant
Name of the assistant this message is from
AssistantMessageContent
Union, One Of:AssistantMessageContentOneItem
Union, One Of:AsyncProcessorSidecar
URL for the processor to invoke
Timeout for the invoke request in seconds
Image for the processor sidecar (This field will be deprecated in the future)
AsyncService
π AsyncServiceReplicasDeploy multiple instances of your pods to distribute incoming traffic across them, ensuring effective load balancing.
AsyncServiceAutoscaling
π AsyncServiceAutoscalingMetricsMetrics to use for the autoscaler
AsyncServiceAutoscalingMetrics
Union, One Of:- π SqsQueueMetricConfig
- π NatsMetricConfig
- π KafkaMetricConfig
- π CronMetric
- π AmqpMetricConfig
AsyncServiceReplicas
Union, One Of:AutoRotate
Rotation Interval in days after which the token will be rotated. Minimum value is 30.
Grace Period in days for which the token will be valid after rotation interval. Minimum value is 1.
Autoshutdown
The period to wait after the last received request before scaling the replicas to 0. This value should be high enough to allow for the replicas of the service to come up to avoid premature scaling down.
AwsAccessKeyAuth
AWS Access Key ID
AWS Secret Access Key for the user to authenticate with
AWS Session Token, only required when using temporary credentials
AwsAccessKeyBasedAuth
AWS access key ID that you want to use for authentication.
AWS access key secret that you want to use for authentication.
AwsAssumedRoleBasedAuth
ARN of the role you want to assume.
AwsBedrockApiKeyAuth
Your AWS Bedrock API key for authentication
AwsBedrockAssumedRoleBasedAuth
Optional external ID to use when assuming the role. This provides an added layer of security by ensuring only parties with the correct external ID can assume the role.
AwsBedrockGuardrailConfig
The name of the Guardrail Config.
Optional description for this Guardrail Config.
π AwsBedrockGuardrailConfigAuthDataAuthentication data for the AWS account
π AwsBedrockGuardrailConfigOperationThe operation type to use for the Guardrail. Validate guardrails are used to validate requests and mutate can validate as well as mutate requests. Validate guardrails are run in parallel while mutate guardrails are run sequentially.
Execution order for mutate guardrails. Lower values run first. Only applicable when operation is mutate.
AwsBedrockGuardrailConfigAuthData
Union, One Of:AwsBedrockGuardrailConfigConfig
The unique identifier of the Bedrock Guardrail created in AWS console
Version number of the guardrail to use (e.g., 2 for version 2)
AwsBedrockProviderAccount
The name of the AWS Bedrock provider account
π AwsBedrockProviderAccountAuthDataAuthentication data for the AWS account
π BedrockModelList of integrations that are associated with the AWS Bedrock provider account
π CollaboratorList of users who have access to this provider account
AwsBedrockProviderAccountAuthData
Union, One Of:AwsEcr
The name of the integration that will be displayed in the TrueFoundry UI.
The URL of the registry.
π AwsEcrAuthDataCustom authentication data for the integration.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
AwsEcrAuthData
Union, One Of:AwsEksIntegration
The name of the integration that will be displayed in the TrueFoundry UI.
Name of the cluster given in the cloud account.
π AwsEksIntegrationAuthDataCustom authentication data for the integration.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
AwsEksIntegrationAuthData
Union, One Of:AwsInferentia
Name of the AWS Inferentia Accccelerator. One of [INF1, INF2]. This field is required for Node Selector and can be ignored in Nodepool Selector.
Count of Inferentia accelerator chips to provide to the application
AwsIntegrations
Union, One Of:AwsParameterStore
The name of the integration that will be displayed in the TrueFoundry UI.
π AwsParameterStoreAuthDataCustom authentication data for the integration.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
The ARN of the KMS key to use for encryption.
AwsParameterStoreAuthData
Union, One Of:AwsProviderAccount
The name of the AWS provider account.
The AWS account ID.
π AwsProviderAccountAuthDataAuthentication data for the AWS account.
π AwsIntegrationsList of integrations that are associated with the AWS provider account.
AwsProviderAccountAuthData
Union, One Of:AwsS3
The name of the integration that will be displayed in the TrueFoundry UI.
The S3 storage path in the format βs3://<bucket-name>/<optional-path-prefix>β. Works with S3-compatible storage providers like MinIO, Ceph, and DigitalOcean Spaces. Example: βs3://mybucketβ or βs3://mybucket/artifacts/productionβ.
π AwsS3AuthDataCustom authentication data for the integration.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
AwsS3AuthData
Union, One Of:AwsSagemakerProviderAccount
The name of the Sagemaker provider account
π AwsSagemakerProviderAccountAuthDataAuthentication data for the AWS account
π SagemakerModelList of integrations that are associated with the Sagemaker provider account
π CollaboratorList of users who have access to this provider account
AwsSagemakerProviderAccountAuthData
Union, One Of:AwsSecretsManager
The name of the integration that will be displayed in the TrueFoundry UI.
π AwsSecretsManagerAuthDataCustom authentication data for the integration.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
The ARN of the KMS key to use for encryption.
AwsSecretsManagerAuthData
Union, One Of:AwsSqsAccessKeyBasedAuth
AWS access key ID that you want to use for authentication.
AWS access key secret that you want to use for authentication.
AwsSqsAssumedRoleBasedAuth
ARN of the role you want to assume.
AzureAksIntegration
The name of the integration that will be displayed in the TrueFoundry UI.
The resource group of the cluster in the cloud account.
Name of the cluster given in the cloud account.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
AzureBasicAuth
The username for the Azure managed identity.
The password for the Azure managed identity.
AzureBlobStorage
The name of the integration that will be displayed in the TrueFoundry UI.
The full Azure Blob Storage URL in the format βhttps://<storage-account-name>.blob.core.windows.net/<container-name>/<optional-path-prefix>β. Example: βhttps://mystorageaccount.blob.core.windows.net/mycontainerβ or βhttps://mystorageaccount.blob.core.windows.net/mycontainer/artifacts/productionβ.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
AzureCertificateAuth
The Azure AD tenant ID where the application is registered
The Azure AD application (client) ID for service principal authentication
Certificate in PEM format (e.g., -----BEGIN CERTIFICATE----- β¦ -----END CERTIFICATE-----)
The base64url-encoded SHA-1 thumbprint of the certificate (x5t claim)
AzureConnectionStringAuth
The connection string for the Azure managed identity.
AzureContainerRegistry
The name of the integration that will be displayed in the TrueFoundry UI.
The URL of the registry.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
AzureContentSafetyGuardrailConfig
The name of the Guardrail Config.
Optional description for this Guardrail Config.
π AzureContentSafetyGuardrailConfigAuthDataAuthentication data for the Azure account
The operation type for this guardrail. Azure Content Safety guardrails can only be used for validation.
AzureContentSafetyGuardrailConfigAuthData
Union, One Of:AzureContentSafetyGuardrailConfigConfig
Name of your Azure Content Safety resource where the service is deployed (e.g., my-content-safety)
API version for the Content Safety API
Custom endpoint URL for the Content Safety API (optional, uses default Azure endpoint if not specified)
Names of custom blocklists created in Azure Content Safety to check text against. Leave empty if not using custom blocklists
Minimum severity level (0-6) to flag content. Higher values are more restrictive. 0=Safe, 2=Low risk, 4=Medium risk, 6=High risk
π AzureContentSafetyCategoryTypes of harmful content to detect: Hate (hate speech), SelfHarm (self-injury), Sexual (sexual content), Violence (violent content)
AzureFoundryModel
A descriptive name to identify this model integration in the UI
π AzureFoundryModelAuthDataAzure AI Foundry authentication credentials
π ModelTypeTypes of models supported by this Azure AI Foundry deployment
The model deployment name created in your Azure AI Foundry project. This is the deployment name you configured in Azure AI Foundry, not the base model name.
The Azure AI Foundry endpoint URL. Should look like https://{deployment}.{region}.models.ai.azure.com
The API version for the Azure Foundry model
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
AzureFoundryModelAuthData
Union, One Of:AzureFoundryProviderAccount
The name of the Azure AI Foundry provider account
π AzureFoundryModelList of integrations that are associated with the Azure Foundry provider account
π CollaboratorList of users who have access to this provider account
AzureIntegrations
Union, One Of:- π AzureAksIntegration
- π AzureContainerRegistry
- π AzureBlobStorage
- π AzureVault
- π AzureReposIntegration
AzureKeyAuth
The API key for Azure AI Foundry authentication
AzureOAuth
The Azure Active Directory tenant (directory) ID.
The client (application) ID of an App Registration in the tenant.
A client secret that was generated for the App Registration.
The ID of the target subscription. The value must be an UUID.
AzureOpenAiModel
A descriptive name to identify this model integration in the UI
The model deployment name created in your Azure OpenAI resource (e.g., gpt-4-deployment, gpt-35-turbo-deployment). This is NOT the base model name but the deployment name you configured in Azure.
The Azure OpenAI API version to use
The foundation model identifier (e.g., gpt-4o-2024-11-20)
π AzureOpenAiModelDeploymentTypeGlobal: worldwide processing; Data zone (US): US data zone processing; Data zone (EU): EU data zone processing; Standard: single-region processing
π ModelTypeSpecify the type of the Azure OpenAI model
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
AzureOpenAiProviderAccount
The name of the Azure OpenAI provider account
The Azure OpenAI Service endpoint URL. Should look like https://{resource-name}.openai.azure.com
π AzureOpenAiProviderAccountAuthDataAzure OpenAI authentication credentials
π AzureOpenAiModelList of integrations that are associated with the Azure OpenAI provider account
π CollaboratorList of users who have access to this provider account
AzureOpenAiProviderAccountAuthData
Union, One Of:AzurePiiGuardrailConfig
The name of the Guardrail Config.
Optional description for this Guardrail Config.
π AzurePiiGuardrailConfigAuthDataAuthentication data for the Azure account
π AzurePiiGuardrailConfigOperationThe operation type to use for the Guardrail. Validate guardrails are used to validate requests and mutate can validate as well as mutate requests. Validate guardrails are run in parallel while mutate guardrails are run sequentially.
Execution order for mutate guardrails. Lower values run first. Only applicable when operation is mutate.
AzurePiiGuardrailConfigAuthData
Union, One Of:AzurePiiGuardrailConfigConfig
Name of your Azure AI Language resource where the PII detection service is deployed (e.g., my-language-resource)
API version for the PII detection API
Custom endpoint URL for the PII detection API (optional, uses default Azure endpoint if not specified)
π AzurePiiGuardrailConfigConfigDomainSpecialized domain for PII detection. Use phi for PHI (Protected Health Information) or none for general text
π AzurePiiCategoryCategories of PII to detect.
Version of the PII detection model to use, use latest for the newest model or specify a specific version for consistency
Language code for PII detection (e.g., en for English)
AzurePromptShieldGuardrailConfig
The name of the Guardrail Config.
Optional description for this Guardrail Config.
π AzurePromptShieldGuardrailConfigAuthDataAuthentication data for the Azure account
The operation type for this guardrail. Azure Prompt Shield guardrails can only be used for validation.
AzurePromptShieldGuardrailConfigAuthData
Union, One Of:AzurePromptShieldGuardrailConfigConfig
Name of your Azure Content Safety resource where the Prompt Shield service is deployed (e.g., my-content-safety)
API version for the Prompt Shield API
Custom endpoint URL for the Prompt Shield API (optional, uses default Azure endpoint if not specified)
AzureProviderAccount
The name of the Azure provider account.
The ID of the target subscription. The value must be an UUID.
π AzureIntegrationsList of integrations that are associated with the Azure provider account.
AzureReposIntegration
Account Name
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
AzureVault
The name of the integration that will be displayed in the TrueFoundry UI.
Name of key vault name.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
BaseArtifactVersion
Unique identifier for the artifact version
Fully qualified name of the artifact version in the format β{artifact_type}:{tenant_name}/{ml_repo_name}/{artifact_name}:{version}β
π SubjectSubject (user, team, or service account) that created this artifact version
Timestamp when the artifact version was created
Timestamp when the artifact version was last updated
ID of the ML Repo that this artifact version belongs to
BaseArtifactVersionManifest
Union, One Of:BaseAutoscaling
Minimum number of replicas to keep available
Maximum number of replicas allowed for the component.
This is the interval to check each trigger on.
BaseOAuth2Login
client ID for OAuth2.
Client secret or the TrueFoundry secret containing the client secret for OAuth2.
URL for the authorization request
The endpoint to exchange auth code for tokens.
List of scopes to request from the OAuth2 provider.
π BaseOAuth2LoginJwtSourceSource of the JWT token to be used for verification.
BaseRemoteAgent
The name of the Agent
The description of the Agent
Tags for the Agent
π CollaboratorList of users who have access to this Agent
BaseService
Name of the service. This uniquely identifies this service in the workspace. > Name can only contain alphanumeric characters and β-β and can be atmost 25 characters long
π BaseServiceImageSpecify whether you want to deploy a Docker image or build and deploy from source code
Configure environment variables to be injected in the service either as plain text or secrets. Docs
π BaseServiceMountsItemConfigure data to be mounted to service pod(s) as a string, secret or volume. Docs
Labels
Fully qualified name of the workspace
BaseServiceImage
Union, One Of:BaseServiceMountsItem
Union, One Of:BasetenKeyAuth
The API key for Baseten authentication
BasetenModel
A descriptive name to identify this model integration in the UI
The Baseten model identifier. This is the model name from Basetenβs model catalog.
π ModelTypeSpecify the type of the Baseten model
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
BasetenProviderAccount
The name of the Baseten provider account
List of integrations that are associated with the Baseten provider account
π CollaboratorList of users who have access to this provider account
BaseWorkbenchInput
Name of the workbench. This uniquely identifies this workbench in the workspace. > Name can only contain alphanumeric characters and β-β and can be atmost 25 characters long
Size of the home directory for the workbench (Persistent Storage)
Configure environment variables to be injected in the service either as plain text or secrets. Docs
π BaseWorkbenchInputMountsItemConfigure data to be mounted to workbench pod(s) as a string, secret or volume. Docs
Fully qualified name of the workspace
BaseWorkbenchInputMountsItem
Union, One Of:BasicAuthCreds
Username for service auth - Username for the user to authenticate with
Password for service auth - Password for the user to authenticate with
BedrockModel
A descriptive name to identify this model integration in the UI
The AWS Bedrock model identifier or inference profile. Can be a foundation model ID (e.g., anthropic.claude-3-5-sonnet-20240620-v1:0, amazon.titan-text-express-v1), an inference profile ID (e.g., us.anthropic.claude-3-5-sonnet-20240620-v1:0), or an inference profile ARN (e.g., arn:aws:bedrock:us-east-1:123456789012:inference-profile/my-profile).
π ModelTypeSpecify the type of the Bedrock model
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
BitbucketIntegration
Account Name
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
BitbucketProviderAccount
BlobStorageReference
Path to the content in blob storage
π MimeTypeMIME type of the content
BlueGreen
Promote the new release to handle the complete traffic. A manual promotion would be needed if this is disabled
Promote the new release to handle the complete traffic after waiting for these many seconds
BudgetAlert
List of usage percentages (0-100) at which alerts should be triggered. Default thresholds are [75, 90, 95, 100].
π NotificationTargetSelect where to send budget alert notifications
BudgetConfig
π BudgetRuleList of budget rules
BudgetRule
Unique identifier for the rule
Numeric limit value for the budget
Create separate budget rules for each unique value of the selected entity. For example, if βuserβ is selected, a separate budget rule will be created for each unique user making requests. Options: user, virtualaccount, model, or a metadata key (e.g., metadata.appId).
When enabled, requests exceeding the budget are tracked but not blocked
BudgetWhen
List of subjects that this rule applies to
List of models that this rule applies to
Metadata key-value pairs that this rule applies to
Build
FQN of the container registry. If you canβt find your registry here, add it through the Integrations page
π BuildBuildSourceSource code location.
π BuildBuildSpecInstructions to build a container image out of the build source
BuildBuildSource
Union, One Of:BuildBuildSpec
Union, One Of:BuildInfo
Status of the build: STARTED = 20, SUCCEEDED = 30, FAILED = 40
BuildSecret
The ID of the build secret.
The value of the build secret.
The name of the environment variable to inject the secret into.
Canary
π CanaryStepThese steps would be executed in order to enable shifting of traffic slowly from stable to canary version
CanaryStep
Percentage of total traffic to be shifted to the canary release. The rest will continue to go to the existing deployment
Duration for which to pause the release. The release process will wait for these seconds before proceeding to the next step. If this is not set, the step will pause indefinitely on this step
CartesiaApiKeyAuth
The API key for Cartesia authentication
CartesiaModel
A descriptive name to identify this model integration in the UI
The Cartesia model identifier (for example, sonic-2, sonic-multilingual)
π ModelTypeSpecify the type of the Cartesia model (text_to_speech or audio_transcription)
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
CartesiaProviderAccount
The name of the Cartesia provider account
Optional custom base URL for Cartesia API
π CartesiaProviderAccountCartesiaVersionThe Cartesia API version header. Must be set to a supported API version.
π CartesiaModelList of integrations that are associated with the Cartesia provider account
π CollaboratorList of users who have access to this provider account
CedarGuardrailConfig
The name of the Guardrail Config.
Optional description for this Guardrail Config.
The operation type for this guardrail. Cedar guardrails can only be used for validation.
CedarGuardrailConfigConfig
Enter a Cedar policy string to define access control rules. Supports principal types (user, team, virtualaccount), MCPTool actions, MCPServer resources, and when/unless clauses, refer to Docs
CerebrasKeyAuth
The API key for Cerebras authentication
CerebrasModel
A descriptive name to identify this model integration in the UI
The Cerebras model identifier (e.g., llama-4-scout-17b-16e-instruct, llama3.1-70b). This is the standard model name from Cerebrasβs API documentation.
π ModelTypeSpecify the type of the Cerebras model
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
CerebrasProviderAccount
The name of the Cerebras provider account
List of integrations that are associated with the Cerebras provider account
π CollaboratorList of users who have access to this provider account
ChangePasswordResponse
Union, One Of:ChatPromptManifest
Name of the prompt (alphanumeric characters, hyphens, and underscores only, max 256 characters)
Key value metadata. Should be valid JSON. For e.g.
\{"business-unit": "sales", "quality": "good", "rating": 4.5\}Name of the ML Repo that this prompt belongs to (must start and end with alphanumeric, 2-100 characters)
Version of the entity
Version alias is alternate, ideally human readable, version string to reference an artifact version. It should start with
v followed by alphanumeric and it can include . and - in between (e.g. v1.0.0, v1-prod, v3-dev, etc)π ChatPromptManifestMessagesItemList of messages in the chat conversation, must be non-empty
Variables referenced in messages and that can be replaced when running generation
π ToolSchemaList of tools to be used in the chat prompt
π ChatPromptManifestMcpServersItemA list of MCP servers FQNs or URLs and their tools
π ChatPromptManifestResponseFormatResponse format configuration for structured outputs
π ChatPromptManifestRoutingConfigConfiguration for routing requests to different model targets
π ChatPromptManifestCacheConfigCache configuration for the chat prompt
π McpServerToolDetailsMapping of tool calls to MCP server integration IDs and tool names
π SubAgentSub agents to be used in the chat prompt
ChatPromptManifestCacheConfig
Union, One Of:ChatPromptManifestMcpServersItem
Union, One Of:ChatPromptManifestMessagesItem
Union, One Of:ChatPromptManifestResponseFormat
Union, One Of:ChatPromptManifestRoutingConfig
Union, One Of:ClouderaModel
A descriptive name to identify this model integration in the UI
The unique identifier of the Model in Cloudera Model Registry. This is the model ID assigned when you registered or deployed your model in the CDP Model Registry
The model endpoint URL up to the API version v1. To get the base_url, copy the model endpoint URL and delete the last two path components
π ModelTypeSpecify the type of the Cloudera model
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
ClouderaProviderAccount
The name of the Cloudera provider account
π ClouderaProviderAccountAuthDataCloudera authentication credentials
List of integrations that are associated with the Cloudera provider account
π CollaboratorList of users who have access to this provider account
ClouderaProviderAccountAuthData
Union, One Of:ClouderaTokenAuth
Pre-generated API token for Cloudera CDP authentication. You can generate this token using the CDP CLI or from your user profile settings. This token provides direct access to CDP services without requiring workload-specific authentication.
ClouderaWorkloadAuthToken
The base URL for CDP API services
The access key ID for your Cloudera CDP workload authentication.
The private key for your Cloudera CDP workload authentication.
The name of the CDP workload you want to authenticate with.
Cluster
ClusterGateway
ClusterManifest
Name - 3 to 35 lower case characters long alphanumeric word, may contain - in between, cannot start with a number
π ClusterManifestClusterTypeThe cluster type of this cluster
Tag the environment like dev, staging or production. You will need to create environments if you donβt have already.
One or more base URLs, which can be either a wildcard domain (resulting in app URLs like
\<app-name\>-\<workspace-name\>.\<base-domain-URL\>) or a non-wildcard domain (resulting in app URLs like \<base-domain-URL\>/\<app-name\>-\<workspace-name\>) > Read more about routing here and about βAβ record and domain mapping hereπ ClusterManifestMonitoringMonitoring
Cluster Default Registry
π ClusterManifestWorkbenchConfigWorkbench Config
Cluster Integration FQN
Workflow Storage Integration
π NodepoolAdd nodepools that are already created in your cluster. When deploying, applications can choose to schedule from these nodepools.
π ClusterManifestNodeLabelKeysThe node label keys that this cluster supports. Note: You will additionally need to add
truefoundry.com/gpu_type label for GPU-supported node pools. For more information, check out this documentation.π CollaboratorCollaborators who can access this cluster
ClusterManifestMonitoring
Cluster Loki URL
Cluster VictoriaLogs URL
Cluster Prometheus URL
Cluster Kubecost URL
ClusterManifestNodeLabelKeys
The nodepool selector label that this cluster supports
ClusterManifestWorkbenchConfig
The default storage class for the home directory of workbench
ClustersDeleteResponse
Success message
CodeSafetyLinterGuardrailConfig
The name of the Guardrail Config.
Optional description for this Guardrail Config.
The operation type for this guardrail. Code Safety Linter guardrails can only be used for validation.
Codeserver
CohereKeyAuth
The API key for Cohere authentication
CohereModel
A descriptive name to identify this model integration in the UI
The Cohere model identifier (e.g., command-a-03-2025, command-r-03-2024, command-r-03-2024). This is the standard model id from Cohereβs model catalog.
π ModelTypeSpecify the type of the Cohere model
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
CohereProviderAccount
The name of the Cohere provider account
List of integrations that are associated with the Cohere provider account
π CollaboratorList of users who have access to this provider account
Collaborator
Fully Qualified Name of the subject. eg: user:email or team:teamname
Role ID for the resource
CommonToolsSettings
Enable web search tool Allows model to search the web for information.
Enable code executor tool Allows model to execute code and return the results.
Enable sandbox executor tool Allows model to execute shell command in an isolated stateful sandbox environment.
Enable sequential thinking tool Allows model to reason step-by-step to solve complex problems.
Enable web scraping tool. Allows model to scrape content from web pages with intelligent format selection for structured or unstructured data.
ContainerTaskConfig
π ContainerTaskConfigImageSpecify whether you want to deploy a Docker image or build and deploy from source code
Configure environment variables to be injected in the task either as plain text or secrets. Docs
π ContainerTaskConfigMountsItemConfigure data to be mounted to Workflow pod(s) as a volume.
Service Account
ContainerTaskConfigImage
Union, One Of:ContainerTaskConfigMountsItem
Union, One Of:CoreNatsOutputConfig
Output NATS URL
Root subject of output NATS
CpuUtilizationMetric
Percentage of cpu request averaged over all replicas which the autoscaler should try to maintain
CreateDockerRepositoryResponse
CreateMultiPartUploadRequest
ID of the artifact version to upload files to
Relative path within the artifact version where the file should be uploaded
Number of parts to split the upload into for multipart upload
CreatePersonalAccessTokenResponse
Personal Access Token
CronMetric
Desired number of replicas during the given interval. Default value is max_replicas.
Cron expression indicating the start of the cron schedule.
* * * * * | | | | | | | | | |___ day of week (0-6) (Sunday is 0) | | | |_____ month (1-12) | | |_______ day of month (1-31) | |_________ hour (0-23) |___________ minute (0-59)Cron expression indicating the end of the cron schedule.
* * * * * | | | | | | | | | |___ day of week (0-6) (Sunday is 0) | | | |_____ month (1-12) | | |_______ day of month (1-31) | |_________ hour (0-23) |___________ minute (0-59)Timezone against which the cron schedule will be calculated, e.g. βAsia/Tokyoβ. Default is machineβs local time. https://docs.truefoundry.com/docs/list-of-supported-timezones
CustomAgentServerAuth
Union, One Of:CustomBasicAuth
The username for the basic authentication.
The password for the basic authentication.
CustomBearerAuth
The bearer token for the custom bearer authentication.
CustomBlobStorage
The name of the integration that will be displayed in the TrueFoundry UI.
The endpoint of the storage provider.
The S3-compatible storage path in the format βs3://<bucket-name>/<optional-path-prefix>β. Works with S3-compatible storage providers like MinIO, Ceph, and DigitalOcean Spaces. Example: βs3://mybucketβ or βs3://mybucket/artifacts/productionβ.
The region where the storage is located.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
CustomEndpoint
A descriptive name to identify this endpoint in the UI
The target base URL to proxy requests to (e.g., https://my-service.example.com/v1)
Custom headers forwarded to the upstream endpoint with every request. For example:
\{"X-Custom-Header": "value"\}List of subjects that are authorized to access this endpoint. List of user fqn in format <user_type>:<username>.
CustomEndpointProviderAccount
The name of the custom endpoint provider account.
π CustomEndpointProviderAccountEndpointTypeThe type of service behind this endpoint (used for tracking purposes)
π CustomEndpointList of endpoint integrations associated with this provider account.
π CollaboratorCollaborators
CustomFramework
Type
CustomGuardrailConfig
The name of the Guardrail Config.
Optional description for this Guardrail Config.
π CustomGuardrailConfigAuthDataAuthentication data for the Guardrail Server.
π CustomGuardrailConfigOperationThe operation type to use for the Guardrail. Validate guardrails are used to validate requests and mutate can validate as well as mutate requests. Validate guardrails are run in parallel while mutate guardrails are run sequentially.
Execution order for mutate guardrails. Lower values run first. Only applicable when operation is mutate.
π CustomGuardrailConfigTargetSpecify whether the guardrail should be applied to the request or response. Guardrails with target βRequestβ can be only used in input guardrails and guardrails with target βResponseβ can only be used in output guardrails.
CustomGuardrailConfigAuthData
Union, One Of:CustomGuardrailConfigConfig
The URL of the Guardrail to send a post request to.
Headers for the Guardrail Server. Forwarded to the Guardrail Server as is. For example:
\{"Authorization": "APIKey \<token\>"\}The config for the Guardrail Server. This is a JSON object that will be sent as a config to Guardrail Server along with the request.
CustomHeaderAuth
Headers passed to the generic secret server with every request.
CustomHelmRepo
The name of the integration that will be displayed in the TrueFoundry UI.
The URL of the Helm Repo.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
CustomIntegrations
Union, One Of:- π CustomUsernamePasswordArtifactsRegistry
- π EmailNotificationChannel
- π CustomHelmRepo
- π CustomBlobStorage
- π CustomJwtAuthIntegration
- π GenericSecretStoreIntegration
CustomJwtAuthIntegration
The name of the integration that will be displayed in the TrueFoundry UI.
The base URL of the authentication provider.
The JSON Web Key Set URI for JWT verification.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
CustomProviderAccount
The name of the provider account.
π CustomIntegrationsList of integrations that are associated with the provider account.
CustomRegexPattern
A custom regex pattern to match against content (e.g., β\b\d{3}-\d{2}-\d{4}\bβ for SSN)
Text to use when redacting matched content (only applicable in mutate mode). Defaults to β[REDACTED]β.
CustomServerHeaderAuth
CustomServerPassthrough
CustomTlsSettings
When set to true, it will reject any connection which is not authorized with the list of supplied CAs.
Add custom CA certificates to use for TLS verification.
CustomUsernamePasswordArtifactsRegistry
The name of the integration that will be displayed in the TrueFoundry UI.
The URL of the registry.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
DataAccessRule
Union, One Of:DataAccessRuleBase
Unique identifier for the rule
Description of the rule
Whether this rule is enabled
List of subjects that this rule applies to (users, teams, roles)
π GatewayDataTypeList of data types that this rule applies to
DatabricksApiKeyAuth
API key for Databricks authentication.
DatabricksJobTaskConfig
π DatabricksJobTaskConfigImageSpecify the image spec for the task
Databricks workspace URL, e.g. https://<workspace>.cloud.databricks.com
The Databricks job ID to run (from Databricks workspace Jobs).
Service Account
Optional parameters to pass to the job run (e.g. notebook params, jar params).
Maximum seconds to wait for the job run to complete. Used by CLI when polling.
If false, the task waits for the Databricks job run to complete (trigger and poll). If true, only triggers the job and returns. Default false.
Configure environment variables to be injected in the task either as plain text or secrets. Docs
DatabricksJobTaskConfigImage
Union, One Of:DatabricksModel
A descriptive name to identify this model integration in the UI
The serving endpoint name configured in your Databricks workspace. This is the endpoint you created in Databricks Model Serving, not the underlying model name.
π ModelTypeSpecify the type of the Databricks model
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
DatabricksProviderAccount
The name of the Databricks provider account
π DatabricksProviderAccountAuthDataDatabricks authentication credentials
The base URL of your Databricks workspace
List of integrations that are associated with the Databricks provider account
π CollaboratorList of users who have access to this provider account
DatabricksProviderAccountAuthData
Union, One Of:DatabricksServicePrincipalAuth
OAuth secret of the Databricks service principal.
Client ID or Application ID of the Databricks service principal.
DataDirectory
Unique identifier for the data directory
ID of the ML Repo that this data directory belongs to
Name of the data directory
Fully qualified name of the data directory
π SubjectSubject (user, team, or service account) that created this data directory
Timestamp when the data directory was created
Timestamp when the data directory was last updated
π DataDirectoryManifestManifest containing metadata for the data directory
Code snippet demonstrating how to use this data directory
DataDirectoryManifest
Name of the data directory
Name of the ML Repo to create the data directory under
Description for the data directory
Key Value metadata. Should be valid JSON. For e.g.
\{"business-unit": "sales", "quality": "good", "rating": 4.5\}DataDirectoryManifestSource
Union, One Of:DeactivateUserResponse
Union, One Of:DeepgramApiKeyAuth
The API key for Deepgram authentication
DeepgramModel
A descriptive name to identify this model integration in the UI
The Deepgram model identifier (for example, nova-2, nova-2-general, aura-asteria-en)
π ModelTypeSpecify the type of the Deepgram model (text_to_speech or audio_transcription)
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
DeepgramProviderAccount
The name of the Deepgram provider account
Optional custom base URL for Deepgram API
π DeepgramModelList of integrations that are associated with the Deepgram provider account
π CollaboratorList of users who have access to this provider account
DeepinfraKeyAuth
The API key for DeepInfra authentication
DeepinfraModel
A descriptive name to identify this model integration in the UI
The DeepInfra model identifier (e.g., meta-llama/Llama-3.3-70B-Instruct-Turbo, mistralai/Mistral-Small-24B-Instruct-2501). This is the full model path from DeepInfraβs model catalog.
π ModelTypeSpecify the type of the DeepInfra model
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
DeepinfraProviderAccount
The name of the DeepInfra provider account
List of integrations that are associated with the DeepInfra provider account
π CollaboratorList of users who have access to this provider account
DeleteApplicationResponse
Application deletion message
DeleteJobRunResponse
Job run deleted
DeletePersonalAccessTokenResponse
Union, One Of:DeleteSecretGroupResponse
Union, One Of:DeleteTeamResponse
Union, One Of:DeleteUserResponse
Union, One Of:DeleteVirtualAccountResponse
Union, One Of:Deployment
deployment_builds
typing_extensions.Annotated[(typing.Optional[typing.List[BuildInfo]], Any, Any)]
deployment_statuses
typing_extensions.Annotated[(typing.Optional[typing.List[DeploymentStatus]], Any, Any)]
applied_recommendations
typing_extensions.Annotated[(typing.Optional[typing.List[Recommendation]], Any, Any)]
DeploymentBuild
DeploymentManifest
Union, One Of:- π Service
- π AsyncService
- π Job
- π Notebook
- π Codeserver
- π SshServer
- π RStudio
- π Helm
- π Volume
- π ApplicationSet
- π Workflow
- π SparkJob
- π Intercept
DeploymentStatus
DeveloperMessage
The role of the messages author, in this case developer.
π DeveloperMessageContentThe contents of the developer message.
An optional name for the participant.
DeveloperMessageContent
Union, One Of:DockerFileBuild
The file path of the Dockerfile relative to project root path.
Build context path for the Dockerfile relative to project root path.
π DockerFileBuildCommandOverride the command to run when the container starts When deploying a Job, the command can be templatized by defining
params and referencing them in command E.g. python main.py --learning_rate \{\{learning_rate\}\}Build arguments to pass to docker build
π BuildSecretBuild secrets you can use in run statements inside dockerfile like RUN βmount=type=secret,id=pip_index_url β¦ you can learn more about build secrets here https://www.truefoundry.com/docs/docker-build-secrets
DockerFileBuildCommand
Union, One Of:DockerhubBasicAuth
DockerhubProviderAccount
3 to 36 lower case characters long alphanumeric word, may contain - in between, cannot start with a number
Account Name
DockerhubRegistry
The name of the integration that will be displayed in the TrueFoundry UI.
Registry URL
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
DynamicVolumeConfig
Volume Type for the volume.
Name of the storage class to be used for the volume.
Size of volume in Gi
ElevenLabsApiKeyAuth
The XI API key for ElevenLabs authentication
ElevenLabsModel
A descriptive name to identify this model integration in the UI
The ElevenLabs model identifier (for example, eleven_multilingual_v2, eleven_turbo_v2_5)
π ModelTypeSpecify the type of the ElevenLabs model (text_to_speech or audio_transcription)
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
ElevenLabsProviderAccount
The name of the ElevenLabs provider account
Optional custom base URL for ElevenLabs API
π ElevenLabsModelList of integrations that are associated with the ElevenLabs provider account
π CollaboratorList of users who have access to this provider account
Specify the notification channel to send alerts to
List of recipientsβ email addresses if the notification channel is Email.
EmailNotificationChannel
The name of the integration that will be displayed in the TrueFoundry UI.
The email address from which the email will be sent.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
EmptyResponse
Union, One Of:Endpoint
Host e.g. ai.example.com, app.truefoundry.com
Path e.g. /v1/api/ml/, /v2/docs/
EnkryptAiGuardrailConfig
The name of the Guardrail Config.
Optional description for this Guardrail Config.
π EnkryptAiGuardrailConfigOperationThe operation type to use for the Guardrail. Validate guardrails are used to validate requests and mutate can validate as well as mutate requests. Validate guardrails are run in parallel while mutate guardrails are run sequentially.
Execution order for mutate guardrails. Lower values run first. Only applicable when operation is mutate.
EnkryptAiGuardrailConfigConfig
The name of the guardrail to use for the Enkrypt AI Guardrail.
EnkryptAiKeyAuth
The API key for Enkrypt AI authentication
Environment
EnvironmentColor
EnvironmentManifest
Environment Name
Event
Name of the event
Type of the event
Number of occurrences of the event
Reason for the event
Message describing the event
Namespace of the event
π EventChartChart of the event
EventChart
EventInvolvedObject
ExactMatchCacheConfig
Cache namespace (defaults to βdefaultβ if not provided)
Time-to-live for cached entries in seconds (max 3 days)
ExternalBlobStorageSource
URI referencing a path in the blob storage bucket linked to the MLRepo
FastAiFramework
FiddlerGuardrailConfig
The name of the Guardrail Config.
Optional description for this Guardrail Config.
The operation type for this guardrail. Fiddler guardrails can only be used for validation.
FiddlerGuardrailConfigConfig
Confidence threshold (0.0-1.0) for flagging content. Content scoring above the threshold will be flagged
FiddlerKeyAuth
API key for the Fiddler account
FileInfo
Relative path of the file or directory within the artifact version
Whether this path represents a directory (true) or a file (false)
Size of the file in bytes (only present for files, not directories)
Pre-signed URL to download the file directly (only present for files)
Timestamp when the file was last modified
FlyteLaunchPlan
FlyteLaunchPlanId
resource_type
typing_extensions.Annotated[(typing.Literal[Any], Any, Any)]
default:"LAUNCH_PLAN"
required
FlyteLaunchPlanSpec
FlyteTask
FlyteTaskCustom
FlyteTaskCustomTruefoundry
Union, One Of:FlyteTaskId
FlyteTaskTemplate
FlyteWorkflow
FlyteWorkflowId
resource_type
typing_extensions.Annotated[(typing.Literal[Any], Any, Any)]
default:"WORKFLOW"
required
FlyteWorkflowTemplate
ForwardAction
Service uri to redirect to. This is the kubernetes fully qualified domain name that the target service can be reached on Eg - For a service called
sample-service in workspace ws this would be `sample-service.ws.svc.cluster.localPort to redirect the service traffic to
Function
Name of the tool/function being called
Arguments passed to the tool/function
FunctionSchema
Name of the function
Description of the function
Parameters schema for the function
Indicates if the function should be called strictly
GatewayConfig
Union, One Of:- π RateLimitConfig
- π LoadBalancingConfig
- π GuardrailsConfig
- π BudgetConfig
- π GatewayOtelConfig
- π GatewayMetadataConfig
- π GatewayLoggingConfig
- π GlobalSettings
- π GatewayDataAccessConfig
- π GatewayDataRoutingConfig
GatewayConfiguration
GatewayDataAccessConfig
π DataAccessRuleList of data access rules
GatewayDataCreatedByFilter
Filter type
Comparison operator
List of subjects (users, virtual accounts, teams) to filter by
GatewayDataMetadataFilter
Filter type
Metadata key to filter on
Comparison operator
Values to match against
GatewayDataRoutingConfig
Type of configuration
π GatewayDataRoutingConfigDestinationList of conditional routing destinations
GatewayDataRoutingConfigDestination
Name for the destination
Whether this destination is enabled
Description of the destination
π GatewayDataRoutingConfigDestinationConditionConditions that must be met to use this destination
GatewayDataRoutingConfigDestinationCondition
Union, One Of:- π GatewayDataRoutingConfigDestinationMetadataCondition
- π GatewayDataRoutingConfigDestinationCreatedByCondition
GatewayDataRoutingConfigDestinationControlPlaneManagedStorage
Type of storage configuration
π GatewayDataRoutingConfigDestinationControlPlaneManagedStorageRegionSpecifies the region where control planeβmanaged storage is located.
GatewayDataRoutingConfigDestinationCreatedByCondition
Field to evaluate the condition on
Operator to use for comparison
Value to compare against
GatewayDataRoutingConfigDestinationCustomerManagedStorage
Type of storage configuration
Storage Integration FQN to store traces and spans. A storage integration represents a connected blob storage like AWS S3 / Azure Blob Storage / Google Cloud Storage.
GatewayDataRoutingConfigDestinationMetadataCondition
Field to evaluate the condition on
Metadata key to match
Operator to use for comparison
Value to compare against
GatewayDataRoutingConfigDestinationStorage
π GatewayDataRoutingConfigDestinationStorageStorageStorage configuration for traces and spans
Number of days to retain traces (this does not affect metrics storage)
GatewayDataRoutingConfigDestinationStorageStorage
Union, One Of:- π GatewayDataRoutingConfigDestinationControlPlaneManagedStorage
- π GatewayDataRoutingConfigDestinationCustomerManagedStorage
GatewayLoggingConfig
Name of the logging configuration
π GatewayLoggingRuleList of logging rules
GatewayLoggingRule
Unique identifier for the rule
FQN of the tracing project to send logs to
GatewayLoggingWhen
List of subjects that this rule applies to
GatewayMetadataConfig
Name of the metadata configuration
π GatewayMetadataRuleList of metadata rules
GatewayMetadataRule
Unique identifier for the rule
Metadata key-value pairs to override in the request metadata
GatewayMetadataWhen
List of subjects that this rule applies to
GatewayOtelConfig
π GatewayOtelConfigOtelTracesExporterConfigSet this configuration to export LLM gateway OTEL traces to an external platform. Note that we only export OTEL traces via this configuration.
π GatewayOtelConfigOtelMetricsExporterConfigSet this configuration to export LLM gateway OTEL metrics to an external platform. Note that we only export OTEL metrics via this configuration.
GatewayOtelConfigOtelMetricsExporterConfig
Union, One Of:GatewayOtelConfigOtelTracesExporterConfig
Union, One Of:GatewayRequestMetadataFilter
GatewayRequestMetadataFilterValue
Union, One Of:GcpApiKeyAuth
GcpGcr
The name of the integration that will be displayed in the TrueFoundry UI.
The URL of the registry.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
GcpGcs
The name of the integration that will be displayed in the TrueFoundry UI.
The Google Cloud Storage path in the format βgs://<bucket-name>/<optional-path-prefix>β. Example: βgs://mybucketβ or βgs://mybucket/artifacts/productionβ.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
GcpGkeIntegration
The name of the integration that will be displayed in the TrueFoundry UI.
Name of the cluster given in the cloud account.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
GcpGsm
The name of the integration that will be displayed in the TrueFoundry UI.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
GcpIntegrations
Union, One Of:GcpKeyFileAuth
π GcpKeyFileAuthKeyFileContentKey File Content - Key file content must be valid JSON
GcpKeyFileAuthKeyFileContent
Union, One Of:GcpProviderAccount
The name of the GCP provider account.
The project id of the GCP account.
π GcpIntegrationsList of integrations that are associated with the GCP provider account.
GcpTpu
Name of the TPU Type. One of -
tpu-v4-podslice (TPU v4, ct4p) - tpu-v5-lite-device (TPU v5e, ct5l) - tpu-v5-lite-podslice (TPU v5e, ct5lp) - tpu-v5p-slice (TPU v5p, ct5p)Topology of the TPU slices. Currently only single-host topology is supported. Please refer to TPUs on GKE docs Allowed Values: -
2x2x1 for tpu-v4-podslice - One of 1x1, 2x2, 2x4 for tpu-v5-lite-device and tpu-v5-lite-podslice - 2x2x1 for tpu-v5p-sliceGeminiModel
A descriptive name to identify this model integration in the UI
The Google Gemini model identifier (e.g., gemini-2.0-flash, gemini-2.0-flash-lite-preview-02-05, gemini-2.0-flash-lite-preview-02-05). This is the standard model name from Googleβs Gemini API documentation.
π ModelTypeSpecify the type of the Gemini model (e.g., chat, text, etc.)
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
GenericSecretStoreIntegration
The name of the integration that will be displayed in the TrueFoundry UI.
Base URL of the generic secret server.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
GetAgentSkillResponse
π AgentSkillThe agent skill data
GetAgentSkillVersionResponse
π AgentSkillVersionThe agent skill version data
GetAlertsResponse
π AlertObject containing alert data grouped by alert name
GetApplicationDeploymentResponse
Deployment
GetApplicationResponse
Application
GetArtifactResponse
π ArtifactThe artifact data
GetArtifactVersionResponse
π ArtifactVersionThe artifact version data
GetAuthenticatedVcsurlResponse
GetAutoProvisioningStateResponse
State of auto-provisioning for the cluster.
GetChartsResponse
Step size
GetClusterResponse
π ClusterCluster
GetDataDirectoryResponse
π DataDirectoryThe data directory data
GetDockerRegistryCredentialsResponse
Docker registry FQN
Docker registry username
Docker registry password
GetEnvironmentResponse
π EnvironmentEnvironment
GetEventsResponse
GetJobRunResponse
π JobRunJobRun
GetLogsResponse
GetMlRepoResponse
π MlRepoML Repo
GetModelResponse
π ModelThe model data
GetModelVersionResponse
π ModelVersionThe model version data
GetOrCreatePersonalAccessTokenResponse
π VirtualAccountPersonal Access Token data
Personal Access Token
Whether the PAT was created (true) or already existed (false)
GetPromptResponse
π PromptThe prompt data
GetPromptVersionResponse
π PromptVersionThe prompt version data
GetSecretGroupResponse
π SecretGroupSecret Group
GetSecretResponse
Secret
GetSignedUrLsRequest
ID of the artifact version to get signed URLs for
List of relative file paths within the artifact version to get signed URLs for
π OperationOperation type for the signed URL (e.g., βREADβ or βWRITEβ)
GetSignedUrLsResponse
π SignedUrlList of signed URLs for the requested file paths
GetSuggestedDeploymentEndpointResponse
Host name
Path
π ClusterGatewayGateway configuration
GetTeamPermissionsResponse
π SubjectPermissionRole bindings for the team
GetTeamResponse
GetTokenForVirtualAccountResponse
Token for the virtual account
GetUserPermissionsResponse
π SubjectPermissionRole bindings for the user (including team-inherited)
GetUserResourcesResponse
π UserResourceResources where user is a collaborator
GetUserResponse
GetUserTeamsResponse
π UserTeamInfoTeams where user is a member, with their role
GetVirtualAccountResponse
π VirtualAccountVirtual Account
Virtual Account token (present only when creating a virtual account)
GetWorkspaceResponse
π WorkspaceWorkspace
GitHelmRepo
Git repository URL - Needs to be a valid URL.
Branch/Commit SHA/Tag of the git repo.
Path to the chart.
Helm values files for overriding values in the helm chart. The path is relative to the Path directory defined above
GithubIntegration
Account Name
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
GithubProviderAccount
GitlabIntegration
Account Name
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
GitlabProviderAccount
GitRepositoryExistsResponse
The flag if repository exists or not
The integration id of the repository
GitSource
The repository URL.
The commit SHA.
Selecting branch will select latest commit SHA of the branch.
GlobalSettings
GluonFramework
GoogleGeminiProviderAccount
The name of the Google Gemini provider account
π GeminiModelList of integrations that are associated with the Google Gemini provider account
π CollaboratorList of users who have access to this provider account
GoogleModelArmorApiKeyAuth
Google Cloud API key with Model Armor access
GoogleModelArmorGuardrailConfig
The name of the Guardrail Config.
Optional description for this Guardrail Config.
π GoogleModelArmorGuardrailConfigAuthDataAuthentication credentials for Google Cloud Model Armor
π GoogleModelArmorGuardrailConfigOperationThe operation type to use for the Guardrail. Validate guardrails are used to validate requests and mutate can validate as well as mutate requests.
Execution order for mutate guardrails. Lower values run first. Only applicable when operation is mutate.
GoogleModelArmorGuardrailConfigAuthData
Union, One Of:GoogleModelArmorGuardrailConfigConfig
The Google Cloud project ID where Model Armor is enabled
The Model Armor template name that defines which filters and confidence thresholds to apply (e.g. my-template)
GoogleModelArmorKeyFileAuth
π GoogleModelArmorKeyFileAuthKeyFileContentThe JSON content of your Google Cloud service account key file with Model Armor permissions
GoogleModelArmorKeyFileAuthKeyFileContent
Union, One Of:GoogleVertexProviderAccount
The name of the Google Vertex provider account
The Google Cloud project ID where Vertex AI is enabled
π GoogleVertexProviderAccountAuthDataService account key JSON, or Workload Identity Federation file (workload-identity-federation-file) with external_account JSON (e.g. create-cred-config). https://docs.truefoundry.com/gateway/google-vertex
π VertexModelList of integrations that are associated with the Google Vertex provider account
π CollaboratorList of users who have access to this provider account
GoogleVertexProviderAccountAuthData
Union, One Of:Graph
Name
Description
Chart name
Chart params
GraySwanCygnalApiKeyAuth
GraySwan API key for Cygnal access
GraySwanCygnalGuardrailConfig
The name of the Guardrail Config.
Optional description for this Guardrail Config.
The operation type for this guardrail. GraySwan Cygnal guardrails can only be used for validation.
GraySwanCygnalGuardrailConfigConfig
Optional override for the Cygnal monitor endpoint. Defaults to https://api.grayswan.ai/cygnal/monitor if not provided.
Custom policy IDs to use for monitoring. Rules from all policies are merged in order, with earlier policies taking precedence. If not provided, the default Basic Content Safety policy is applied, refer to Docs
Custom rule definitions for monitoring. Each key is a rule name and its value is the rule description, refer to Docs
π GraySwanCygnalGuardrailConfigConfigReasoningModeControls whether Cygnal uses internal reasoning steps before determining if content violates policy. βoffβ is fastest, βhybridβ adds moderate reasoning, βthinkingβ performs guided reasoning for highest quality.
GroqKeyAuth
The API key for Groq authentication
GroqModel
A descriptive name to identify this model integration in the UI
The Groq model identifier (e.g., llama-3.1-8b-instant, openai/gpt-oss-20b). This is the standard model id from Groqβs model catalog.
π ModelTypeSpecify the type of the Groq model
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
GroqProviderAccount
The name of the Groq provider account
List of integrations that are associated with the Groq provider account
π CollaboratorList of users who have access to this provider account
GuardrailConfigGroup
The name of the Guardrail Config Group.
π CollaboratorList of users who have access to this Guardrail Config Group.
π GuardrailConfigIntegrationsList of Guardrail Configs, which are part of this Guardrail Config Group.
GuardrailConfigIntegrations
Union, One Of:- π OpenAiModerationsGuardrailConfig
- π AwsBedrockGuardrailConfig
- π CustomGuardrailConfig
- π AzurePiiGuardrailConfig
- π AzureContentSafetyGuardrailConfig
- π AzurePromptShieldGuardrailConfig
- π EnkryptAiGuardrailConfig
- π PaloAltoPrismaAirsGuardrailConfig
- π FiddlerGuardrailConfig
- π PangeaGuardrailConfig
- π PatronusGuardrailConfig
- π SecretDetectionGuardrailConfig
- π CodeSafetyLinterGuardrailConfig
- π SqlSanitizerGuardrailConfig
- π RegexGuardrailConfig
- π TfyContentModerationGuardrailConfig
- π TfyPiiGuardrailConfig
- π TfyPromptInjectionGuardrailConfig
- π CedarGuardrailConfig
- π OpaGuardrailConfig
- π GoogleModelArmorGuardrailConfig
- π GraySwanCygnalGuardrailConfig
- π AktoGuardrailConfig
- π TrojAiGuardrailConfig
Guardrails
List of guardrail names to apply to user input messages before processing.
List of guardrail names to apply to AI response messages before returning to user.
GuardrailsConfig
π GuardrailsRuleList of guardrail rules
GuardrailsRule
Unique identifier for the rule
Guardrail selectors of the guardrails to apply to the input (format: groupName/guardrailName)
Guardrail selectors of the guardrails to apply to the output (format: groupName/guardrailName)
Guardrail selectors of the guardrails to apply to the MCP tool pre invoke (format: groupName/guardrailName)
Guardrail selectors of the guardrails to apply to the MCP tool post invoke (format: groupName/guardrailName)
GuardrailsWhen
H2OFramework
HashicorpAppRoleAuth
AppRole role ID for Vault authentication.
AppRole secret ID for Vault authentication.
HashicorpProviderAccount
The name of the HashiCorp Vault provider account.
List of integrations that are associated with the HashiCorp Vault provider account.
HashicorpTokenAuth
Vault authentication token that you want to use for authentication.
HashicorpVaultIntegration
The name of the integration that will be displayed in the TrueFoundry UI.
The URL of the HashiCorp Vault server (e.g., https://vault.example.com:8200).
Mount path of the KV v2 engine vault to use for secrets.
π HashicorpVaultIntegrationAuthDataAuthentication data for the Vault integration.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
Namespace for vault operations, used for multi-tenancy in HashiCorp Vault Enterprise. Optional for open source Vault.
HashicorpVaultIntegrationAuthData
Union, One Of:HeaderMatch
Header name to match on
Header value to match on
HeaderRoutingConfig
Union, One Of:HeadersOverride
List of headers to remove from upstream request
HealthProbe
Time to wait after container has started before checking the endpoint
How often to check the endpoint
Time to wait for a response from the endpoint before considering it down
Number of successful responses from the endpoint before container is considered healthy
Number of consecutive failures before the container is considered down
Helm
Name of the Helm deployment. This will be set as the release name of the chart you are deploying.
Add labels to base argo app
π HelmSourceSource helm repository
Values file as block file
ignore_differences
typing_extensions.Annotated[(typing.Optional[typing.List[typing.Dict[(str, typing.Any)]]], Any, Any)]
Fully qualified name of the workspace
HelmRepo
Helm repository URL - Needs to be a valid URL.
FQN of the helm repo integration. If you canβt find your integration here, add it through the Integrations page
The helm chart name
Helm chart version
HelmSource
Union, One Of:HostedA2AAgent
Type of agent source
Agent Card URL for the A2A Agent
Headers to be sent with the request to the hosted A2A agent. Primarily used for authentication.
HttpError
Error Message
π HttpErrorCodeError code
Error details
HttpErrorCode
Union, One Of:HttpProbe
Request Type
Path to the health check endpoint
Listening port for the health check endpoint
Host name to connect to, defaults to the pod IP
Scheme to use for connecting to the host
HttpValidationError
HuggingfaceArtifactSource
Model ID of the artifact to be downloaded
Revision of the artifact to be downloaded
List of patterns to ignore while downloading the artifact
Environment variable which will contain the download path of the artifact
IChange
old_value
typing_extensions.Annotated[(typing.Optional[typing.Dict[(str, typing.Any)]], Any, Any)]
Image
The image URI. Specify the name of the image and the tag. If the image is in Dockerhub, you can skip registry-url (for e.g.
tensorflow/tensorflow). You can use an image from a private registry using Advanced fieldsFQN of the container registry. If you canβt find your registry here, add it through the Integrations page
π ImageCommandOverride the command to run when container starts. When deploying a Job, the command can be templatized by defining
params and referencing them in command E.g. python main.py --learning_rate \{\{learning_rate\}\}ImageCommand
Union, One Of:ImageContentPart
Type of the content part
π ImageContentPartImageUrlImage URL linking to the image
ImageContentPartImageUrl
π ImageContentPartImageUrlUrlImage URL linking to the image
Details
ImageContentPartImageUrlUrl
Union, One Of:InfraProviderAccount
Union, One Of:- π AwsProviderAccount
- π AzureProviderAccount
- π GcpProviderAccount
- π DockerhubProviderAccount
- π BitbucketProviderAccount
- π CustomProviderAccount
- π GithubProviderAccount
- π GitlabProviderAccount
- π JfrogProviderAccount
- π TtlProviderAccount
- π TrueFoundryProviderAccount
- π QuayProviderAccount
- π SlackProviderAccount
- π WebhookProviderAccount
- π PagerDutyProviderAccount
- π HashicorpProviderAccount
IngressControllerConfig
Ingress Class Name
Whether TLS is managed by the ingress controller. If enabled, the ingress object will have TLS configuration.
InlineSpecSource
π InlineSpecSourceOpenapiSpecThe OpenAPI specification as a JSON object or a JSON/YAML string.
InlineSpecSourceOpenapiSpec
Union, One Of:InNotInOperator
InputOutputBasedCostMetricValue
π PrivatePricingTierOptional volume-based pricing tiers for input tokens. Tokens up to the first tier use base rate above.
π PrivatePricingTierOptional volume-based pricing tiers for output tokens. Tokens up to the first tier use base rate above.
π PrivatePricingTierOptional volume-based pricing tiers for cache read tokens. Tokens up to the first tier use base rate above.
π PrivatePricingTierOptional volume-based pricing tiers for cache write tokens. Tokens up to the first tier use base rate above.
Intercept
Name of the service this intercept is for
InterceptRulesItem
Port of service to be intercepted
π InterceptRulesItemActionAction to take on succesful match
InterceptRulesItemAction
Union, One Of:InternalArtifactVersion
Unique identifier for the artifact version
Fully qualified name of the artifact version in the format β{artifact_type}:{tenant_name}/{ml_repo_name}/{artifact_name}:{version}β
π SubjectSubject (user, team, or service account) that created this artifact version
Timestamp when the artifact version was created
Timestamp when the artifact version was last updated
π ArtifactManifestManifest containing metadata for a generic artifact version
ID of the ML Repo that this artifact version belongs to
List of tags associated with this artifact version for filtering and organization
Optional human-readable version alias (e.g. v1.0.0)
Code snippet demonstrating how to use this artifact version
ID of the parent artifact that this version belongs to
Fully qualified name of the parent artifact (internal use only)
Total size of the artifact version in bytes (internal use only)
InternalListArtifactVersionsResponse
π InternalListArtifactVersionsResponseDataItemList of artifact versions and model versions with internal metadata
π PaginationPagination information including total count, offset, and limit
InternalListArtifactVersionsResponseDataItem
Union, One Of:InternalModelVersion
Unique identifier for the artifact version
Fully qualified name of the artifact version in the format β{artifact_type}:{tenant_name}/{ml_repo_name}/{artifact_name}:{version}β
π SubjectSubject (user, team, or service account) that created this artifact version
Timestamp when the artifact version was created
Timestamp when the artifact version was last updated
π ModelManifestManifest containing metadata specific to the model version
ID of the ML Repo that this artifact version belongs to
List of tags associated with this artifact version for filtering and organization
Optional human-readable version alias (e.g. v1.0.0)
Code snippet demonstrating how to use this artifact version
ID of the parent model that this version belongs to
π MetricList of metrics associated with this model version
Whether this model version is ready for deployment
Fully qualified name of the parent model (internal use only)
Total size of the model version in bytes (internal use only)
InviteUserResponse
IsClusterConnectedResponse
JfrogArtifactsRegistry
The name of the integration that will be displayed in the TrueFoundry UI.
The URL of the registry.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
JfrogBasicAuth
The username for the basic authentication.
The password for the basic authentication.
JfrogProviderAccount
The name of the provider account.
The name of the JFrog account.
List of integrations that are associated with the provider account.
Job
Name of the job
π JobImageSpecify whether you want to deploy a Docker image or build and deploy from source code
π JobTriggerSpecify the trigger
Trigger the job after deploy immediately
π ParamConfigure params and pass it to create different job runs
Configure environment variables to be injected in the service either as plain text or secrets. Docs
π JobAlertConfigure alerts to be sent when the job starts/fails/completes
Specify the maximum number of attempts to retry a job before it is marked as failed.
Job timeout in seconds.
Number of runs that can run concurrently
π JobMountsItemConfigure data to be mounted to job pod(s) as a string, secret or volume. Docs
Labels
Fully qualified name of the workspace
JobAlert
Specify the notification channel to send alerts to
List of recipientsβ email addresses if the notification channel is Email.
Send an alert when the job starts
Send an alert when the job fails
JobImage
Union, One Of:JobMountsItem
Union, One Of:JobRun
JobRun ID
JobRun Name
Duration of JobRun
Command
Error
π JobRunStatusStatus of JobRun
JobTrigger
Union, One Of:JobTriggerInput
π JobTriggerInputCommandCommand
Parameters used to populate template command
JobTriggerInputCommand
Union, One Of:JsonObjectResponseFormat
JsonSchema
Name of the schema
JsonSchemaResponseFormat
Jwt
JwtAuthConfig
FQN of the JWT Auth integration. If you canβt find your integration here, add it through the Integrations page
Enable login for the service
π JwtAuthConfigClaimsItemList of key-value pairs of claims to verify in the JWT token
List of paths that will bypass auth. needs to start with a forward slash(/) and should not contain wildcards(*)
JwtAuthConfigClaimsItem
KafkaInputConfig
βKafka Bootstrap servers - Comma separated list of Kafka brokers βhostname:portβ to connect to for bootstrapβ
Kafka topic to subscribe to
The name of the consumer group to join for dynamic partition assignment
TLS configuration for SASL authentication
Wait timeout for long polling.
KafkaMetricConfig
Upper limit of the number of backlog messages the auto-scaler will try to maintain per replica. If you set this number to 10 and have 30 messages in the stream and one replica, the auto-scaler will scale the number of replicas to 3.
KafkaOutputConfig
βKafka Bootstrap servers - Comma separated list of Kafka brokers βhostname:portβ to connect to for bootstrapβ
Kafka topic to publish to
TLS configuration for SASL authentication
KafkaSaslAuth
Username for SASL authentication
Password for SASL authentication
KerasFramework
Kustomize
Content of kustomization.yaml to perform kustomize operation. Please do not include the
resources section. It is filled in automaticallyAdditional kubernetes manifests to be included in the application
LatencyBasedLoadBalanceTarget
Target model or provider FQN
Status Codes for which the request will fallback to other targets. If the status code is not present in fallback_status_codes, it fails immediately.
Whether this target is a fallback candidate. If set to false, this model will not be considered as a fallback option for targets of this load-balance-rule
Optional parameters to override in the request
Optional metadata key-value pairs that must match incoming request metadata headers for this target to be considered for routing.
LatencyBasedLoadBalancing
π LatencyBasedLoadBalanceTargetList of targets for latency-based load balancing
LatencyBasedLoadBalancingRule
Unique identifier for the rule
LegacyAgentManifest
Type of the manifest
The name of the Agent
The description of the Agent
π CollaboratorList of users who have access to this Agent
π SampleAgentInputSample inputs for your agent. These inputs are shown as an example in the βAgent Chatβ page. (Click on Try Now in the agent listing page)
LightGbmFramework
ListAgentSkillsResponse
π AgentSkillList of agent skills matching the query
π PaginationPagination information
ListAgentSkillVersionsResponse
π AgentSkillVersionList of agent skill versions
π PaginationPagination information
ListApplicationDeploymentsResponse
Array of Deployments
π PaginationPagination information
ListApplicationsResponse
Array of Applications
π PaginationPagination information
ListArtifactsResponse
π ArtifactList of artifacts matching the query
π PaginationPagination information including total count, offset, and limit
ListArtifactVersionsResponse
π ArtifactVersionList of artifact versions matching the query
π PaginationPagination information including total count, offset, and limit
ListClusterAddonsResponse
π AddonComponentArray of Cluster Addons
π PaginationPagination information
ListClustersResponse
π ClusterArray of cluster
π PaginationPagination information
ListDataDirectoriesResponse
π DataDirectoryList of data directories matching the query
π PaginationPagination information including total count, offset, and limit
ListEnvironmentsResponse
π EnvironmentArray of Environments
π PaginationPagination information
ListFilesRequest
ID of the artifact version to list files from
Relative path within the artifact version to list files from (defaults to root)
Maximum number of files/directories to return
ListFilesResponse
π FileInfoList of files and directories in the artifact version
π TokenPaginationPagination information including page tokens for navigation
ListJobRunResponse
π JobRunJobRun History
π PaginationPagination Information
ListMlReposResponse
π MlRepoList of ML Repos matching the query
π PaginationPagination information including total count, offset, and limit
ListModelsResponse
π ModelList of models matching the query
π PaginationPagination information including total count, offset, and limit
ListModelVersionsResponse
π ModelVersionList of model versions matching the query
π PaginationPagination information including total count, offset, and limit
ListPersonalAccessTokenResponse
π VirtualAccountArray of Personal Access Tokens
π PaginationPagination Information
ListPromptsResponse
π PromptList of prompts matching the query
π PaginationPagination information including total count, offset, and limit
ListPromptVersionsResponse
π PromptVersionList of prompt versions matching the query
π PaginationPagination information including total count, offset, and limit
ListSecretGroupResponse
π SecretGroupArray of Secret Groups
π PaginationPagination information
ListSecretsResponse
Array of Secrets
π PaginationPagination Information
ListTeamsResponse
π PaginationPagination Information
ListUsersResponse
π PaginationPagination information
ListVirtualAccountResponse
π VirtualAccountArray of Virtual Accounts
π PaginationPagination Information
ListWorkspacesResponse
π WorkspaceArray of Workspace
π PaginationPagination information
LoadBalanceTarget
Target model or provider FQN
Relative weight for routing decisions (higher values mean more traffic)
Status Codes for which the request will fallback to other targets. If the status code is not present in fallback_status_codes, it fails immediately.
Whether this target is a fallback candidate. If set to false, this model will not be considered as a fallback option for targets of this load-balance-rule
Optional parameters to override in the request
Optional metadata key-value pairs that must match incoming request metadata headers for this target to be considered for routing.
LoadBalancingConfig
π LoadBalancingRuleList of load balancing rules
LoadBalancingRule
Union, One Of:- π WeightBasedLoadBalancingRule
- π LatencyBasedLoadBalancingRule
- π PriorityBasedLoadBalancingRule
LoadBalancingWhen
List of subjects that this rule applies to
List of models that this rule applies to
Metadata key-value pairs that this rule applies to
LocalArtifactSource
π ArtifactPathArray of ArtifactPath objects representing the source and destination paths
LocalModelSource
Path to the model file or folder
LocalSource
Local project root path.
run docker build locally
Log
Job Name
Log Content
Log Stream
Log Time
LoggingConfig
Whether logging is enabled for the chat prompt
The FQN of the tracing project where the logs will be stored
LoggingMode
Union, One Of:LoggingModeAlways
LoggingModeHeaderControlled
Sets the default body logging behaviour when no header is present. Enabling it will log requests by default and clients can opt out. Disabling it will NOT log by default and clients can opt in to log requests.
LoggingModeNever
LogsFilterQuery
π LogsFilterQueryTypequery filter type,
regex or substringπ LogsSearchOperatorTypeComparison operator for filter.
equal or not_equalLogsResponse
Manual
McpServerAuth
Union, One Of:McpServerEnvAuth
Map each env variable to its value. For shared, enter the actual value. For individual, use a placeholder that will be filled in by each user (e.g. API_KEY {{API_KEY}}).
π McpServerEnvAuthAuthLevelLevel at which this authentication will be applied. Values: global (default), per_user
McpServerHeaderAuth
Map each header name to its value. For shared, enter the actual value. For individual, use a placeholder that will be filled in by each user (e.g. Bearer {{API_KEY}}).
π McpServerHeaderAuthAuthLevelLevel at which this authentication will be applied. Values: global (default), per_user
McpServerHeaderOverrideAuth
McpServerIntegration
The name of the MCP Server.
Provide a brief description of the purpose of this MCP Server.
The endpoint URL for the MCP Server.
π McpServerIntegrationTransportThe transport protocol to use for communication with the MCP Server.
List of teams/users who can use this MCP server.
McpServerIntegrations
Union, One Of:McpServerManifest
Union, One Of:- π RemoteMcpServerManifest
- π VirtualMcpServerManifest
- π OpenApimcpServerManifest
- π StdioMcpServerManifest
McpServerOAuth2
OAuth2 authentication
π McpServerOAuth2GrantTypeThe OAuth2 grant type to use for authentication.
URL for the authorization request
The endpoint to exchange auth code for tokens.
client ID for OAuth2 or the TrueFoundry secret FQN containing the client ID.
Client secret or the TrueFoundry secret FQN containing the client secret for OAuth2.
URL for dynamic client registration (RFC 7591). If provided, client credentials will be obtained automatically using the Dynamic Client Registration (DCR) process.
List of supported PKCE code challenge methods (S256 only)
π McpServerOAuth2JwtSourceSource of the JWT token to be used for verification.
List of scopes to request from the OAuth2 provider.
McpServerPassthrough
McpServerProviderAccount
The name of the MCP Server Group.
π CollaboratorList of teams/users who can manage this MCP Server Group. These subjects can add new MCP server integrations, can edit existing ones and can also use the MCP server.
π McpServerIntegrationsList of MCP Servers, which are part of this MCP Server Group.
McpServerSource
Name of the MCP server
List of tools to enable from this source server.
McpServerToolDetails
The integration ID of the MCP server
The name of the tool in the MCP server
McpServerWithFqn
The FQN of the MCP server
The FQN of the MCP server
Whether to enable all tools from the MCP server
π McpToolThe tools to enable from the MCP server
McpServerWithUrl
The URL of the MCP server
The URL of the MCP server
The headers to send to the MCP server
Whether to enable all tools from the MCP server
π McpToolThe tools to enable from the MCP server
McpTool
The name of the tool as it appears in the MCP server
McpToolSetting
The unique name of the tool.
Describe what this tool does. This helps AI models understand when to use it.
Allows to disable the tool.
McpToolsOperator
McpToolTarget
Name of the MCP server
When enabled, all tools from this MCP server are targeted. Disable to select specific tools.
List of specific tools to target from this MCP server.
Metadata
Job Run Name Alias
Metric
Name of the metric
Value of the metric
Timestamp when the metric was recorded (epoch milliseconds)
Training step number when the metric was recorded
MirrorAction
Service uri to mirror to. This is the kubernetes fully qualified domain name that the target service can be reached on Eg - For a service called
sample-service in workspace ws this would be `sample-service.ws.svc.cluster.localPort to redirect the service traffic to
Percentage of requests to mirror
MistralAiKeyAuth
The API key for Mistral AI authentication
MistralAiModel
A descriptive name to identify this model integration in the UI
The Mistral AI model identifier (e.g., mistral-medium-2312, ministral-8b-2410). This is the API Endpoint name from Mistral AIβs model catalog.
π ModelTypeSpecify the type of the Mistral AI model
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
MistralAiProviderAccount
The name of the Mistral AI provider account
List of integrations that are associated with the Mistral AI provider account
π CollaboratorList of users who have access to this provider account
MlRepo
Tenant Name
Created At
Experiment Id
Number of runs
Number of datasets
MlRepoManifest
Name of the ML Repo.
Description for the ML Repo.
Storage Integration to store artifacts and models. A storage integration represents a connected blob storage like AWS S3 / Azure Blob Storage / Google Cloud Storage.
π CollaboratorUsers and Teams that have access to MLRepo
Model
Unique identifier for the artifact
ID of the ML Repo that this artifact belongs to
Type of the artifact, always βmodelβ for Model entities
Name of the artifact (alphanumeric characters, hyphens, and underscores only, max 256 characters)
Fully qualified name of the artifact in the format β{artifact_type}:{tenant_name}/{ml_repo_name}/{artifact_name}β
π SubjectSubject (user, team, or service account) that created this artifact
Timestamp when the artifact was created
Timestamp when the artifact was last updated
π ModelVersionThe most recent version of this model
List of run step numbers where this artifact was created or updated
ModelConfiguration
Name of the provider, must be one of the integration providers configured for the Gateway
Name of the model to be used for generations. This model should be available in the provider
π ParametersParameters to pass to the model when generating
Arbitrary extra parameters to pass to the model when generating
ModelCostMetric
Union, One Of:ModelManifest
Name of the model (alphanumeric characters, hyphens, and underscores only, max 256 characters)
Key value metadata. Should be valid JSON. For e.g.
\{"business-unit": "sales", "quality": "good", "rating": 4.5\}Name of the ML Repo that this model belongs to (must start and end with alphanumeric, 2-100 characters)
Version of the entity
Version alias is alternate, ideally human readable, version string to reference an artifact version. It should start with
v followed by alphanumeric and it can include . and - in between (e.g. v1.0.0, v1-prod, v3-dev, etc)π ModelManifestFrameworkFramework for the model version like Transformers, PyTorch, Sklearn, Xgboost etc with framework specific metadata. This will be used to infer model deployment configuration
Step/Epoch number in an iterative training loop the model version was created. Generally useful when logging a model version from a MLRepo Run
ID of the MLRepo Run that generated the model version
ModelManifestFramework
Union, One Of:- π TransformersFramework
- π TensorFlowFramework
- π SklearnFramework
- π PyTorchFramework
- π KerasFramework
- π XgBoostFramework
- π LightGbmFramework
- π FastAiFramework
- π H2OFramework
- π OnnxFramework
- π SpaCyFramework
- π StatsModelsFramework
- π GluonFramework
- π PaddleFramework
ModelManifestSource
Union, One Of:ModelProviderAccount
Union, One Of:- π AwsBedrockProviderAccount
- π GoogleVertexProviderAccount
- π GoogleGeminiProviderAccount
- π AzureOpenAiProviderAccount
- π AzureFoundryProviderAccount
- π CohereProviderAccount
- π Ai21ProviderAccount
- π AnthropicProviderAccount
- π DeepinfraProviderAccount
- π GroqProviderAccount
- π MistralAiProviderAccount
- π PerplexityAiProviderAccount
- π TogetherAiProviderAccount
- π NomicProviderAccount
- π PalmProviderAccount
- π OllamaProviderAccount
- π OpenaiProviderAccount
- π DatabricksProviderAccount
- π ClouderaProviderAccount
- π SelfHostedModelProviderAccount
- π OpenRouterProviderAccount
- π SambaNovaProviderAccount
- π XaiProviderAccount
- π BasetenProviderAccount
- π AwsSagemakerProviderAccount
- π CerebrasProviderAccount
- π SnowflakeCortexProviderAccount
- π ElevenLabsProviderAccount
- π DeepgramProviderAccount
- π CartesiaProviderAccount
- π VirtualModelProviderAccount
- π CustomEndpointProviderAccount
ModelVersion
Unique identifier for the artifact version
Fully qualified name of the artifact version in the format β{artifact_type}:{tenant_name}/{ml_repo_name}/{artifact_name}:{version}β
π SubjectSubject (user, team, or service account) that created this artifact version
Timestamp when the artifact version was created
Timestamp when the artifact version was last updated
π ModelManifestManifest containing metadata specific to the model version
ID of the ML Repo that this artifact version belongs to
List of tags associated with this artifact version for filtering and organization
Optional human-readable version alias (e.g. v1.0.0)
Code snippet demonstrating how to use this artifact version
ID of the parent model that this version belongs to
π MetricList of metrics associated with this model version
Whether this model version is ready for deployment
ModelVersionEnvironment
Python version to use when running the model
pip dependencies needed for running the model
MultiPartUpload
π MultiPartUploadStorageProviderStorage provider being used for the multipart upload (e.g., βS3_COMPATIBLEβ or βAZURE_BLOBβ)
π SignedUrlList of signed URLs for each part of the multipart upload
List of block IDs for Azure Blob Storage multipart upload
π SignedUrlSigned URL to call after all parts are uploaded to finalize the multipart upload
MultiPartUploadResponse
π MultiPartUploadMultipart upload information including signed URLs for each part
NatsInputConfig
Input NATS URL
Name of the NATS stream
Root subject of input NATS
Consumer name of input NATS
Wait timeout for long polling.
URL for the NATS metrics endpoint. It is compulsory if you want to use NATS autoscaling.
NatsMetricConfig
Upper limit of the number of backlog messages the auto-scaler will try to maintain per replica. If you set this number to 10 and have 30 messages in the stream and one replica, the auto-scaler will scale the number of replicas to 3.
NatsOutputConfig
Output NATS URL
Root subject of output NATS
NatsUserPasswordAuth
Name of the NATS account
User for NATS authentication
Password for NATS authentication
Nodepool
NodepoolSelector
Nodepools where you want to run your workload. Multiple nodepools can be selected. The workload is guaranteed to be scheduled on one of the nodepool
NodeSelector
Instance family of the underlying machine to use. Multiple instance families can be supplied. The workload is guaranteed to be scheduled on one of them.
π NodeSelectorCapacityTypeConfigure what type of nodes to run the app. By default no placement logic is applied. βspot_fallback_on_demandβ will try to place the application on spot nodes but will fallback to on-demand when spot nodes are not available. βspotβ will strictly place the application on spot nodes. βon_demandβ will strictly place the application on on-demand nodes.
NomicKeyAuth
The API key for Nomic authentication
NomicModel
A descriptive name to identify this model integration in the UI
The name of the Nomic model to use
π ModelTypeSpecify the type of the Nomic model
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
NomicProviderAccount
The name of the Nomic provider account
List of integrations that are associated with the Nomic provider account
π CollaboratorList of users who have access to this provider account
Notebook
Stop the notebook instance after this much time in minutes of inactivity. The notebook instance will be stopped even if the notebook is open in your browser, but nothing is running on the notebook.
NotebookConfig
The base domain for the cluster with which you can access your Notebooks
NotificationTarget
Union, One Of:NotificationTargetForAlertRule
Union, One Of:NvidiaGpu
Name of the Nvidia GPU. One of [P4, P100, V100, T4, A10G, A100_40GB, A100_80GB] This field is required for Node Selector and can be ignored in Nodepool Selector. One instance of the card contains the following amount of memory - P4: 8 GB, P100: 16 GB, V100: 16 GB, T4: 16 GB, A10G: 24 GB, A100_40GB: 40GB, A100_80GB: 80 GB
Count of GPUs to provide to the application Note the exact count and max count available for a given GPU type depends on cloud provider and cluster type.
NvidiaMiggpu
Name of the Nvidia GPU. One of [P4, P100, V100, T4, A10G, A100_40GB, A100_80GB] This field is required for Node Selector and can be ignored in Nodepool Selector. One instance of the card contains the following amount of memory - P4: 8 GB, P100: 16 GB, V100: 16 GB, T4: 16 GB, A10G: 24 GB, A100_40GB: 40GB, A100_80GB: 80 GB
π NvidiaMiggpuProfileName of the MIG profile to use. One of the following based on gpu type Please refer to https://docs.nvidia.com/datacenter/tesla/mig-user-guide/#supported-mig-profiles for more details A30 - [1g.6gb, 2g.12gb, 4g.24gb] A100 40 GB - [1g.5gb, 1g.10gb, 2g.10gb, 3g.20gb, 4g.20gb, 7g.40gb] A100 80 GB / H100 80 GB - [1g.10gb, 1g.20gb, 2g.20gb, 3g.40gb, 4g.40gb, 7g.80gb] H100 94 GB - [1g.12gb, 1g.24gb, 2g.24gb, 3g.47gb, 4g.47gb, 7g.94gb] H100 96 GB - [1g.12gb, 1g.24gb, 2g.24gb, 3g.48gb, 4g.48gb, 7g.96gb] H200 141 GB - [1g.18gb, 1g.35gb, 2g.35gb, 3g.71gb, 4g.71gb] B200 180 GB - [1g.23gb, 1g.45gb, 2g.45gb, 3g.90gb, 4g.90gb, 7g.180gb]
NvidiaTimeslicingGpu
Name of the Nvidia GPU. One of [P4, P100, V100, T4, A10G, A100_40GB, A100_80GB] This field is required for Node Selector and can be ignored in Nodepool Selector. One instance of the card contains the following amount of memory - P4: 8 GB, P100: 16 GB, V100: 16 GB, T4: 16 GB, A10G: 24 GB, A100_40GB: 40GB, A100_80GB: 80 GB
Amount of GPU memory (in MB) to allocate. Please note, this limit is not being enforced today but will be in future. Applications are expected to operate in co-opertative mode
OAuth2LoginProvider
OciRepo
OCI chart URL - Need to be a valid URL.
FQN of the container registry. If you canβt find your registry here, add it through the Integrations page
Helm chart version
OllamaKeyAuth
The custom host URL for Ollama API
OllamaModel
Name to identify this Ollama model in the UI
The name of the Ollama model to use
π ModelTypeSpecify the type of the Ollama model
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
OllamaProviderAccount
The name of the Ollama provider account
List of integrations that are associated with the Ollama provider account
π CollaboratorList of users who have access to this provider account
OnnxFramework
OpaAuth
Union, One Of:OpaBearerAuth
The bearer token for OPA server authentication.
OpaGuardrailConfig
The name of the Guardrail Config.
Optional description for this Guardrail Config.
The operation type for this guardrail. OPA guardrails can only be used for validation.
OpaGuardrailConfigConfig
The base URL of the OPA server (e.g., https://opa.example.com:8181). The policy will be queried at {opa_url}/v1/data/{policy_path}.
The policy path to evaluate in OPA (e.g., βauthz/allowβ, βguardrails/validateβ). This corresponds to the package and rule name in your Rego policy. The full query URL will be {opa_url}/v1/data/{policy_path}.
OpaHeaderAuth
Custom headers to include in requests to OPA server (e.g., {βAuthorizationβ: βBearer <token>β, βX-API-Keyβ: β<key>β})
OpenaiApiKeyAuth
Your OpenAI API key for authentication
OpenAiModel
A descriptive name to identify this model integration in the UI
The OpenAI model identifier (e.g., gpt-4o, gpt-4-turbo, gpt-3.5-turbo, o1-mini). This is the standard model name from OpenAIβs API documentation.
π ModelTypeSpecify the type of the OpenAI model
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
OpenAiModerationsGuardrailConfig
The name of the Guardrail Config.
Optional description for this Guardrail Config.
The operation type for this guardrail. OpenAI Moderation guardrails can only be used for validation.
OpenAiModerationsGuardrailConfigConfig
The model to use for the OpenAI Moderation API.
Optional custom base URL for OpenAI API. If not provided, the default base URL will be used.
OpenaiProviderAccount
The name of the OpenAI provider account
Optional custom base URL for OpenAI API
List of integrations that are associated with the OpenAI provider account
π CollaboratorList of users who have access to this provider account
OpenApimcpServerManifest
The name of the OpenAPI MCP Server.
Provide a brief description of the purpose of this OpenAPI MCP Server.
The base URL where API requests will be sent. This should be the root endpoint of your API server, without any path suffix.
When enabled, all tools from the OpenAPI spec will be available (up to 30 tools). Disable to select specific tools.
π OpenApimcpToolSettingThe tools to customize from the OpenAPI Server.
π CollaboratorUsers and Teams that have access to this OpenAPI Server
Key-value pairs to categorize this OpenAPI MCP Server (e.g., by owner or environment).
OpenApimcpToolSetting
π OpenApimcpToolSettingMethodThe HTTP method for this endpoint.
The API endpoint path (e.g., /users/{id}).
The unique name of this tool, derived from OpenAPI operationId.
Describe what this tool does. This helps AI models understand when to use it.
OpenApiSpecSource
Union, One Of:OpenRouterApiKeyAuth
The API key for OpenRouter authentication
OpenRouterModel
A descriptive name to identify this model integration in the UI
The OpenRouter model identifier (e.g., anthropic/claude-3-haiku, openai/gpt-4o-mini). This is the model name from OpenRouterβs model catalog.
π ModelTypeSpecify the type of the OpenRouter model
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
OpenRouterProviderAccount
The name of the OpenRouter provider account
List of integrations that are associated with the OpenRouter provider account
π CollaboratorList of users who have access to this provider account
OtelExporterGrpcConfigBase
Endpoint URL where OpenTelemetry data will be sent
gRPC metadata to include in OpenTelemetry export requests
OtelExporterHttpConfigBase
Endpoint URL where OpenTelemetry data will be sent
π OtelExporterHttpConfigBaseEncodingEncoding for OpenTelemetry data
HTTP headers to include in OpenTelemetry export requests
OtelMetricsExporterGrpcConfig
Configuration type
OtelMetricsExporterHttpConfig
Configuration type
OtelTracesExporterCommonConfig
Set additional attributes to append them to existing resource attributes of every exported trace
Enable to prevent forwarding the LLM or MCP request and response body in exported traces. The following span attributes are dropped: tfy.input, tfy.output, tfy.input_short_hand
π OtelTracesExporterSpanAttributeFilterExport spans only when they match all of the following filters. Only matching on spanAttributes with string values in supported.
OtelTracesExporterGrpcConfig
Configuration type
OtelTracesExporterHttpConfig
Configuration type
OtelTracesExporterSpanAttributeFilter
Type of attribute field to filter on
Key name of the span attribute to filter on
Comparison operator to use for filtering
Values
OwnDataAccessRule
Data access scope - access to own data only
OwnedBy
The name of the account that owns this resource
PaddleFramework
PagerDuty
Specify the notification channel to send alerts to
PagerDutyIntegration
The name of the integration that will be displayed in the TrueFoundry UI.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
PagerDutyIntegrationKeyAuth
The integration key for the PagerDuty integration
The integration URL for the PagerDuty integration
PagerDutyProviderAccount
The name of the PagerDuty provider account
π PagerDutyIntegrationList of integrations that are associated with the PagerDuty provider account
Pagination
Total number of items
Number of items skipped
Number of items per page
PalmKeyAuth
Your PaLM API key for authentication
PalmModel
Name to identify this PaLM model in the UI
The name of the PaLM model to use
π ModelTypeSpecify the type of the PaLM model
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
PalmProviderAccount
The name of the PaLM provider account
List of integrations that are associated with the PaLM provider account
π CollaboratorList of users who have access to this provider account
PaloAltoPrismaAirsGuardrailConfig
The name of the Guardrail Config.
Optional description for this Guardrail Config.
The operation type for this guardrail. Palo Alto Prisma AIRS guardrails can only be used for validation.
PaloAltoPrismaAirsGuardrailConfigConfig
Optional override for the base URL for Palo Alto Prisma AIRS. Defaults to https://service.api.aisecurity.paloaltonetworks.com/v1/ if not provided.
The profile name associated with this Guardrail Config.
π PaloAltoPrismaAirsGuardrailConfigConfigModeExecution mode for the guardrail. Sync waits for the guardrail check to complete before proceeding. Async triggers the check without waiting. Defaults to sync.
Map Palo Alto AIRS metadata fields to TrueFoundry request metadata keys. Key is the Palo Alto AIRS metadata field name, value is the corresponding key from X-TFY-METADATA header on the TrueFoundry side. Example: {βapp_userβ: βuser_emailβ, βai_modelβ: βmodel_nameβ}. Reserved AIRS keys: ai_model, app_user, app_name. Docs
PaloAltoPrismaAirsKeyAuth
API key for the Palo Alto Prisma AIRS account
PangeaGuardrailConfig
The name of the Guardrail Config.
Optional description for this Guardrail Config.
π PangeaGuardrailConfigOperationThe operation type to use for the Guardrail. Validate guardrails are used to validate requests and mutate can validate as well as mutate requests.
Execution order for mutate guardrails. Lower values run first. Only applicable when operation is mutate.
PangeaGuardrailConfigConfig
Domain of the cloud provider and region where your Pangea project is configured. Example: if endpoint is: https://<service_name>.aws.us-west-2.pangea.cloud/v1/text/guard, the input should be: aws.us-west-2.pangea.cloud
Recipe key from Pangea console defining security rules and data types to apply
Overrides for the Pangea account
PangeaKeyAuth
API key for the Pangea account
Param
Name of the param
Description of param
Default value or placeholder
Parameters
ParametersStop
Union, One Of:PatronusAnswerRelevanceEvaluator
The type of the evaluator to use for the Patronus Guardrail.
PatronusEvaluator
Union, One Of:- π PatronusAnswerRelevanceEvaluator
- π PatronusGliderEvaluator
- π PatronusJudgeEvaluator
- π PatronusPiiEvaluator
- π PatronusPhiEvaluator
- π PatronusToxicityEvaluator
PatronusGliderEvaluator
The type of the evaluator to use for the Patronus Guardrail.
PatronusGuardrailConfig
The name of the Guardrail Config.
Optional description for this Guardrail Config.
The operation type for this guardrail. Patronus guardrails can only be used for validation.
PatronusGuardrailConfigConfig
π PatronusGuardrailConfigConfigTargetWhere to apply evaluation: request (evaluate user input) or response (evaluate model response)
π PatronusEvaluatorPatronus evaluators guard against GenAI failures by checking for evaluation criteria, refer to docs
PatronusJudgeEvaluator
The type of the evaluator to use for the Patronus Guardrail.
PatronusKeyAuth
API key for the Patronus account
PatronusPhiEvaluator
The type of the evaluator to use for the Patronus Guardrail.
PatronusPiiEvaluator
The type of the evaluator to use for the Patronus Guardrail.
PatronusToxicityEvaluator
The type of the evaluator to use for the Patronus Guardrail.
Permissions
The fully qualified name of the resource
The type of the resource (cluster, workspace, etc.)
The role id of the role to be assigned to the service account for that resource
PerplexityAiKeyAuth
The API key for Perplexity AI authentication
PerplexityAiModel
A descriptive name to identify this model integration in the UI
The Perplexity AI model identifier (e.g., sonar-reasoning, sonar). This is the model name from Perplexity AIβs API documentation.
π ModelTypeSpecify the type of the Perplexity AI model
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
PerplexityAiProviderAccount
The name of the Perplexity AI provider account
List of integrations that are associated with the Perplexity AI provider account
π CollaboratorList of users who have access to this provider account
PersonalAccessTokenManifest
Personal Access Token Name
Expiration Date of the Personal Access Token (should be in the ISO 8601 format)
The fully qualified name of the user
PerThousandEmbeddingTokensCostMetric
PerThousandTokensCostMetric
Pip
Path to
requirements.txt relative to Path to build contextDefine pip package requirements. In Python/YAML E.g. [βfastapi>=0.90,<1.0β, βuvicornβ]
Poetry
Poetry version to use
install options to pass to poetry command
PolicyFilters
Cluster names where Policy applies
Workspace names where Policy applies
Environment names where Policy applies
PolicyManifest
Unique identifier of the policy across the organisation
Description of the policy that explains what the policy does, its purpose, and how it affects resources. This helps other users understand the policyβs behavior and impact.
π PolicyManifestOperationDefines if the policy validates or mutates resources. Validation policies check TrueFoundry manifests to ensure they meet conditions and can block deployments. Mutation policies modify Kubernetes manifests before theyβre applied to the cluster. See this documentation for more details.
π PolicyManifestModeMode of the policy:
Audit logs all policy evaluations without blocking deployments. Enforce blocks deployments if the policy fails. Disabled deactivates the policy.π PolicyEntityTypesTypes of applications this policy applies to
Actions this policy applies to
TypeScript code for Policy logic. To write and test your policy code, please refer to this repository
PolicyManifestOperation
Union, One Of:PolicyMutationOperation
Mutates or Validates Resources
Determines the sequence in which mutation policies are executed. Policies with lower order value run first, followed by higher value. For example, a policy with order 10 runs before one with order 20. This is crucial when multiple mutation policies need to run in a specific sequence. The order must be between 1 and 100.
PolicyValidationOperation
Mutates or Validates Resources
Port
Port number to expose.
π PortProtocolProtocol for the port.
Expose the port
π PortAppProtocolApplication Protocol for the port. Select the application protocol used by your service. For most use cases, this should be
http(HTTP/1.1). If you are running a gRPC server, select the grpc option. This is only applicable if expose=true.Host e.g. ai.example.com, app.truefoundry.com
Path e.g. /v1/api/ml/, /v2/docs/
Rewrite the path prefix to a different path. If
path is /v1/api and rewrite_path_to is /api. The URI in the HTTP request http://0.0.0.0:8080/v1/api/houses will be rewritten to http://0.0.0.0:8080/api/houses before the request is forwarded your service. Defaults to /. This is only applicable if path is given.π PortAuthAuthentication method for inbound traffic
PortAuth
Union, One Of:PresetRegexPattern
π PresetRegexPatternEnumSelect one or more common regex patterns from the predefined list.
PresignedUrlObject
PriorityBasedLoadBalanceTarget
Target model or provider FQN
Priority for the target, Lower the number, higher the priority (0 is the highest priority)
Status Codes for which the request will fallback to other targets. If the status code is not present in fallback_status_codes, it fails immediately.
Whether this target is a fallback candidate. If set to false, this model will not be considered as a fallback option for targets of this load-balance-rule
Optional parameters to override in the request
Optional metadata key-value pairs that must match incoming request metadata headers for this target to be considered for routing.
PriorityBasedLoadBalancing
π PriorityBasedLoadBalanceTargetList of targets for priority-based load balancing
PriorityBasedLoadBalancingRule
Unique identifier for the rule
PrivatePricingTier
PrometheusAlertRule
Type
Enter a unique, descriptive name for your Prometheus alert rule. Choose a name that clearly indicates the condition being monitored. Please note that reserved alert names for TrueFoundry managed alerts are not allowed. For checking the list of reserved alert names, please refer to the documentation.
Enter a valid PromQL expression that defines the condition for triggering this alert. The alert will fire when this expression evaluates to true for the duration specified in the duration to trigger alert field.
Description of the alert rule which will be displayed in the alert rule list. This can be used to provide more context about the alert rule.
When enabled, notifications will be sent to all configured target channels when the alert conditions are met.
Prompt
Unique identifier for the artifact
ID of the ML Repo that this artifact belongs to
Type of the artifact, always βchat_promptβ for Prompt entities
Name of the artifact (alphanumeric characters, hyphens, and underscores only, max 256 characters)
Fully qualified name of the artifact in the format β{artifact_type}:{tenant_name}/{ml_repo_name}/{artifact_name}β
π SubjectSubject (user, team, or service account) that created this artifact
Timestamp when the artifact was created
Timestamp when the artifact was last updated
π PromptVersionThe most recent version of this prompt
List of run step numbers where this artifact was created or updated
PromptSource
Type of agent source
Fully qualified name of the prompt version to use as the agent source
π AgentSkillList of skills associated with the agent
PromptVersion
Unique identifier for the artifact version
Fully qualified name of the artifact version in the format β{artifact_type}:{tenant_name}/{ml_repo_name}/{artifact_name}:{version}β
π SubjectSubject (user, team, or service account) that created this artifact version
Timestamp when the artifact version was created
Timestamp when the artifact version was last updated
π ChatPromptManifestManifest containing metadata specific to the chat prompt version
ID of the ML Repo that this artifact version belongs to
List of tags associated with this artifact version for filtering and organization
Optional human-readable version alias (e.g. v1.0.0)
Code snippet demonstrating how to use this artifact version
π UsageCodeSnippetList of code snippets demonstrating how to use this prompt version in different languages
ID of the parent prompt that this version belongs to
ProviderAccounts
Union, One Of:- π InfraProviderAccount
- π ModelProviderAccount
- π McpServerProviderAccount
- π GuardrailConfigGroup
PublicCostMetric
PySparkTaskConfig
Extra configuration properties to be passed to the spark job. Docs
Configure environment variables to be injected in the task either as plain text or secrets. Docs
π VolumeMountConfigure data to be mounted to Workflow pod(s) as a volume.
Service Account
PythonBuild
Python version to run your application. Should be one of the tags listed on Official Python Docker Page
Build path relative to project root path.
Path to
requirements.txt relative to Path to build contextDefine pip package requirements. In Python/YAML E.g. [βfastapi>=0.90,<1.0β, βuvicornβ]
π PythonBuildPythonDependenciesPython dependencies to install
Debian packages to install via
apt get. In Python/YAML E.g. [βgitβ, βffmpegβ, βhtopβ]π PythonBuildCommandCommand to run when the container starts. Command will be set as the Entrypoint of the generated image. When deploying a Job, the command can be templatized by defining
params and referencing them in command E.g. python main.py --learning_rate \{\{learning_rate\}\}Version of CUDA Toolkit and CUDNN to install in the image These combinations are based off of publically available docker images on docker hub You can also specify a valid tag of the form {cuda_version_number}-cudnn{cudnn_version_number}-{runtime|devel}-ubuntu{ubuntu_version} Refer https://hub.docker.com/r/nvidia/cuda/tags for valid set of values Note: We use deadsnakes ubuntu ppa to add Python that currently supports only Ubuntu 18.04, 20.04 and 22.04
PythonBuildCommand
Union, One Of:PythonBuildPythonDependencies
Union, One Of:PythonTaskConfig
π PythonTaskConfigImageSpecify the image spec for the task
Configure environment variables to be injected in the task either as plain text or secrets. Docs
π PythonTaskConfigMountsItemConfigure data to be mounted to Workflow pod(s) as a volume.
Service Account
PythonTaskConfigImage
Union, One Of:PythonTaskConfigMountsItem
Union, One Of:PyTorchFramework
QuayArtifactsRegistry
The name of the integration that will be displayed in the TrueFoundry UI.
The URL of the registry.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
QuayBasicAuth
The username for the basic authentication.
The password for the basic authentication.
QuayProviderAccount
The name of the provider account.
The name of the account on Quay.
List of integrations that are associated with the provider account.
QuerySpansRequestFiltersItem
Union, One Of:QuerySpansResponse
π TraceSpanArray of flat spans
π TokenPaginationPagination information
RateLimitConfig
π RateLimitRuleList of rate limit rules
RateLimitRule
Unique identifier for the rule
Maximum number of requests or tokens allowed
Create separate rate limiting rules for each unique value of the selected entity. For example, if βuserβ is selected, a separate rate limit rule will be created for each unique user making requests. Options: user, virtualaccount, model, or a metadata key (e.g., metadata.appId).
RateLimitWhen
List of subjects that this rule applies to
List of models that this rule applies to
Metadata key-value pairs that this rule applies to
Recommendation
recommendation_data
typing_extensions.Annotated[(typing.Dict[(str, typing.Any)], Any, Any)]
required
RefusalContentPart
Type of the content part
Reason
RegexGuardrailConfig
The name of the Guardrail Config.
Optional description for this Guardrail Config.
π RegexGuardrailConfigOperationValidate blocks when pattern matches. Mutate replaces matched text and continues.
Execution order for mutate guardrails. Lower values run first. Only applicable when operation is mutate.
RegexGuardrailConfigConfig
π CustomRegexPatternEnter your own regex patterns to match against content, each with its own redaction text (used in mutate mode).
RegisterUsersResponse
Union, One Of:RemoteMcpServerManifest
The name of the MCP Server.
Provide a brief description of the purpose of this MCP Server.
The endpoint URL for the MCP Server.
π McpToolSettingCustomize tool descriptions or enable/disable specific tools from the MCP Server.
π CollaboratorUsers and Teams that have access to this MCP Server
Key-value pairs to categorize this MCP Server (e.g., by owner or environment).
RemoteSource
Remote repository URI
RemoteSpecSource
URL to fetch the OpenAPI specification (JSON or YAML format).
Resources
Requested CPU which determines the minimum cost incurred. The CPU usage can exceed the requested amount, but not the value specified in the limit. 1 CPU means 1 CPU core. Fractional CPU can be requested like
0.5 or 0.05CPU limit beyond which the usage cannot be exceeded. 1 CPU means 1 CPU core. Fractional CPU can be requested like
0.5. CPU limit should be >= cpu request.Requested memory which determines the minimum cost incurred. The unit of memory is in megabytes(MB). So 1 means 1 MB and 2000 means 2GB.
Memory limit after which the application will be killed with an OOM error. The unit of memory is in megabytes(MB). So 1 means 1 MB and 2000 means 2GB. MemoryLimit should be greater than memory request.
Requested disk storage. The unit of memory is in megabytes(MB). This is ephemeral storage and will be wiped out on pod restarts or eviction
Disk storage limit. The unit of memory is in megabytes(MB). Exceeding this limit will result in eviction. It should be greater than the request. This is ephemeral storage and will be wiped out on pod restarts or eviction
Define the shared memory requirements for your workload. Machine learning libraries like Pytorch can use Shared Memory for inter-process communication. If you use this, we will mount a
tmpfs backed volume at the /dev/shm directory. Any usage will also count against the workloadβs memory limit (resources.memory_limit) along with your workloadβs memory usage. If the overall usage goes above resources.memory_limit the user process may get killed. Shared Memory Size cannot be more than the defined Memory Limit for the workload.π ResourcesNodeThis field determines how the underlying node resource is to be utilized
π ResourcesDevicesItemDefine custom device or accelerator requirements for your workload. We currently support NVIDIA GPUs, AWS Inferentia Accelerators, Single Host TPU Slices.
ResourcesDevicesItem
Union, One Of:ResourcesNode
Union, One Of:ResponseFormatJsonObject
ResponseFormatJsonSchema
ResponseFormatJsonSchemaJsonSchema
ResponseFormatText
RetryConfig
Number of attempts to retry the request
Delay between retries in milliseconds
Status codes to retry on
RevokeAllPersonalAccessTokenResponse
Union, One Of:RoleBindingManifest
Unique name for this role binding.
π RoleBindingSubjectOne row per principal; set type and name (email, team name, virtual account name, or external identity name).
π RoleBindingPermissionResource-scoped role grants (resource type, FQN, and role name).
RoleBindingPermission
Name of the role to bind (e.g. workspace-editor, model-user).
RoleBindingSubject
π RoleBindingSubjectTypeWhether this row identifies a user (email), a team (name), a virtual account (name), or an external identity (name).
User email when type is user; team or virtual account name when type is team or virtualaccount; external identity name when type is external-identity.
RoleManifest
Unique identifier of the role across the organization
Description of the role that explains its purpose and permissions
Define the resource type and the corresponding actions this role can perform on the resource
RoleWithResource
Rolling
Percentage of total replicas that can be brought down at one time. For a value of 25 when replicas are set to 12 this would mean minimum (25% of 12) = 3 pods might be unavailable during the deployment. Setting this to a higher value can help in speeding up the deployment process.
Percentage of total replicas of updated image that can be brought up over the total replicas count. For a value of 25 when replicas are set to 12 this would mean (12+(25% of 12) = 15) pods might be running at one time. Setting this to a higher value can help in speeding up the deployment process.
RpsMetric
Average request per second averaged over all replicas that autoscaler should try to maintain
RStudio
SagemakerModel
A descriptive name to identify this model integration in the UI
The SageMaker endpoint name you created for your model deployment. This is the name of the inference endpoint in AWS SageMaker, not the model name.
π ModelTypeSpecify the type of the Sagemaker model
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
SambaNovaKeyAuth
The API key for SambaNova authentication
SambaNovaModel
A descriptive name to identify this model integration in the UI
The SambaNova model identifier (e.g., DeepSeek-R1-0528, Meta-Llama-3.3-70B-Instruct). This is the standard Model ID from SambaNovaβs model catalog.
π ModelTypeSpecify the type of the SambaNova model
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
SambaNovaProviderAccount
The name of the SambaNova provider account
List of integrations that are associated with the SambaNova provider account
π CollaboratorList of users who have access to this provider account
SampleAgentInput
Input for the agent
Variable inputs for Prompt Variables defined in the Prompt
Schedule
Specify the schedule for this job to be run periodically in cron format.
* * * * * | | | | | | | | | |___ day of week (0-6) (Sunday is 0) | | | |_____ month (1-12) | | |_______ day of month (1-31) | |_________ hour (0-23) |___________ minute (0-59)π ScheduleConcurrencyPolicyChoose whether to allow this job to run while another instance of the job is running, or to replace the currently running instance. Allow will enable multiple instances of this job to run. Forbid will keep the current instance of the job running and stop a new instance from being run. Replace will terminate any currently running instance of the job and start a new one.
Timezone against which the cron schedule will be calculated, e.g. βAsia/Tokyoβ. Default is machineβs local time. https://docs.truefoundry.com/docs/list-of-supported-timezones
Secret
SecretDetectionGuardrailConfig
The name of the Guardrail Config.
Optional description for this Guardrail Config.
π SecretDetectionGuardrailConfigOperationThe operation type to use for the Guardrail. Validate guardrails are used to validate requests and mutate can validate as well as mutate requests. Validate guardrails are run in parallel while mutate guardrails are run sequentially.
Execution order for mutate guardrails. Lower values run first. Only applicable when operation is mutate.
SecretDetectionGuardrailConfigConfig
Text to use when redacting detected secrets in logs and error messages. Defaults to β[REDACTED]β.Only applicable in mutate mode.
SecretGroup
SecretGroupManifest
Name of the secret group
Secret Store to be associated with the secret group
π CollaboratorUsers and Teams that have access to Secret Group
SecretInput
Key of the secret.
Value of the secret.
SecretMount
Absolute file path where the file will be created.
The TrueFoundry secret whose value will be the file content.
SecretStoreConfig
The secret store to store the virtual account token in
The path where the virtual account token will be stored in the secret store (example: secret/path/to/virtual-account-token)
SecretVersion
SelfHostedAgent
Type of the manifest
The URL of the server
SelfHostedModel
A descriptive name to identify this self-hosted model in the UI
The name of the hosted model
The URL where the model is hosted
π SelfHostedModelModelServerThe type of model server being used
π ModelTypeSpecify the type of the model
π SelfHostedModelAuthDataSelf Hosted Model authentication data for the integration.
Self Hosted Model headers for the integration. Forwarded to the provider as is. For example:
\{"Authorization": "APIKey \<token\>"\}List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
SelfHostedModelAuthData
Union, One Of:SelfHostedModelProviderAccount
The name of the provider account.
π SelfHostedModelList of integrations that are associated with the provider account.
π CollaboratorCollaborators
SemanticCacheConfig
Similarity threshold for semantic matching (between 0 and 1)
Cache namespace (defaults to βdefaultβ if not provided)
Time-to-live for cached entries in seconds (max 3 days)
SemanticCacheSettings
Select the embedding model to use for semantic caching across the gateway. This model will be used to generate embeddings for cache lookups when semantic caching is enabled. The embedding model helps identify semantically similar requests to serve cached responses, improving performance for similar queries.
Service
π ServiceReplicasDeploy multiple instances of your pods to distribute incoming traffic across them, ensuring effective load balancing.
Whether to allow intercepts to be applied for this service. This would inject an additional sidecar in each pod of the service. Not recommended on production
π ServiceRolloutStrategyStrategy to dictate how a rollout should happen when a new release for this service is made Docs
ServiceAutoscaling
π ServiceAutoscalingMetricsMetrics to use for the autoscaler
ServiceAutoscalingMetrics
Union, One Of:ServiceReplicas
Union, One Of:ServiceRolloutStrategy
Union, One Of:Session
service_account_metadata
typing_extensions.Annotated[(typing.Optional[typing.Dict[(str, typing.Any)]], Any, Any)]
SessionAccount
SessionTeam
SignedUrl
Relative path of the file within the artifact storage
Pre-signed URL that can be used to access the file directly
SklearnFramework
Relative path to the model file in the model version contents
SklearnModelSchema
π InferMethodNameName of the method used for inference
Schema of the input
Schema of the output
SlackBot
Specify the notification channel to send alerts to
List of channels to send messages to.
SlackBotAuth
The bot token for the slack bot to send messages to the channels. This bot should have the following permissions: chat:write, chat:write.public
SlackBotIntegration
The name of the integration that will be displayed in the TrueFoundry UI.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
SlackIntegrations
Union, One Of:SlackProviderAccount
The name of the provider account.
π SlackIntegrationsList of integrations that are associated with the provider account.
SlackWebhook
Specify the notification channel to send alerts to
SlackWebhookAuth
The URL of the slack webhook
SlackWebhookIntegration
The name of the integration that will be displayed in the TrueFoundry UI.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
SlaCutoff
Time per output token threshold in milliseconds. If time per output token exceeds this value, the target will be marked as unhealthy
SmtpCredentials
The SMTP host of the email server.
The username for the SMTP server.
The password for the SMTP server.
The port of the SMTP server.
Whether to use TLS for the SMTP server.
SnowflakeCortexModel
Name to identify this Snowflake Cortex model in the UI
ID of the Snowflake Cortex model to use
π ModelTypeSpecify the type of the Snowflake Cortex model
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
SnowflakeCortexPatTokenAuth
PAT token for Snowflake Cortex authentication
SnowflakeCortexProviderAccount
The name of the Snowflake Cortex provider account
Snowflake account identifier. You can find it in the URL of your Snowflake account. Example: https://<account_identifier>.snowflakecomputing.com. Insert the account identifier only, without the URL.
List of integrations that are associated with the Snowflake Cortex provider account
π CollaboratorList of users who have access to this provider account
SpaCyFramework
SpanAttributeFilter
SpanAttributeFilterValue
Union, One Of:SpanFieldFilter
SpanFieldFilterValue
Union, One Of:SparkBuild
Spark version should match the spark version installed in the image.
Build path relative to project root path.
Path to
requirements.txt relative to Path to build contextSparkConfig
The base domain for the cluster with which you can access your Spark UI
SparkDriverConfig
SparkExecutorConfig
π SparkExecutorConfigInstancesExecutor Instances
SparkExecutorConfigInstances
Union, One Of:SparkExecutorDynamicScaling
Minimum number of instances to start / scale down to
Maximum number of instances to scale up to
SparkExecutorFixedInstances
Number of instances to start
SparkImage
Spark version should match the spark version installed in the image.
The image URI. Specify the name of the image and the tag. If the image is in Dockerhub, you can skip registry-url (for e.g.
tensorflow/tensorflow). You can use an image from a private registry using Advanced fieldsFQN of the container registry. If you canβt find your registry here, add it through the Integrations page
SparkImageBuild
FQN of the container registry. If you canβt find your registry here, add it through the Integrations page
π SparkImageBuildBuildSourceFetch source code
SparkImageBuildBuildSource
Union, One Of:SparkJob
Name of the job
π SparkJobImageThe image to use for driver and executors. Must have spark installed. Spark version must match the version in the image.
π SparkJobEntrypointEntrypoint
Configure environment variables to be injected in the service either as plain text. Docs
Extra configuration properties to be passed to the spark job. Docs
π VolumeMountConfigure volumes to be mounted to driver and executors. Docs
Specify the maximum number of attempts to retry a job before it is marked as failed.
Service Account
Fully qualified name of the workspace
SparkJobEntrypoint
Union, One Of:- π SparkJobPythonEntrypoint
- π SparkJobScalaEntrypoint
- π SparkJobJavaEntrypoint
- π SparkJobPythonNotebookEntrypoint
- π SparkJobScalaNotebookEntrypoint
SparkJobImage
Union, One Of:SparkJobJavaEntrypoint
The main application file to be executed by the spark job.
The main class to be executed by the spark job.
Arguments to be passed to the main application file.
SparkJobPythonEntrypoint
The main application file to be executed by the spark job. Relative path in case of git repository.
Arguments to be passed to the main application file.
SparkJobPythonNotebookEntrypoint
The main application file to be executed by the spark job. Relative path in case of git repository.
SparkJobScalaEntrypoint
The main application file to be executed by the spark job.
The main class to be executed by the spark job.
Arguments to be passed to the main application file.
SparkJobScalaNotebookEntrypoint
The main application file to be executed by the spark job. Relative path in case of git repository.
SparkJobTriggerInput
Arguments to pass to the main application file
SqlSanitizerGuardrailConfig
The name of the Guardrail Config.
Optional description for this Guardrail Config.
π SqlSanitizerGuardrailConfigOperationValidate (detect and block) or Mutate (detect, sanitize comments, and continue).
Execution order for mutate guardrails. Lower values run first. Only applicable when operation is mutate.
SqlSanitizerGuardrailConfigConfig
Block SQL DROP statements as dangerous operations.
Block SQL TRUNCATE statements as dangerous operations.
Block SQL ALTER statements as dangerous operations.
Block SQL GRANT statements as dangerous operations.
Block SQL REVOKE statements as dangerous operations.
Remove SQL comments (β and block comments) from queries. In mutate mode, comments are stripped from the output.
Flag DELETE FROM statements that lack a WHERE clause as potentially dangerous.
Flag UPDATE statements that lack a WHERE clause as potentially dangerous.
Detect naive string interpolation patterns (+, %., {}) that may indicate SQL injection vulnerabilities.
SqsInputConfig
AWS SQS Queue URL of Subscriber
AWS Region Name
A period during which Amazon SQS prevents all consumers from receiving and processing the message. If one message takes 5 seconds to process, you can set this number to 7 or any number higher than 5. This will ensure that while the message is being processed, it will not be available to other replicas. For more information, see here
Wait timeout for long polling. For more information, see here
SqsOutputConfig
AWS SQS Queue URL of Publisher
AWS Region Name
SqsQueueMetricConfig
Upper limit of the number of backlog messages the auto-scaler will try to maintain per replica. If you set this number to 10 and have 30 messages in the queue and one replica, the auto-scaler will scale the number of replicas to 3.
π SqsQueueMetricConfigAuthReceive permissions on the SQS Queue
SqsQueueMetricConfigAuth
Union, One Of:SshServer
Add Your SSH Public Key, this will be used to authenticate you to the SSH Server. \ You can find it using
cat ~/.ssh/id_rsa.pub in Mac/Linux or type $home\.ssh\id_rsa.pub in Windows Powershell. \ You can also generate a new SSH key pair using ssh-keygen -t rsa in your local terminal. (same for both Mac/Linux and Windows Powershell)Stop the SSH Server instance after this much time in minutes of inactivity. The instance is considered active if there is at least one active SSH connection (a client connected to the SSH server), or if a background job is running using tmux or screen, or if the pod has restarted.
SshServerConfig
The base domain for the cluster with which you can access your SSH containers
The port for the cluster with which you can access your SSH containers
StageArtifactRequestManifest
Union, One Of:StageArtifactResponse
ID of the staged artifact version
Root storage path where the artifact version files should be uploaded
ID of the artifact that the staged version belongs to
StaticVolumeConfig
Volume Type for the volume.
Persistent Volume Name of the volume to be used.
StatsModelsFramework
StdioMcpServerManifest
The name of the MCP Server.
Provide a brief description of the purpose of this MCP Server.
π CollaboratorUsers and Teams that have access to this MCP Server
Executable to run for the stdio MCP server process.
Arguments passed to the stdio MCP server command.
Key-value pairs to categorize this MCP Server (e.g., by owner or environment).
StickyRouting
Sticky mapping TTL in seconds
π StickySessionIdentifierList of identifier selectors used to build sticky key
StickySessionIdentifier
π StickySessionIdentifierSourceSource from which session identifier value will be extracted
Key to read from selected source
StringDataMount
Absolute file path where the file will be created.
The file content.
SubAgent
Name of the sub agent
Subject
SubjectClause
SubjectConditionGroup
SubjectPermission
SyncTokenInSecretStoreInfo
Error message if sync failed
SyncVirtualAccountTokenResponse
sync_token_in_secret_store_info
typing_extensions.Annotated[(SyncTokenInSecretStoreInfo, Any, Any)]
required
SystemMessage
Role of the message
π SystemMessageContentText content for the system message
Name of the system
SystemMessageContent
Union, One Of:TargetClause
TargetConditionGroup
TaskDockerFileBuild
FQN of the container registry. If you canβt find your registry here, add it through the Integrations page
The file path of the Dockerfile relative to project root path.
Build arguments to pass to docker build
TaskPySparkBuild
Spark version should match the spark version installed in the image.
Custom container image URI. If provided, this image is used instead of the default Spark base image (public.ecr.aws/bitnami/spark). The image must be Debian-based and have Python and Spark pre-installed.
FQN of the container registry. If you canβt find your registry here, add it through the Integrations page
Path to
requirements.txt relative to Path to build contextDefine pip package requirements. In Python/YAML E.g. [βfastapi>=0.90,<1.0β, βuvicornβ]
Debian packages to install via
apt get. In Python/YAML E.g. [βgitβ, βffmpegβ, βhtopβ]TaskPythonBuild
FQN of the container registry. If you canβt find your registry here, add it through the Integrations page
Python version to run your application. Should be one of the tags listed on Official Python Docker Page
Path to
requirements.txt relative to Path to build contextDefine pip package requirements. In Python/YAML E.g. [βfastapi>=0.90,<1.0β, βuvicornβ]
Debian packages to install via
apt get. In Python/YAML E.g. [βgitβ, βffmpegβ, βhtopβ]Version of CUDA Toolkit and CUDNN to install in the image These combinations are based off of publically available docker images on docker hub You can also specify a valid tag of the form {cuda_version_number}-cudnn{cudnn_version_number}-{runtime|devel}-ubuntu{ubuntu_version} Refer https://hub.docker.com/r/nvidia/cuda/tags for valid set of values Note: We use deadsnakes ubuntu ppa to add Python that currently supports only Ubuntu 18.04, 20.04 and 22.04
Team
TeamDataAccessRule
Data access scope - access to team data including owned virtual accounts
TeamManifest
Name of the Team
Emails of each of the user who can manage the members of the team. Any tenant admin is by default a team manager.
Enter email of each of the user you want to add in the team.
Key-value pairs to categorize this Team (e.g., by owner or environment).
TeamMetadata
TeamOwnedBy
The name of the account that owns the team
TensorFlowFramework
TerminateJobResponse
Terminate Job Message
TextContentPart
Type of the content part
π TextContentPartTextText content for the message
TextContentPartText
Union, One Of:TfyContentModerationGuardrailConfig
The name of the Guardrail Config.
Optional description for this Guardrail Config.
The operation type for this guardrail. TrueFoundry Content Moderation guardrails can only be used for validation.
TfyContentModerationGuardrailConfigConfig
Minimum severity level (0-6) to flag content. 0=Safe, 2=Low risk, 4=Medium risk, 6=High risk
π AzureContentSafetyCategoryTypes of harmful content to detect: Hate (hate speech), SelfHarm (self-injury), Sexual (sexual content), Violence (violent content)
TfyPiiGuardrailConfig
The name of the Guardrail Config.
Optional description for this Guardrail Config.
π TfyPiiGuardrailConfigOperationThe operation type to use for the Guardrail. Validate guardrails are used to validate requests and mutate can validate as well as mutate requests. Validate guardrails are run in parallel while mutate guardrails are run sequentially.
Execution order for mutate guardrails. Lower values run first.
TfyPiiGuardrailConfigConfig
π AzurePiiCategoryCategories of PII to detect.
TfyPromptInjectionGuardrailConfig
The name of the Guardrail Config.
Optional description for this Guardrail Config.
The operation type for this guardrail. TrueFoundry Prompt Shield guardrails can only be used for validation.
TogetherAiKeyAuth
The API key for Together AI authentication
TogetherAiModel
A descriptive name to identify this model integration in the UI
The Together AI model identifier (e.g., deepseek-ai/DeepSeek-R1, moonshotai/Kimi-K2-Instruct-0905). This is the model name from Together AIβs model catalog.
π ModelTypeSpecify the type of the Together AI model
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
TogetherAiProviderAccount
The name of the Together AI provider account
List of integrations that are associated with the Together AI provider account
π CollaboratorList of users who have access to this provider account
TokenPagination
Number of items per page
ToolCall
Type of the tool call
Unique identifier for the tool call
ToolMessage
Role of the message
π ToolMessageContentContent of the tool call result
Unique identifier for the tool call
ToolMessageContent
Union, One Of:ToolSchema
Type of the tool
TraceSpan
Timestamp in ISO 8601 format (e.g., 2025-03-12T00:00:09.872Z).
Array of events that occurred during the span execution.
Gateway feedbacks associated with this span (if any).
TracingProjectControlPlaneManagedStorage
Type of storage configuration
TracingProjectCustomerManagedStorage
Type of storage configuration
Storage Integration FQN to store traces and spans. A storage integration represents a connected blob storage like AWS S3 / Azure Blob Storage / Google Cloud Storage. Please note that this cannot be changed once set.
TracingProjectManifest
Name of the Tracing Project
Description for the Tracing Project.
π CollaboratorUsers and Teams that have access to Tracing Project
Number of days to retain traces for (minimum 7 days). Traces older than these number of days will be deleted automatically. When not set, traces are retained indefinitely. Note: Metrics will be retained regardless of this setting.
TracingProjectStorageConfig
Union, One Of:TransformersFramework
π LibraryNameName of the library for the framework
The
pipeline() task this model can be used with e.g. text-generation. See huggingface docs for all possible valuesBase model Id from HuggingFace Hub. If this is a finetuned model, this points to the base model id used for finetuning.
TriggerJobRequestInput
Union, One Of:TriggerJobRunResponse
Job triggered
π JobRunDetails of the triggered job run
TrojAiClientIdAuth
The client ID that identifies your TrojAI firewall policy (sent as x-eag-clientid header)
TrojAiGuardrailConfig
The name of the Guardrail Config.
Optional description for this Guardrail Config.
π TrojAiGuardrailConfigOperationThe operation type to use for the Guardrail. Validate guardrails are used to validate requests and mutate can validate as well as mutate requests. Validate guardrails are run in parallel while mutate guardrails are run sequentially.
Execution order for mutate guardrails. Lower values run first. Only applicable when operation is mutate.
TrojAiGuardrailConfigConfig
The base URL of the TrojAI firewall (e.g. https://your-trojai-firewall-host)
TrueFoundryAgentManifest
Type of the manifest
The name of the Agent
The description of the Agent
Tags for the Agent
Model for the Agent
π TrueFoundryAgentManifestModelParamsModel parameters (default and extra). Keys are param names, values are float, int, bool, or string.
π TrueFoundryAgentSkillList of agent skills to attach to this agent
π TrueFoundryAgentMcpServerList of MCP servers with name, enable_all_tools, and optional tools filter
System instruction or prompt for the agent
π TrueFoundryAgentUserMessagePre-defined initial messages for the agent. Supports template variable replacement.
π TrueFoundryAgentVariableVariables keyed by name. Each has optional default_value and optional description.
π TrueFoundryAgentManifestResponseFormatJSON schema or structure for the agent response format
π TrueFoundryAgentManifestSandboxSandbox execution settings
Maximum number of iterations for the agent
π CollaboratorList of users who have access to this Agent
TrueFoundryAgentManifestModelParams
Maximum number of tokens to generate.
π TrueFoundryAgentManifestModelParamsReasoningEffortReasoning depth when the model and provider support this parameter.
Sampling temperature (0β2). Higher values increase randomness.
Nucleus sampling threshold (0β1). Alternative to temperature.
TrueFoundryAgentManifestResponseFormat
Union, One Of:TrueFoundryAgentManifestSandbox
TrueFoundryAgentMcpServer
MCP server name
When true, tools from this server are loaded lazily (deferred loading).
π TrueFoundryAgentMcpToolList of tools to enable from this server
TrueFoundryAgentMcpTool
TrueFoundryAgentSkill
Fully qualified name of the agent skill
If true, the SKILL.md content is injected into the agent context.
TrueFoundryAgentUserMessage
Role of the message sender.
Content of the user message. Supports template variables like {{variable_name}}.
TrueFoundryAgentVariable
Default value for the variable
Description of the variable
TrueFoundryApplyRequestManifest
Union, One Of:- π MlRepoManifest
- π ArtifactManifest
- π ModelManifest
- π ChatPromptManifest
- π DataDirectory
- π Service
- π ApplicationSet
- π ProviderAccounts
- π ClusterManifest
- π WorkspaceManifest
- π Job
- π Helm
- π Volume
- π Notebook
- π RStudio
- π Workflow
- π AsyncService
- π SshServer
- π SparkJob
- π GatewayConfig
- π TeamManifest
- π PolicyManifest
- π RoleManifest
- π AlertConfig
- π VirtualAccountManifest
- π CommonToolsSettings
- π AiFeaturesSettings
- π SecretGroupManifest
- π AgentManifest
- π EnvironmentManifest
- π TracingProjectManifest
- π McpServerManifest
- π RoleBindingManifest
TrueFoundryApplyResponse
existing_manifest
typing_extensions.Annotated[(typing.Optional[TrueFoundryApplyResponseExistingManifest], Any, Any)]
π TrueFoundryApplyResponseActionThe action performed: CREATE or UPDATE
The created or updated resource
TrueFoundryApplyResponseExistingManifest
Union, One Of:- π MlRepoManifest
- π ArtifactManifest
- π ModelManifest
- π ChatPromptManifest
- π DataDirectory
- π Service
- π ApplicationSet
- π ProviderAccounts
- π ClusterManifest
- π WorkspaceManifest
- π Job
- π Helm
- π Volume
- π Notebook
- π RStudio
- π Workflow
- π AsyncService
- π SshServer
- π SparkJob
- π GatewayConfig
- π TeamManifest
- π PolicyManifest
- π RoleManifest
- π AlertConfig
- π VirtualAccountManifest
- π CommonToolsSettings
- π AiFeaturesSettings
- π SecretGroupManifest
- π AgentManifest
- π EnvironmentManifest
- π TracingProjectManifest
- π McpServerManifest
- π RoleBindingManifest
TrueFoundryArtifactSource
Artifact or Model Version FQN of the artifact to be downloaded
Environment variable which will contain the download path of the artifact
TrueFoundryDbssm
The name of the integration that will be displayed in the TrueFoundry UI.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
TrueFoundryDeleteRequestManifest
Union, One Of:- π MlRepoManifest
- π ArtifactManifest
- π ModelManifest
- π ChatPromptManifest
- π DataDirectory
- π Service
- π ApplicationSet
- π ProviderAccounts
- π ClusterManifest
- π WorkspaceManifest
- π Job
- π Helm
- π Volume
- π Notebook
- π RStudio
- π Workflow
- π AsyncService
- π SshServer
- π SparkJob
- π GatewayConfig
- π TeamManifest
- π PolicyManifest
- π RoleManifest
- π AlertConfig
- π VirtualAccountManifest
- π CommonToolsSettings
- π AiFeaturesSettings
- π SecretGroupManifest
- π AgentManifest
- π EnvironmentManifest
- π TracingProjectManifest
- π McpServerManifest
- π RoleBindingManifest
TrueFoundryInteractiveLogin
List of paths that will bypass auth. needs to start with a forward slash(/) and should not contain wildcards(*)
TrueFoundryManagedSource
TrueFoundryProviderAccount
The name of the provider account.
List of integrations that are associated with the provider account.
TtlProviderAccount
The name of the provider account.
List of integrations that are associated with the provider account.
TtlRegistry
The name of the integration that will be displayed in the TrueFoundry UI.
The URL of the registry.
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
UpdateSecretInput
Key of the secret.
Value of the secret.
UpdateUserRolesResponse
Union, One Of:UpgradeData
UploadSpecSource
Cloud storage path where the OpenAPI specification is stored (S3, GCS, or Azure Blob).
UsageCodeSnippet
Display name for the code snippet (e.g., βPythonβ, βJavaScriptβ)
Programming language of the code snippet (e.g., βpythonβ, βjavascriptβ)
List of libraries/frameworks used in the code snippet
Code snippet demonstrating how to use the prompt version
User
roles_with_resource
typing_extensions.Annotated[(typing.Optional[typing.List[RoleWithResource]], Any, Any)]
UserMessage
Role of the message
π UserMessageContentContent of the user message. can be a mix of text and images
Name of the user this message is from
UserMessageContent
Union, One Of:UserMessageContentOneItem
Union, One Of:UserMetadata
user_object
typing_extensions.Annotated[(typing.Optional[typing.Dict[(str, typing.Any)]], Any, Any)]
tenant_role_managed_by
typing_extensions.Annotated[(typing.Optional[UserMetadataTenantRoleManagedBy], Any, Any)]
scim_user_object
typing_extensions.Annotated[(typing.Optional[typing.Dict[(str, typing.Any)]], Any, Any)]
UserResource
UserTeamInfo
Roles of the user in the team
Uv
UV version to use
Sync options to pass to uv command
ValidationError
ValidationErrorLocItem
Union, One Of:VertexKeyFileAuth
π VertexKeyFileAuthKeyFileContentJSON from a downloadable Google Cloud service account key (type service_account). Not for Workload Identity Federation; use authentication type Workload Identity Federation file (workload-identity-federation-file) for gcloud iam workload-identity-pools create-cred-config output.
VertexKeyFileAuthKeyFileContent
Union, One Of:VertexModel
A descriptive name to identify this model integration in the UI
The Google Vertex AI model identifier (e.g., gemini-2.5-pro, anthropic/claude-sonnet-4-5@20250929). This is the model version name from Vertex AIβs model catalog.
π ModelTypeSpecify the type of the Vertex AI model (e.g., chat, text, etc.)
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
VertexWifFileAuth
π VertexWifFileAuthKeyFileContentJSON credential configuration for Workload Identity Federation (ADC type external_account), for example from gcloud iam workload-identity-pools create-cred-config. This is not a service account private key. Same field name as key-file auth (key_file_content); use auth_data.type workload-identity-federation-file vs key-file to distinguish.
VertexWifFileAuthKeyFileContent
Union, One Of:VirtualAccount
roles_with_resource
typing_extensions.Annotated[(typing.Optional[typing.List[RoleWithResource]], Any, Any)]
VirtualAccountManifest
Virtual Account Name
π PermissionsPermissions
Expiration Date of the Virtual Account (should be in the format yyyy-mm-dd)
Key-value pairs to categorize this Virtual Account (e.g., by owner or environment).
VirtualAccountOwnedBy
The name of the account that owns this resource
The name of the team that owns this resource
VirtualMcpServerIntegration
The name of the Virtual MCP Server.
Provide a brief description of the purpose of this Virtual MCP Server.
π VirtualMcpServerSourceList of source MCP servers to include in this virtual server.
List of teams/users who can use this MCP server.
VirtualMcpServerManifest
The name of the Virtual MCP Server.
Provide a brief description of the purpose of this Virtual MCP Server.
π McpServerSourceList of source MCP servers to include in this virtual server.
π CollaboratorUsers and Teams that have access to this Virtual MCP Server
Key-value pairs to categorize this Virtual MCP Server (e.g., by owner or environment).
VirtualMcpServerSource
Name of the source MCP server within this group (use {provider_account_name}/{integration_name} format).
List of tools to enable from this source server.
VirtualModel
The name of the Virtual Model
π VirtualModelModelTypeSpecify the type of the Virtual Model
It should be a unique identifier for the virtual model. It is used to uniquely identify the virtual model. It can be used in place of virtualGroupName/virtualModelName.
VirtualModelProviderAccount
The name of the Virtual Model Provider Group
π VirtualModelList of virtual models in this group
π CollaboratorList of users who have access to this Virtual Model Provider Group
Volume
Name of the Volume. This will be set as the volume name.
π VolumeConfigVolume Config - Volume Configuration, can be either Dynamically provisioned or statically provisioned.
Fully qualified name of the workspace
VolumeBrowser
Username for logging in the volume browser.
TFY Secret containing the password for logging in the volume browser.
Kubernetes Service account name for the volume browser.
VolumeConfig
Union, One Of:VolumeMount
Absolute file path where the volume will be mounted.
Sub path within the volume to mount. Defaults to root of the volume.
The TrueFoundry volume that needs to be mounted.
WebhookBasicAuth
Basic auth username
Basic auth password
WebhookBearerAuth
Bearer token for authentication
Prefix for the token
WebhookIntegration
The name of the integration that will be displayed in the TrueFoundry UI.
The URL of the webhook endpoint
π WebhookIntegrationAuthDataAuthentication configuration for the webhook
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
WebhookIntegrationAuthData
Union, One Of:WebhookProviderAccount
The name of the provider account.
π WebhookIntegrationList of integrations that are associated with the provider account.
WeightBasedLoadBalancing
π LoadBalanceTargetList of targets for load balancing with weights
WeightBasedLoadBalancingRule
Unique identifier for the rule
WorkbenchImage
The image URI. Specify the name of the image and the tag. If the image is in Dockerhub, you can skip registry-url (for e.g.
tensorflow/tensorflow). You can use an image from a private registry using Advanced fieldsThe build script to run when building the image. This will be executed as the last step in the docker build process as the root user (RUN DEBIAN_FRONTEND=noninteractive bash -ex build_script.sh)
FQN of the container registry. If you canβt find your registry here, add it through the Integrations page
WorkerConfig
π WorkerConfigInputConfigInput Config
π WorkerConfigOutputConfigOutput Config
Number of concurrent workers to spawn for the processor
WorkerConfigInputConfig
Union, One Of:WorkerConfigOutputConfig
Union, One Of:- π SqsOutputConfig
- π NatsOutputConfig
- π CoreNatsOutputConfig
- π KafkaOutputConfig
- π AmqpOutputConfig
Workflow
Name of the workflow
π WorkflowSourceSource Code for the workflow, either local or remote
Path to the workflow file relative to the project root path
π WorkflowFlyteEntitiesItemFlyte Entities
π WorkflowAlertAlerts
WorkflowAlert
Send an alert when the job completes
Send an alert when the job fails
WorkflowFlyteEntitiesItem
Union, One Of:WorkflowSource
Union, One Of:Workspace
WorkspaceManifest
Cluster FQN
Name - 3 to 32 lower case characters long alphanumeric word, may contain - in between, cannot start with a number
Tag the environment like dev, staging or production. You will need to create environments if you donβt have already.
π CollaboratorCollaborators
π PermissionsPermissions
WorkspacesDeleteResponse
Destroyed the workspace
XaiKeyAuth
The API key for xAI authentication
XaiModel
A descriptive name to identify this model integration in the UI
The xAI model identifier (e.g., grok-4-1-fast-reasoning, grok-4-1-fast-non-reasoning, grok-4). This is the model name from xAIβs model catalog.
π ModelTypeSpecify the type of the xAI model
List of subjects that are authorized to access this integration. List of user fqn in format <user_type>:<username>.
XaiProviderAccount
The name of the xAI provider account
List of integrations that are associated with the xAI provider account
π CollaboratorList of users who have access to this provider account
XgBoostFramework
Relative path to the model file in the model version contents
XgBoostModelSchema
Name of the method used for inference
Schema of the input
Schema of the output