com.vmware.vcenter.trusted_infrastructure package¶
Subpackages¶
- com.vmware.vcenter.trusted_infrastructure.trust_authority_clusters package
- Subpackages
- com.vmware.vcenter.trusted_infrastructure.trust_authority_clusters.attestation package
- com.vmware.vcenter.trusted_infrastructure.trust_authority_clusters.kms package
- Submodules
- com.vmware.vcenter.trusted_infrastructure.trust_authority_clusters.attestation_client module
- com.vmware.vcenter.trusted_infrastructure.trust_authority_clusters.kms_client module
- Subpackages
- com.vmware.vcenter.trusted_infrastructure.trusted_clusters package
Submodules¶
com.vmware.vcenter.trusted_infrastructure.attestation_client module¶
The com.vmware.vcenter.trusted_infrastructure.attestation_client
module
provides classes for configuring Attestation Services for Trusted vCenter.
-
class
com.vmware.vcenter.trusted_infrastructure.attestation_client.
Services
(config)¶ Bases:
vmware.vapi.bindings.stub.VapiInterface
The
Services
class contains information about the registered instances of the Attestation Service in vCenter. This class was added in vSphere API 7.0.0.- Parameters
config (
vmware.vapi.bindings.stub.StubConfiguration
) – Configuration to be used for creating the stub.
-
class
CreateSpec
(address=None, trusted_ca=None, group=None, trust_authority_cluster=None)¶ Bases:
vmware.vapi.bindings.struct.VapiStruct
The
Services.CreateSpec
class contains the data necessary for registering an Attestation Service instance to the environment. This class was added in vSphere API 7.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
address (
com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
) – The service’s address. This attribute was added in vSphere API 7.0.0.trusted_ca (
com.vmware.vcenter.trusted_infrastructure_client.X509CertChain
) – The service’s TLS certificate chain. This attribute was added in vSphere API 7.0.0.group (
str
) – The group specifies the Key Provider Service instances that can accept reports issued by this Attestation Service instance. This attribute was added in vSphere API 7.0.0.trust_authority_cluster (
str
) – The cluster specifies the Trust Authority Cluster this Attestation Service belongs to. This attribute was added in vSphere API 7.0.0.
-
class
FilterSpec
(services=None, address=None, group=None, trust_authority_cluster=None)¶ Bases:
vmware.vapi.bindings.struct.VapiStruct
The
Services.FilterSpec
class contains the data necessary for identifying an Attestation Service instance. This class was added in vSphere API 7.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
services (
set
ofstr
orNone
) – A set of IDs by which to filter the services. This attribute was added in vSphere API 7.0.0. When clients pass a value of this class as a parameter, the attribute must contain identifiers for the resource type:com.vmware.vcenter.trusted_infrastructure.attestation.Service
. When methods return a value of this class as a return value, the attribute will contain identifiers for the resource type:com.vmware.vcenter.trusted_infrastructure.attestation.Service
. If None, the services will not be filtered by ID.address (
list
ofcom.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
orNone
) – A set of address by which to filter. This attribute was added in vSphere API 7.0.0. If None, the services will not be filtered by address.group (
set
ofstr
orNone
) – The group specifies the Key Provider Service instances that can accept reports issued by this Attestation Service instance. This attribute was added in vSphere API 7.0.0. If None, the services will not be filtered by group.trust_authority_cluster (
set
ofstr
orNone
) – The cluster specifies the Trust Authority Cluster this Attestation Service belongs to. This attribute was added in vSphere API 7.0.0. If None, the services will not be filtered by trustAuthorityCluster.
-
class
Info
(address=None, trusted_ca=None, group=None, trust_authority_cluster=None)¶ Bases:
vmware.vapi.bindings.struct.VapiStruct
The
Services.Info
class contains all the stored information about a registered Attestation Service instance. This class was added in vSphere API 7.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
address (
com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
) – The service’s address. This attribute was added in vSphere API 7.0.0.trusted_ca (
com.vmware.vcenter.trusted_infrastructure_client.X509CertChain
) – The service’s TLS certificate chain. This attribute was added in vSphere API 7.0.0.group (
str
) – The group specifies the Key Provider Service instances that can accept reports issued by this Attestation Service instance. This attribute was added in vSphere API 7.0.0.trust_authority_cluster (
str
) – The cluster specifies the Trust Authority Cluster this Attestation Service belongs to. This attribute was added in vSphere API 7.0.0.
-
RESOURCE_TYPE
= 'com.vmware.vcenter.trusted_infrastructure.attestation.Service'¶ The resource type for the Attestation Service instances. This class attribute was added in vSphere API 7.0.0.
-
class
Summary
(service=None, address=None, group=None, trust_authority_cluster=None)¶ Bases:
vmware.vapi.bindings.struct.VapiStruct
The
Services.Summary
class contains basic information about a registered Attestation Service instance. This class was added in vSphere API 7.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
service (
str
) – The service’s unique identifier. This attribute was added in vSphere API 7.0.0. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.attestation.Service
. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.attestation.Service
.address (
com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
) – The service’s address. This attribute was added in vSphere API 7.0.0.group (
str
) – The group specifies the Key Provider Service instances that can accept reports issued by this Attestation Service instance. This attribute was added in vSphere API 7.0.0.trust_authority_cluster (
str
) – The cluster specifies the Trust Authority Cluster this Attestation Service instance belongs to. This attribute was added in vSphere API 7.0.0.
-
create
(spec)¶ Registers a new Attestation Service instance in this vCenter. This method was added in vSphere API 7.0.0.
- Parameters
spec (
Services.CreateSpec
) – The CreateSpec for the new service.- Return type
str
- Returns
ID of the newly registered Attestation Service instance. The return value will be an identifier for the resource type:
com.vmware.vcenter.trusted_infrastructure.attestation.Service
.- Raise
com.vmware.vapi.std.errors_client.AlreadyExists
if there is already a Attestation Service instance with the same Address.- Raise
com.vmware.vapi.std.errors_client.Error
if there is a generic error.- Raise
com.vmware.vapi.std.errors_client.InvalidArgument
if the CreateSpec contains invalid data.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the user can not be authenticated.- Raise
com.vmware.vapi.std.errors_client.Unauthorized
if you do not have all of the privileges described as follows:Method execution requires
TrustedAdmin.ManageTrustedHosts
.
-
delete
(service)¶ Removes a registered Attestation Service instance from this vCenter. This method was added in vSphere API 7.0.0.
- Parameters
service (
str
) – the Attestation Service instance unique identifier. The parameter must be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.attestation.Service
.- Raise
com.vmware.vapi.std.errors_client.Error
if an error occurred while deleting the service.- Raise
com.vmware.vapi.std.errors_client.Error
if there is a generic error.- Raise
com.vmware.vapi.std.errors_client.NotFound
if the Attestation Service instance is not found.- Raise
com.vmware.vapi.std.errors_client.ResourceBusy
if the Attestation Service instance is used by a configuration on a cluster level.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the user can not be authenticated.- Raise
com.vmware.vapi.std.errors_client.Unauthorized
if you do not have all of the privileges described as follows:Method execution requires
TrustedAdmin.ManageTrustedHosts
.
-
get
(service)¶ Returns the detailed information about a registered Attestation Service instance in this vCenter. This method was added in vSphere API 7.0.0.
- Parameters
service (
str
) – the Attestation Service instance unique identifier. The parameter must be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.attestation.Service
.- Return type
- Returns
Detailed information about the specified Attestation Service instance.
- Raise
com.vmware.vapi.std.errors_client.Error
if an error occurred while getting the data.- Raise
com.vmware.vapi.std.errors_client.NotFound
if there is no registered Attestation Service instance with the specified ID.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the user can not be authenticated.- Raise
com.vmware.vapi.std.errors_client.Unauthorized
if you do not have all of the privileges described as follows:Method execution requires
TrustedAdmin.ReadTrustedHosts
.
-
list
(spec=None)¶ Returns detailed information about all registered Attestation Service instances in this vCenter. This method was added in vSphere API 7.0.0.
- Parameters
spec (
Services.FilterSpec
orNone
) – Return only services matching the specified filters. If {\@term.unset} return all services.- Return type
- Returns
Detailed information about all registered Attestation Service instances in this vCenter.
- Raise
com.vmware.vapi.std.errors_client.Error
if an error occurred while getting the data.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the user can not be authenticated.- Raise
com.vmware.vapi.std.errors_client.Unauthorized
if you do not have all of the privileges described as follows:Method execution requires
TrustedAdmin.ReadTrustedHosts
.
-
class
com.vmware.vcenter.trusted_infrastructure.attestation_client.
StubFactory
(stub_config)¶ Bases:
vmware.vapi.bindings.stub.StubFactoryBase
Initialize StubFactoryBase
- Parameters
stub_config (
vmware.vapi.bindings.stub.StubConfiguration
) – Stub config instance
com.vmware.vcenter.trusted_infrastructure.kms_client module¶
The com.vmware.vcenter.trusted_infrastructure.kms_client
module provides
classes for configuring Key Provider Services for Trusted vCenter.
-
class
com.vmware.vcenter.trusted_infrastructure.kms_client.
Services
(config)¶ Bases:
vmware.vapi.bindings.stub.VapiInterface
The
Services
class contains information about the registered instances of the Key Provider Service in vCenter. This class was added in vSphere API 7.0.0.- Parameters
config (
vmware.vapi.bindings.stub.StubConfiguration
) – Configuration to be used for creating the stub.
-
class
CreateSpec
(address=None, trusted_ca=None, group=None, trust_authority_cluster=None)¶ Bases:
vmware.vapi.bindings.struct.VapiStruct
The
Services.CreateSpec
class contains the data necessary for registering a Key Provider Service instance to the environment. This class was added in vSphere API 7.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
address (
com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
) – The service’s address. This attribute was added in vSphere API 7.0.0.trusted_ca (
com.vmware.vcenter.trusted_infrastructure_client.X509CertChain
) – The service’s TLS certificate chain. This attribute was added in vSphere API 7.0.0.group (
str
) – The group determines the Attestation Service instances this Key Provider service can accept reports from. This attribute was added in vSphere API 7.0.0.trust_authority_cluster (
str
) – The cluster specifies the Trust Authority Cluster this Key Provider Service belongs to. This attribute was added in vSphere API 7.0.0.
-
class
FilterSpec
(services=None, address=None, group=None, trust_authority_cluster=None)¶ Bases:
vmware.vapi.bindings.struct.VapiStruct
The
Services.FilterSpec
class contains the data necessary for identifying a Key Provider Service instance. This class was added in vSphere API 7.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
services (
set
ofstr
orNone
) – A set of IDs by which to filter the services. This attribute was added in vSphere API 7.0.0. When clients pass a value of this class as a parameter, the attribute must contain identifiers for the resource type:com.vmware.vcenter.trusted_infrastructure.kms.Service
. When methods return a value of this class as a return value, the attribute will contain identifiers for the resource type:com.vmware.vcenter.trusted_infrastructure.kms.Service
. If None, the services will not be filtered by ID.address (
list
ofcom.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
orNone
) – A set of address by which to filter. This attribute was added in vSphere API 7.0.0. If None, the services will not be filtered by address.group (
set
ofstr
orNone
) – The group determines the Attestation Service instances this Key Provider Service can accept reports from. This attribute was added in vSphere API 7.0.0. If None, the Services will not be filtered by group.trust_authority_cluster (
set
ofstr
orNone
) – The cluster specifies the Trust Authority Cluster this Key Provider Service belongs to. This attribute was added in vSphere API 7.0.0. If None, the Services will not be filtered by trustAuthorityCluster.
-
class
Info
(address=None, trusted_ca=None, group=None, trust_authority_cluster=None)¶ Bases:
vmware.vapi.bindings.struct.VapiStruct
The
Services.Info
class contains all the stored information about a registered Key Provider Service instance. This class was added in vSphere API 7.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
address (
com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
) – The service’s address. This attribute was added in vSphere API 7.0.0.trusted_ca (
com.vmware.vcenter.trusted_infrastructure_client.X509CertChain
) – The service’s TLS certificate chain. This attribute was added in vSphere API 7.0.0.group (
str
) – The group determines the Attestation Service instances this Key Provider Service can accept reports from. This attribute was added in vSphere API 7.0.0.trust_authority_cluster (
str
) – The cluster specifies the Trust Authority Cluster this Key Provider Service belongs to. This attribute was added in vSphere API 7.0.0.
-
RESOURCE_TYPE
= 'com.vmware.vcenter.trusted_infrastructure.kms.Service'¶ The resource type for the Key Provider Service instance. This class attribute was added in vSphere API 7.0.0.
-
class
Summary
(service=None, address=None, group=None, trust_authority_cluster=None)¶ Bases:
vmware.vapi.bindings.struct.VapiStruct
The
Services.Summary
class contains basic information about a registered Key Provider Service instance. This class was added in vSphere API 7.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
service (
str
) – The service’s unique identifier. This attribute was added in vSphere API 7.0.0. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.kms.Service
. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.kms.Service
.address (
com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
) – The service’s address. This attribute was added in vSphere API 7.0.0.group (
str
) – The group determines the Attestation Service instances this Key Provider Service can accept reports from. This attribute was added in vSphere API 7.0.0.trust_authority_cluster (
str
) – The cluster specifies the Trust Authority Cluster this Key Provider service belongs to. This attribute was added in vSphere API 7.0.0.
-
create
(spec)¶ Registers a Key Provider Service instance in this vCenter. This method was added in vSphere API 7.0.0.
- Parameters
spec (
Services.CreateSpec
) – The CreateSpec for the new service.- Return type
str
- Returns
ID of the newly registered Key Provider Service instance. The return value will be an identifier for the resource type:
com.vmware.vcenter.trusted_infrastructure.kms.Service
.- Raise
com.vmware.vapi.std.errors_client.AlreadyExists
if there is already a Key Provider Service instance with the same Address.- Raise
com.vmware.vapi.std.errors_client.Error
if there is a generic error.- Raise
com.vmware.vapi.std.errors_client.InvalidArgument
if the CreateSpec contains invalid data.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the user can not be authenticated.- Raise
com.vmware.vapi.std.errors_client.Unauthorized
if you do not have all of the privileges described as follows:Method execution requires
TrustedAdmin.ManageTrustedHosts
.
-
delete
(service)¶ Removes a currently registered Key Provider Service instance from this vCenter. This method was added in vSphere API 7.0.0.
- Parameters
service (
str
) – the Key Provider Service instance unique identifier. The parameter must be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.kms.Service
.- Raise
com.vmware.vapi.std.errors_client.Error
if an error occurred while deleting the service.- Raise
com.vmware.vapi.std.errors_client.NotFound
if the Key Provider Service instance is not found.- Raise
com.vmware.vapi.std.errors_client.ResourceBusy
if the Key Provider Service instance is used by a configuration on a cluster level.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the user can not be authenticated.- Raise
com.vmware.vapi.std.errors_client.Unauthorized
if you do not have all of the privileges described as follows:Method execution requires
TrustedAdmin.ManageTrustedHosts
.
-
get
(service)¶ Returns the detailed information about a registered Key Provider Service instance in this vCenter. This method was added in vSphere API 7.0.0.
- Parameters
service (
str
) – the Key Provider Service instance unique identifier. The parameter must be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.kms.Service
.- Return type
- Returns
Detailed information about the specified Key Provider Service instance.
- Raise
com.vmware.vapi.std.errors_client.Error
if an error occurred while getting the data.- Raise
com.vmware.vapi.std.errors_client.NotFound
if there is no Key Provider Service instance with the specified ID.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the user can not be authenticated.- Raise
com.vmware.vapi.std.errors_client.Unauthorized
if you do not have all of the privileges described as follows:Method execution requires
TrustedAdmin.ReadTrustedHosts
.
-
list
(spec=None)¶ Returns basic information about all registered Key Provider Service instances in this vCenter. This method was added in vSphere API 7.0.0.
- Parameters
spec (
Services.FilterSpec
orNone
) – Return only services matching the specified filters. If {\@term.unset} return all services.- Return type
- Returns
Basic information about all registered Key Provider Service instances in this vCenter.
- Raise
com.vmware.vapi.std.errors_client.Error
if an error occurred while getting the data.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the user can not be authenticated.- Raise
com.vmware.vapi.std.errors_client.Unauthorized
if you do not have all of the privileges described as follows:Method execution requires
TrustedAdmin.ReadTrustedHosts
.
-
class
com.vmware.vcenter.trusted_infrastructure.kms_client.
StubFactory
(stub_config)¶ Bases:
vmware.vapi.bindings.stub.StubFactoryBase
Initialize StubFactoryBase
- Parameters
stub_config (
vmware.vapi.bindings.stub.StubConfiguration
) – Stub config instance
com.vmware.vcenter.trusted_infrastructure.trust_authority_clusters_client module¶
The
com.vmware.vcenter.trusted_infrastructure.trust_authority_clusters_client
module provides the Trust Authority Components.
Bases:
vmware.vapi.bindings.stub.VapiInterface
The
ConsumerPrincipals
class configures the token policies and STS trust necessary for the workload vCenter to query the trusted services for their status. This class was added in vSphere API 7.0.0.- Parameters
config (
vmware.vapi.bindings.stub.StubConfiguration
) – Configuration to be used for creating the stub.
Bases:
vmware.vapi.bindings.struct.VapiStruct
The
ConsumerPrincipals.CreateSpec
class contains the information necessary to establish trust between a workload vCenter and a Trust Authority Host. This class was added in vSphere API 7.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
certificates (
list
ofcom.vmware.vcenter.trusted_infrastructure_client.X509CertChain
) – The certificates used by the vCenter STS to sign tokens. This attribute was added in vSphere API 7.0.0.issuer_alias (
str
) – A user-friendly alias of the service which created and signed the security token. This attribute was added in vSphere API 7.0.0. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type:com.vmware.esx.authentication.trust.security-token-issuer
. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type:com.vmware.esx.authentication.trust.security-token-issuer
.issuer (
str
) – The service which created and signed the security token. This attribute was added in vSphere API 7.0.0.principal (
com.vmware.vcenter.trusted_infrastructure_client.StsPrincipal
) – The principal used by the vCenter to retrieve tokens. This attribute was added in vSphere API 7.0.0.
Bases:
vmware.vapi.bindings.struct.VapiStruct
The
ConsumerPrincipals.FilterSpec
class contains data which identifies a connection profile on the trusted vCenter. This class was added in vSphere API 7.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
id (
set
ofstr
orNone
) – The unqiue identifier of a connection profile. This attribute was added in vSphere API 7.0.0. When clients pass a value of this class as a parameter, the attribute must contain identifiers for the resource type:com.vmware.esx.authentication.clientprofile
. When methods return a value of this class as a return value, the attribute will contain identifiers for the resource type:com.vmware.esx.authentication.clientprofile
. If None, no filtration will be performed by ID.principals (
list
ofcom.vmware.vcenter.trusted_infrastructure_client.StsPrincipal
orNone
) – The principal used by the vCenter to retrieve tokens. This attribute was added in vSphere API 7.0.0. If None, no filtration will be performed by principals.issuer (
set
ofstr
orNone
) – The service which created and signed the security token. This attribute was added in vSphere API 7.0.0. When clients pass a value of this class as a parameter, the attribute must contain identifiers for the resource type:com.vmware.esx.authentication.trust.security-token-issuer
. When methods return a value of this class as a return value, the attribute will contain identifiers for the resource type:com.vmware.esx.authentication.trust.security-token-issuer
. If None, no filtration will be performed by issuer.
Bases:
vmware.vapi.bindings.enum.Enum
The
ConsumerPrincipals.Health
class defines the possible health states. This enumeration was added in vSphere API 7.0.0.Note
This class represents an enumerated type in the interface language definition. The class contains class attributes which represent the values in the current version of the enumerated type. Newer versions of the enumerated type may contain new values. To use new values of the enumerated type in communication with a server that supports the newer version of the API, you instantiate this class. See enumerated type description page.
- Parameters
string (
str
) – String value for theHealth
instance.
Error. Not healthy. This class attribute was added in vSphere API 7.0.0.
None. No status available. This class attribute was added in vSphere API 7.0.0.
OK. Health is normal. This class attribute was added in vSphere API 7.0.0.
Warning. Health is normal, however there is an issue that requires attention. This class attribute was added in vSphere API 7.0.0.
Bases:
vmware.vapi.bindings.struct.VapiStruct
The
ConsumerPrincipals.Info
class contains the information necessary to establish trust between a workload vCenter and a Trust Authority Host. This class was added in vSphere API 7.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
id (
str
) – The unqiue identifier of a connection profile. This attribute was added in vSphere API 7.0.0. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type:com.vmware.esx.authentication.clientprofile
. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type:com.vmware.esx.authentication.clientprofile
.principal (
com.vmware.vcenter.trusted_infrastructure_client.StsPrincipal
) – The principal used by the vCenter to retrieve tokens. Currently this is the vCenter solution user. This attribute was added in vSphere API 7.0.0.issuer_alias (
str
) – A user-friendly alias of the service which created and signed the security token. This attribute was added in vSphere API 7.0.0. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type:com.vmware.esx.authentication.trust.security-token-issuer
. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type:com.vmware.esx.authentication.trust.security-token-issuer
.issuer (
str
) – The service which created and signed the security token. This attribute was added in vSphere API 7.0.0.certificates (
list
ofcom.vmware.vcenter.trusted_infrastructure_client.X509CertChain
) – The certificates used by the vCenter STS to sign tokens. This attribute was added in vSphere API 7.0.0.health (
ConsumerPrincipals.Health
) – The consistency of the profile across the hosts in the cluster. This attribute was added in vSphere API 7.0.0.message (
com.vmware.vapi.std_client.LocalizableMessage
orNone
) – A localizable message describing the health of the profile. This attribute was added in vSphere API 7.0.0. If None, the certificates won’t be updated.
Bases:
vmware.vapi.bindings.struct.VapiStruct
The
ConsumerPrincipals.Summary
class contains a summary of the information necessary to establish trust between a workload vCenter and a Trust Authority Host. This class was added in vSphere API 7.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
id (
str
) – The unqiue identifier of a connection profile. This attribute was added in vSphere API 7.0.0. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type:com.vmware.esx.authentication.clientprofile
. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type:com.vmware.esx.authentication.clientprofile
.principal (
com.vmware.vcenter.trusted_infrastructure_client.StsPrincipal
) – The principal used by the vCenter to retrieve tokens. Currently this is the vCenter solution user. This attribute was added in vSphere API 7.0.0.issuer_alias (
str
) – A user-friendly alias of the service which created and signed the security token. This attribute was added in vSphere API 7.0.0. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type:com.vmware.esx.authentication.trust.security-token-issuer
. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type:com.vmware.esx.authentication.trust.security-token-issuer
.issuer (
str
) – The service which created and signed the security token. This attribute was added in vSphere API 7.0.0.
Creates a profile with the specified connection information on all hosts from a Trust Authority Cluster. This method was added in vSphere API 7.0.0.
- Parameters
cluster (
str
) – The ID of the Trust Authority Cluster to configure. The parameter must be an identifier for the resource type:ClusterComputeResource
.spec (
ConsumerPrincipals.CreateSpec
) – The CreateSpec specifying the connection information.
- Return type
- class
vmware.vapi.stdlib.client.task.Task
- Returns
Task instance
- Raise
com.vmware.vapi.std.errors_client.AlreadyExists
if a profile for the issuer already exists.- Raise
com.vmware.vapi.std.errors_client.Error
if there is a generic error.- Raise
com.vmware.vapi.std.errors_client.NotFound
if there is no such cluster.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the user can not be authenticated.
Removes the read-only policy configured on ESX for a specific principal. This method was added in vSphere API 7.0.0.
- Parameters
cluster (
str
) – The ID of the Trust Authority Cluster to configure. The parameter must be an identifier for the resource type:ClusterComputeResource
.profile (
str
) – The ID of the connection profile to modify. The parameter must be an identifier for the resource type:com.vmware.esx.authentication.clientprofile
.
- Raise
com.vmware.vapi.std.errors_client.Error
if there is a generic error.- Raise
com.vmware.vapi.std.errors_client.NotFound
if there is no profile configured with that ID.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the user can not be authenticated.
Retrieve information for a specific profile. This method was added in vSphere API 7.0.0.
- Parameters
cluster (
str
) – The ID of the Trust Authority Cluster on which the profile is configured. The parameter must be an identifier for the resource type:ClusterComputeResource
.profile (
str
) – The ID of the profile. The parameter must be an identifier for the resource type:com.vmware.esx.authentication.clientprofile
.
- Return type
- class
vmware.vapi.stdlib.client.task.Task
- Returns
Task instance
- Raise
com.vmware.vapi.std.errors_client.Error
if there is a generic error.- Raise
com.vmware.vapi.std.errors_client.NotFound
if there is no profile configured with that ID.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the user can not be authenticated.
Lists all policies configured on a specific cluster. This method was added in vSphere API 7.0.0.
- Parameters
cluster (
str
) – The ID of the Trust Authority Cluster on which the profile is configured. The parameter must be an identifier for the resource type:ClusterComputeResource
.spec (
ConsumerPrincipals.FilterSpec
orNone
) – A FilterSpec specifying the profiles to be listed. If {\@term.unset} return all policies.
- Return type
- class
vmware.vapi.stdlib.client.task.Task
- Returns
Task instance
- Raise
com.vmware.vapi.std.errors_client.Error
if there is a generic error.- Raise
com.vmware.vapi.std.errors_client.NotFound
if there is no profile configured with that ID.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the user can not be authenticated.
Bases:
vmware.vapi.bindings.stub.StubFactoryBase
Initialize StubFactoryBase
- Parameters
stub_config (
vmware.vapi.bindings.stub.StubConfiguration
) – Stub config instance
com.vmware.vcenter.trusted_infrastructure.trust_authority_hosts_client module¶
The com.vmware.vcenter.trusted_infrastructure.trust_authority_hosts_client
module provides classes that provide information necessary to connect to the
hosts running the Trust Authority Components.
Bases:
vmware.vapi.bindings.stub.VapiInterface
The
Attestation
class contains information necessary to connect to the hosts running Attestation Service. This class was added in vSphere API 7.0.0.- Parameters
config (
vmware.vapi.bindings.stub.StubConfiguration
) – Configuration to be used for creating the stub.
Bases:
vmware.vapi.bindings.struct.VapiStruct
The
Attestation.FilterSpec
class contains the data necessary for identifying a Attestation Service. This class was added in vSphere API 7.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
hosts (
set
ofstr
orNone
) – A set of host IDs by which to filter the services. This attribute was added in vSphere API 7.0.0. When clients pass a value of this class as a parameter, the attribute must contain identifiers for the resource type:HostSystem
. When methods return a value of this class as a return value, the attribute will contain identifiers for the resource type:HostSystem
. If None, the services will not be filtered by the hosts on which they run.clusters (
set
ofstr
orNone
) – A set of cluster IDs by which to filter the services. This attribute was added in vSphere API 7.0.0. When clients pass a value of this class as a parameter, the attribute must contain identifiers for the resource type:ClusterComputeResource
. When methods return a value of this class as a return value, the attribute will contain identifiers for the resource type:ClusterComputeResource
. If None, the services will not be filtered by the clusters on which they run.address (
list
ofcom.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
orNone
) – The service’s address. This attribute was added in vSphere API 7.0.0. If None, the services will not be filtered by address.groups (
set
ofstr
orNone
) – The group IDs determines which Attestation Service instances this Attestation Service can communicate with. This attribute was added in vSphere API 7.0.0. If None, the services will not be filtered by groupId.
Bases:
vmware.vapi.bindings.struct.VapiStruct
The
Attestation.Info
class contains all the stored information about a Attestation Service. This class was added in vSphere API 7.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
host (
str
) – The trusted ESX on which the service runs. This attribute was added in vSphere API 7.0.0. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type:HostSystem
. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type:HostSystem
.address (
com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
) – The service’s address. This attribute was added in vSphere API 7.0.0.group (
str
) – The group ID determines which Attestation Service instances this Attestation Service can communicate with. This attribute was added in vSphere API 7.0.0.cluster (
str
) – The opaque string identifier of the cluster in which the Attestation Service is part of. This attribute was added in vSphere API 7.0.0.trusted_ca (
com.vmware.vcenter.trusted_infrastructure_client.X509CertChain
) – The service’s TLS certificate chain. This attribute was added in vSphere API 7.0.0.
Bases:
vmware.vapi.bindings.struct.VapiStruct
The
Attestation.Summary
class contains all the stored information about a Attestation Service. This class was added in vSphere API 7.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
summary_type (
Attestation.SummaryType
) – Defines the verbosity of the summary. This attribute was added in vSphere API 7.0.0.host (
str
) – The trusted ESX on which the service runs. This attribute was added in vSphere API 7.0.0. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type:HostSystem
. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type:HostSystem
. This attribute is optional and it is only relevant when the value ofsummaryType
is one ofAttestation.SummaryType.BRIEF
,Attestation.SummaryType.NORMAL
, orAttestation.SummaryType.FULL
.address (
com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
) – The service’s address. This attribute was added in vSphere API 7.0.0. This attribute is optional and it is only relevant when the value ofsummaryType
is one ofAttestation.SummaryType.BRIEF
,Attestation.SummaryType.NORMAL
, orAttestation.SummaryType.FULL
.group (
str
) – The group ID determines which Attestation Service instances this Attestation Service can communicate with. This attribute was added in vSphere API 7.0.0. This attribute is optional and it is only relevant when the value ofsummaryType
is one ofAttestation.SummaryType.NORMAL
orAttestation.SummaryType.FULL
.cluster (
str
) – The opaque string identifier of the cluster in which the Attestation Service is part of. This attribute was added in vSphere API 7.0.0. This attribute is optional and it is only relevant when the value ofsummaryType
is one ofAttestation.SummaryType.NORMAL
orAttestation.SummaryType.FULL
.trusted_ca (
com.vmware.vcenter.trusted_infrastructure_client.X509CertChain
) – The service’s TLS certificate chain. This attribute was added in vSphere API 7.0.0. This attribute is optional and it is only relevant when the value ofsummaryType
isAttestation.SummaryType.FULL
.
Bases:
vmware.vapi.bindings.enum.Enum
The connection information could include the certificates or be a shorter summary. This enumeration was added in vSphere API 7.0.0.
Note
This class represents an enumerated type in the interface language definition. The class contains class attributes which represent the values in the current version of the enumerated type. Newer versions of the enumerated type may contain new values. To use new values of the enumerated type in communication with a server that supports the newer version of the API, you instantiate this class. See enumerated type description page.
- Parameters
string (
str
) – String value for theSummaryType
instance.
A brief summary, containing only the hostname for the Attestation Service. This class attribute was added in vSphere API 7.0.0.
The full connection information, including certificates. This class attribute was added in vSphere API 7.0.0.
A summary containing only the hostname, port, and the group ID which determines the Attestation Services this Attestation Service can communicate with. This class attribute was added in vSphere API 7.0.0.
Returns the connection info about the Attestation Service running on the specified host. This method was added in vSphere API 7.0.0.
- Parameters
host (
str
) – \@{link com.vmware.vcenter.Host} id. The parameter must be an identifier for the resource type:HostSystem
.- Return type
- Returns
The
Attestation.Info
instance which contains the information necessary to connect to the Attestation Service.- Raise
com.vmware.vapi.std.errors_client.Error
if service’s TLS certificate chain is not valid.- Raise
com.vmware.vapi.std.errors_client.NotFound
ifhost
doesn’t match to any Host.- Raise
com.vmware.vapi.std.errors_client.ResourceInaccessible
if connection tohost
failed.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the user can not be authenticated.- Raise
com.vmware.vapi.std.errors_client.Unauthorized
if you do not have all of the privileges described as follows:Method execution requires
TrustedAdmin.ReadTrustedHosts
.The resource
HostSystem
referenced by the parameterhost
requiresSystem.View
.
Returns a list of the hosts running a Attestation Service matching the specified
Attestation.FilterSpec
. This method was added in vSphere API 7.0.0.- Parameters
spec (
Attestation.FilterSpec
orNone
) – Return details about Attestation Services matching the filter. If {\@term.unset} return all registered Attestation Services.projection (
Attestation.SummaryType
orNone
) – The type of the returned summary - brief, normal, or full. If {\@term.unset} a normal projection will be used.
- Return type
- Returns
List of
Attestation.Summary
of Attestation Services.- Raise
com.vmware.vapi.std.errors_client.Error
if there is a generic error.- Raise
com.vmware.vapi.std.errors_client.InvalidArgument
if the response data will exceed the message limit.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the user can not be authenticated.- Raise
com.vmware.vapi.std.errors_client.Unauthorized
if you do not have all of the privileges described as follows:Method execution requires
TrustedAdmin.ReadTrustedHosts
.The resource
HostSystem
referenced by the attributeAttestation.FilterSpec.hosts
requiresSystem.View
.The resource
ClusterComputeResource
referenced by the attributeAttestation.FilterSpec.clusters
requiresSystem.View
.
Bases:
vmware.vapi.bindings.stub.VapiInterface
The
Kms
class contains information necessary to connect to the hosts running Key Provider Service. This class was added in vSphere API 7.0.0.- Parameters
config (
vmware.vapi.bindings.stub.StubConfiguration
) – Configuration to be used for creating the stub.
Bases:
vmware.vapi.bindings.struct.VapiStruct
The
Kms.FilterSpec
class contains the data necessary for identifying a Key Provider Service. This class was added in vSphere API 7.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
hosts (
set
ofstr
orNone
) – A set of host IDs by which to filter the services. This attribute was added in vSphere API 7.0.0. When clients pass a value of this class as a parameter, the attribute must contain identifiers for the resource type:HostSystem
. When methods return a value of this class as a return value, the attribute will contain identifiers for the resource type:HostSystem
. If None, the services will not be filtered by the hosts on which they run.clusters (
set
ofstr
orNone
) – A set of cluster IDs by which to filter the services. This attribute was added in vSphere API 7.0.0. When clients pass a value of this class as a parameter, the attribute must contain identifiers for the resource type:ClusterComputeResource
. When methods return a value of this class as a return value, the attribute will contain identifiers for the resource type:ClusterComputeResource
. If None, the services will not be filtered by the clusters on which they run.address (
list
ofcom.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
orNone
) – The service’s address. This attribute was added in vSphere API 7.0.0. If None, the services will not be filtered by address.groups (
set
ofstr
orNone
) – The group determines reports issued by which Attestation Service instances this Key Provider Service can accept. This attribute was added in vSphere API 7.0.0. If None, the services will not be filtered by groupId.
Bases:
vmware.vapi.bindings.struct.VapiStruct
The
Kms.Info
class contains all the stored information about a Key Provider Service. This class was added in vSphere API 7.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
host (
str
) – The trusted ESX on which the service runs. This attribute was added in vSphere API 7.0.0. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type:HostSystem
. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type:HostSystem
.address (
com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
) – The service’s address. This attribute was added in vSphere API 7.0.0.group (
str
) – The group ID determines which Attestation Service instances this Key Provider Service can communicate with. This attribute was added in vSphere API 7.0.0.cluster (
str
) – The opaque string identifier of the cluster in which the Key Provider Service is part of. This attribute was added in vSphere API 7.0.0.trusted_ca (
com.vmware.vcenter.trusted_infrastructure_client.X509CertChain
) – The service’s TLS certificate chain. This attribute was added in vSphere API 7.0.0.
Bases:
vmware.vapi.bindings.struct.VapiStruct
The
Kms.Summary
class contains all the stored information about a Key Provider Service. This class was added in vSphere API 7.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
summary_type (
Kms.SummaryType
) – Defines the verbosity of the summary. This attribute was added in vSphere API 7.0.0.host (
str
) – The trusted ESX on which the service runs. This attribute was added in vSphere API 7.0.0. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type:HostSystem
. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type:HostSystem
. This attribute is optional and it is only relevant when the value ofsummaryType
is one ofKms.SummaryType.BRIEF
,Kms.SummaryType.NORMAL
, orKms.SummaryType.FULL
.address (
com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
) – The service’s address. This attribute was added in vSphere API 7.0.0. This attribute is optional and it is only relevant when the value ofsummaryType
is one ofKms.SummaryType.BRIEF
,Kms.SummaryType.NORMAL
, orKms.SummaryType.FULL
.group (
str
) – The group ID determines which Attestation Service instances this Key Provider Service can communicate with. This attribute was added in vSphere API 7.0.0. This attribute is optional and it is only relevant when the value ofsummaryType
is one ofKms.SummaryType.NORMAL
orKms.SummaryType.FULL
.cluster (
str
) – The opaque string identifier of the cluster in which the Key Provider Service is part of. This attribute was added in vSphere API 7.0.0. This attribute is optional and it is only relevant when the value ofsummaryType
is one ofKms.SummaryType.NORMAL
orKms.SummaryType.FULL
.trusted_ca (
com.vmware.vcenter.trusted_infrastructure_client.X509CertChain
) – The service’s TLS certificate chain. This attribute was added in vSphere API 7.0.0. This attribute is optional and it is only relevant when the value ofsummaryType
isKms.SummaryType.FULL
.
Bases:
vmware.vapi.bindings.enum.Enum
The connection information could include the certificates or be a shorter summary. This enumeration was added in vSphere API 7.0.0.
Note
This class represents an enumerated type in the interface language definition. The class contains class attributes which represent the values in the current version of the enumerated type. Newer versions of the enumerated type may contain new values. To use new values of the enumerated type in communication with a server that supports the newer version of the API, you instantiate this class. See enumerated type description page.
- Parameters
string (
str
) – String value for theSummaryType
instance.
A brief summary, containing only the hostname for the Key Provider Service. This class attribute was added in vSphere API 7.0.0.
The full connection information, including certificates. This class attribute was added in vSphere API 7.0.0.
A summary containing only the hostname, port, and the group which determines the Attestation Services this Key Provider Service can communicate with. This class attribute was added in vSphere API 7.0.0.
Returns the connection info about the Key Provider Service running on the specified host. This method was added in vSphere API 7.0.0.
- Parameters
host (
str
) – \@{link com.vmware.vcenter.Host} id. The parameter must be an identifier for the resource type:HostSystem
.- Return type
- Returns
The
Kms.Info
instance which contains the information necessary to connect to the Key Provider Service.- Raise
com.vmware.vapi.std.errors_client.Error
if service’s TLS certificate chain is not valid.- Raise
com.vmware.vapi.std.errors_client.NotFound
ifhost
doesn’t match to any Host.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the user can not be authenticated.- Raise
com.vmware.vapi.std.errors_client.ResourceInaccessible
if connection tohost
failed.- Raise
com.vmware.vapi.std.errors_client.Unauthorized
if you do not have all of the privileges described as follows:Method execution requires
TrustedAdmin.ReadTrustedHosts
.The resource
HostSystem
referenced by the parameterhost
requiresSystem.View
.
Returns a list of the hosts running a Key Provider Service matching the specified
Kms.FilterSpec
. This method was added in vSphere API 7.0.0.- Parameters
spec (
Kms.FilterSpec
orNone
) – Return details about Key Provider Services matching the filter. If {\@term.unset} return all registered Key Provider Services.projection (
Kms.SummaryType
orNone
) – The type of the returned summary - brief, normal, or full. If {\@term.unset} a normal projection will be used.
- Return type
list
ofKms.Summary
- Returns
List of
Kms.Summary
of Key Provider Services.- Raise
com.vmware.vapi.std.errors_client.Error
if there is a generic error.- Raise
com.vmware.vapi.std.errors_client.InvalidArgument
if the response data will exceed the message limit.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the user can not be authenticated.- Raise
com.vmware.vapi.std.errors_client.Unauthorized
if you do not have all of the privileges described as follows:Method execution requires
TrustedAdmin.ReadTrustedHosts
.The resource
HostSystem
referenced by the attributeKms.FilterSpec.hosts
requiresSystem.View
.The resource
ClusterComputeResource
referenced by the attributeKms.FilterSpec.clusters
requiresSystem.View
.
Bases:
vmware.vapi.bindings.stub.StubFactoryBase
Initialize StubFactoryBase
- Parameters
stub_config (
vmware.vapi.bindings.stub.StubConfiguration
) – Stub config instance