com.vmware.vcenter.trusted_infrastructure.trusted_clusters package

Submodules

com.vmware.vcenter.trusted_infrastructure.trusted_clusters.attestation_client module

The com.vmware.vcenter.trusted_infrastructure.trusted_clusters.attestation_client module provides classes for configuring Attestation Services for Trusted Clusters.

class com.vmware.vcenter.trusted_infrastructure.trusted_clusters.attestation_client.Services(config)

Bases: vmware.vapi.bindings.stub.VapiInterface

The Services class manages the Attestation Service instances a Trusted Cluster is configured to use. This class was added in vSphere API 7.0.0.

Parameters

config (vmware.vapi.bindings.stub.StubConfiguration) – Configuration to be used for creating the stub.

class CreateSpec(type=None, service=None, trust_authority_cluster=None)

Bases: vmware.vapi.bindings.struct.VapiStruct

The Services.CreateSpec class contains the data necessary for configuring a registered Attestation Service instance with a cluster in the environment. This class was added in vSphere API 7.0.0.

Tip

The arguments are used to initialize data attributes with the same names.

Parameters

  • type (Services.CreateSpec.SourceType) – Source of truth for the configuration of the Attestation Service. This attribute was added in vSphere API 7.0.0.

  • service (str) – The service’s unique ID. This attribute was added in vSphere API 7.0.0. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.attestation.Service. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.attestation.Service. This attribute is optional and it is only relevant when the value of type is Services.CreateSpec.SourceType.SERVICE.

  • trust_authority_cluster (str) – The attestation cluster’s unique ID. This attribute was added in vSphere API 7.0.0. This attribute is optional and it is only relevant when the value of type is Services.CreateSpec.SourceType.CLUSTER.

class SourceType(string)

Bases: vmware.vapi.bindings.enum.Enum

The Services.CreateSpec.SourceType class specifies the source of truth the Attestation Service will use for its configuration. This enumeration was added in vSphere API 7.0.0.

Note

This class represents an enumerated type in the interface language definition. The class contains class attributes which represent the values in the current version of the enumerated type. Newer versions of the enumerated type may contain new values. To use new values of the enumerated type in communication with a server that supports the newer version of the API, you instantiate this class. See enumerated type description page.

Parameters

string (str) – String value for the SourceType instance.

CLUSTER = SourceType(string='CLUSTER')

The Attestation Service will be configured based on an ID of a whole attestation cluster. This class attribute was added in vSphere API 7.0.0.

SERVICE = SourceType(string='SERVICE')

The Attestation Service will be configured based on an ID of an specific Attestation Service. This class attribute was added in vSphere API 7.0.0.

class FilterSpec(services=None, address=None, group=None, trust_authority_cluster=None)

Bases: vmware.vapi.bindings.struct.VapiStruct

The Services.FilterSpec class contains the data necessary for identifying a Attestation service instance. This class was added in vSphere API 7.0.0.

Tip

The arguments are used to initialize data attributes with the same names.

Parameters

  • services (set of str or None) – A set of IDs by which to filter the services. This attribute was added in vSphere API 7.0.0. When clients pass a value of this class as a parameter, the attribute must contain identifiers for the resource type: com.vmware.vcenter.trusted_infrastructure.attestation.Service. When methods return a value of this class as a return value, the attribute will contain identifiers for the resource type: com.vmware.vcenter.trusted_infrastructure.attestation.Service. If None, the services will not be filtered by ID.

  • address (list of com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress or None) – The service’s address. This attribute was added in vSphere API 7.0.0. If None, the services will not be filtered by address.

  • group (set of str or None) – The group specifies the Key Provider Service instances can accept reports issued by this Attestation Service instance. This attribute was added in vSphere API 7.0.0. If None, the services will not be filtered by group.

  • trust_authority_cluster (set of str or None) – The cluster specifies the Trust Authority Cluster this Attestation Service instance belongs to. This attribute was added in vSphere API 7.0.0. If None, the services will not be filtered by trustAuthorityCluster.

class Info(address=None, trusted_ca=None, group=None, trust_authority_cluster=None)

Bases: vmware.vapi.bindings.struct.VapiStruct

The Services.Info class contains all the stored information about a registered Attestation Service instance that is configured for a cluster. This class was added in vSphere API 7.0.0.

Tip

The arguments are used to initialize data attributes with the same names.

Parameters

  • address (com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress) – The service’s address. This attribute was added in vSphere API 7.0.0.

  • trusted_ca (com.vmware.vcenter.trusted_infrastructure_client.X509CertChain) – The service’s TLS certificate chain. This attribute was added in vSphere API 7.0.0.

  • group (str) – The group determines the Key Provider Service instances can accept reports issued by this Attestation Service instance. This attribute was added in vSphere API 7.0.0.

  • trust_authority_cluster (str) – The cluster specifies the Trust Authority Cluster this Attestation Service belongs to. This attribute was added in vSphere API 7.0.0.

class Summary(service=None, address=None, group=None, trust_authority_cluster=None)

Bases: vmware.vapi.bindings.struct.VapiStruct

The Services.Summary class contains basic information about a registered Attestation Service instance that is configured for a cluster. This class was added in vSphere API 7.0.0.

Tip

The arguments are used to initialize data attributes with the same names.

Parameters

  • service (str) – The service’s unique identifier. This attribute was added in vSphere API 7.0.0. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.attestation.Service. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.attestation.Service.

  • address (com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress) – The service’s address. This attribute was added in vSphere API 7.0.0.

  • group (str) – The group specifies the Key Provider Service instances can accept reports issued by this Attestation Service instance. This attribute was added in vSphere API 7.0.0.

  • trust_authority_cluster (str) – The cluster specifies the Trust Authority Cluster this Attestation Service belongs to. This attribute was added in vSphere API 7.0.0.

create_task(cluster, spec)

Configures the cluster to use a the given registered Attestation Service. This method was added in vSphere API 7.0.0.

Parameters

  • cluster (str) – The ID of the cluster. The parameter must be an identifier for the resource type: ClusterComputeResource.

  • spec (Services.CreateSpec) – Describes the registered instance of the Attestation Service

Return type

class

vmware.vapi.stdlib.client.task.Task

Returns

Task instance

Raise

com.vmware.vapi.std.errors_client.AlreadyExists if the Attestation Service is already configured for this cluster

Raise

com.vmware.vapi.std.errors_client.Error for any other error.

Raise

com.vmware.vapi.std.errors_client.InvalidArgument if the CreateSpec is not valid.

Raise

com.vmware.vapi.std.errors_client.NotFound if the cluster ID is not valid.

Raise

com.vmware.vapi.std.errors_client.UnableToAllocateResource if all the hosts in the cluster do not have VMware vSphere Trust Authority enabled license.

Raise

com.vmware.vapi.std.errors_client.Unauthenticated if the user can not be authenticated.

delete_task(cluster, service)

Removes the Attestation Service instance from the configuration of the given cluster. This method was added in vSphere API 7.0.0.

Parameters

  • cluster (str) – the unique ID of the cluster. The parameter must be an identifier for the resource type: ClusterComputeResource.

  • service (str) – the registered Attestation Service instance unique identifier. The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.attestation.Service.

Raise

com.vmware.vapi.std.errors_client.Error if there is a generic error.

Raise

com.vmware.vapi.std.errors_client.NotFound if the Attestation Service instance or the cluster are not found.

Raise

com.vmware.vapi.std.errors_client.Unauthenticated if the user can not be authenticated.

get(cluster, service)

Returns detailed information about the given registered Attestation Service instance that is configured for the given cluster. This method was added in vSphere API 7.0.0.

Parameters

  • cluster (str) – The ID of the cluster. The parameter must be an identifier for the resource type: ClusterComputeResource.

  • service (str) – The ID of the service. The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.attestation.Service.

Return type

Services.Info

Returns

Detailed information about the specified Attestation Service configured for the given cluster.

Raise

com.vmware.vapi.std.errors_client.Error if there is a generic error.

Raise

com.vmware.vapi.std.errors_client.NotFound if the cluster or the service ID is invalid.

Raise

com.vmware.vapi.std.errors_client.Unauthenticated if the user can not be authenticated.

Raise

com.vmware.vapi.std.errors_client.Unauthorized if you do not have all of the privileges described as follows:

  • Method execution requires TrustedAdmin.ReadTrustedHosts.

  • The resource ClusterComputeResource referenced by the parameter cluster requires System.View.

list(cluster, spec=None)

Returns the basic information about all configured Attestation Service instances used by this cluster. This method was added in vSphere API 7.0.0.

Parameters

  • cluster (str) – The ID of the cluster. The parameter must be an identifier for the resource type: ClusterComputeResource.

  • spec (Services.FilterSpec or None) – Only return services matching the filters. If {\@term.unset} return all services.

Return type

list of Services.Summary

Returns

Basic information about all configured Attestation Service instances used by this cluster.

Raise

com.vmware.vapi.std.errors_client.Error if there is a generic error.

Raise

com.vmware.vapi.std.errors_client.NotFound if the cluster ID is invalid.

Raise

com.vmware.vapi.std.errors_client.Unauthenticated if the user can not be authenticated.

Raise

com.vmware.vapi.std.errors_client.Unauthorized if you do not have all of the privileges described as follows:

  • Method execution requires TrustedAdmin.ReadTrustedHosts.

  • The resource ClusterComputeResource referenced by the parameter cluster requires System.View.

class com.vmware.vcenter.trusted_infrastructure.trusted_clusters.attestation_client.StubFactory(stub_config)

Bases: vmware.vapi.bindings.stub.StubFactoryBase

Initialize StubFactoryBase

Parameters

stub_config (vmware.vapi.bindings.stub.StubConfiguration) – Stub config instance

com.vmware.vcenter.trusted_infrastructure.trusted_clusters.kms_client module

The com.vmware.vcenter.trusted_infrastructure.trusted_clusters.kms_client module provides classes for configuring Key Provider Services for Trusted Clusters.

class com.vmware.vcenter.trusted_infrastructure.trusted_clusters.kms_client.Services(config)

Bases: vmware.vapi.bindings.stub.VapiInterface

The Services class manages the Key Provider Service instances a Trusted Cluster is configured to use. This class was added in vSphere API 7.0.0.

Parameters

config (vmware.vapi.bindings.stub.StubConfiguration) – Configuration to be used for creating the stub.

class CreateSpec(type=None, service=None, trust_authority_cluster=None)

Bases: vmware.vapi.bindings.struct.VapiStruct

The Services.CreateSpec class contains the data necessary for configuring a registered Key Provider Service instance with a cluster in the environment. This class was added in vSphere API 7.0.0.

Tip

The arguments are used to initialize data attributes with the same names.

Parameters

  • type (Services.CreateSpec.SourceType) – Source of truth for the configuration of the Key Provider Service. This attribute was added in vSphere API 7.0.0.

  • service (str) – The service’s unique ID. This attribute was added in vSphere API 7.0.0. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.kms.Service. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.kms.Service. This attribute is optional and it is only relevant when the value of type is Services.CreateSpec.SourceType.SERVICE.

  • trust_authority_cluster (str) – The attestation cluster’s unique ID. This attribute was added in vSphere API 7.0.0. This attribute is optional and it is only relevant when the value of type is Services.CreateSpec.SourceType.CLUSTER.

class SourceType(string)

Bases: vmware.vapi.bindings.enum.Enum

The Services.CreateSpec.SourceType class specifies source of truth the Key Provider Service will use for its configuration. This enumeration was added in vSphere API 7.0.0.

Note

This class represents an enumerated type in the interface language definition. The class contains class attributes which represent the values in the current version of the enumerated type. Newer versions of the enumerated type may contain new values. To use new values of the enumerated type in communication with a server that supports the newer version of the API, you instantiate this class. See enumerated type description page.

Parameters

string (str) – String value for the SourceType instance.

CLUSTER = SourceType(string='CLUSTER')

The Key Provider Service will be configured based on an ID of a whole attestation cluster. This class attribute was added in vSphere API 7.0.0.

SERVICE = SourceType(string='SERVICE')

The Key Provider Service will be configured based on an ID of an specific Key Provider Service. This class attribute was added in vSphere API 7.0.0.

class FilterSpec(services=None, address=None, group=None, trust_authority_cluster=None)

Bases: vmware.vapi.bindings.struct.VapiStruct

The Services.FilterSpec class contains the data necessary for identifying a Key Provider service instance. This class was added in vSphere API 7.0.0.

Tip

The arguments are used to initialize data attributes with the same names.

Parameters

  • services (set of str or None) – A set of IDs by which to filter the services. This attribute was added in vSphere API 7.0.0. When clients pass a value of this class as a parameter, the attribute must contain identifiers for the resource type: com.vmware.vcenter.trusted_infrastructure.kms.Service. When methods return a value of this class as a return value, the attribute will contain identifiers for the resource type: com.vmware.vcenter.trusted_infrastructure.kms.Service. If None, the services will not be filtered by ID.

  • address (list of com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress or None) – The service’s address. This attribute was added in vSphere API 7.0.0. If None, the services will not be filtered by address.

  • group (set of str or None) – The group determines the Attestation Service instances this Key Provider Service can accept reports from. This attribute was added in vSphere API 7.0.0. If None, the services will not be filtered by group.

  • trust_authority_cluster (set of str or None) – The cluster specifies the Trust Authority Cluster this Key Provider Service instance belongs to. This attribute was added in vSphere API 7.0.0. If None, the services will not be filtered by trustAuthorityCluster.

class Info(address=None, trusted_ca=None, group=None, trust_authority_cluster=None)

Bases: vmware.vapi.bindings.struct.VapiStruct

The Services.Info class contains all the stored information about a registered Key Provider Service instance that is configured for a cluster. This class was added in vSphere API 7.0.0.

Tip

The arguments are used to initialize data attributes with the same names.

Parameters

  • address (com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress) – The service’s address. This attribute was added in vSphere API 7.0.0.

  • trusted_ca (com.vmware.vcenter.trusted_infrastructure_client.X509CertChain) – The service’s TLS certificate chain. This attribute was added in vSphere API 7.0.0.

  • group (str) – The group determines the Attestation Service instances this Key Provider Service can accept reports from. This attribute was added in vSphere API 7.0.0.

  • trust_authority_cluster (str) – The cluster specifies the Trust Authority Cluster this Key Provider Service belongs to. This attribute was added in vSphere API 7.0.0.

class Summary(service=None, address=None, group=None, trust_authority_cluster=None)

Bases: vmware.vapi.bindings.struct.VapiStruct

The Services.Summary class contains basic information about a registered Key Provider Service instance that is configured for a cluster. This class was added in vSphere API 7.0.0.

Tip

The arguments are used to initialize data attributes with the same names.

Parameters

  • service (str) – The service’s unique identifier. This attribute was added in vSphere API 7.0.0. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.kms.Service. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.kms.Service.

  • address (com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress) – The service’s address. This attribute was added in vSphere API 7.0.0.

  • group (str) – The group determines the Attestation Service instances this Key Provider Service can accept reports from. This attribute was added in vSphere API 7.0.0.

  • trust_authority_cluster (str) – The cluster specifies the Trust Authority Cluster this Key Provider Service belongs to. This attribute was added in vSphere API 7.0.0.

create_task(cluster, spec)

Configures the cluster to use a the given registered Key Provider Service. This method was added in vSphere API 7.0.0.

Parameters

  • cluster (str) – The ID of the cluster. The parameter must be an identifier for the resource type: ClusterComputeResource.

  • spec (Services.CreateSpec) – Describes the registered instance of the Key Provider Service

Return type

class

vmware.vapi.stdlib.client.task.Task

Returns

Task instance

Raise

com.vmware.vapi.std.errors_client.AlreadyExists if the Key Provider Service is already configured for this cluster

Raise

com.vmware.vapi.std.errors_client.Error for any other error.

Raise

com.vmware.vapi.std.errors_client.InvalidArgument if the CreateSpec is not valid.

Raise

com.vmware.vapi.std.errors_client.NotFound if the cluster ID is not valid.

Raise

com.vmware.vapi.std.errors_client.UnableToAllocateResource if all the hosts in the cluster do not have VMware vSphere Trust Authority enabled license.

Raise

com.vmware.vapi.std.errors_client.Unauthenticated if the user can not be authenticated.

delete_task(cluster, service)

Removes the Key Provider Service instance from the configuration of the given cluster. This method was added in vSphere API 7.0.0.

Parameters

  • cluster (str) – the unique ID of the cluster. The parameter must be an identifier for the resource type: ClusterComputeResource.

  • service (str) – the registered Key Provider Service instance unique identifier. The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.kms.Service.

Raise

com.vmware.vapi.std.errors_client.Error if there is a generic error.

Raise

com.vmware.vapi.std.errors_client.NotFound if the Key Provider Service instance or the cluster are not found.

Raise

com.vmware.vapi.std.errors_client.Unauthenticated if the user can not be authenticated.

get(cluster, service)

Returns detailed information about the given Key Provider Service instance used by the given cluster. This method was added in vSphere API 7.0.0.

Parameters

  • cluster (str) – The ID of the cluster. The parameter must be an identifier for the resource type: ClusterComputeResource.

  • service (str) – The ID of the service. The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.kms.Service.

Return type

Services.Info

Returns

Detailed information about the given Key Provider Service instance used by the given cluster.

Raise

com.vmware.vapi.std.errors_client.Error if there is a generic error.

Raise

com.vmware.vapi.std.errors_client.NotFound if the cluster or the service ID is invalid.

Raise

com.vmware.vapi.std.errors_client.Unauthenticated if the user can not be authenticated.

Raise

com.vmware.vapi.std.errors_client.Unauthorized if you do not have all of the privileges described as follows:

  • Method execution requires TrustedAdmin.ReadTrustedHosts.

  • The resource ClusterComputeResource referenced by the parameter cluster requires System.View.

list(cluster, spec=None)

Returns basic information about all configured Key Provider Service instances used by this cluster. This method was added in vSphere API 7.0.0.

Parameters

  • cluster (str) – The ID of the cluster. The parameter must be an identifier for the resource type: ClusterComputeResource.

  • spec (Services.FilterSpec or None) – Only return services matching the filters. If {\@term.unset} return all services.

Return type

list of Services.Summary

Returns

basic information about all configured Key Provider Service instances used by this cluster

Raise

com.vmware.vapi.std.errors_client.Error if there is a generic error.

Raise

com.vmware.vapi.std.errors_client.NotFound if the cluster ID is invalid.

Raise

com.vmware.vapi.std.errors_client.Unauthenticated if the user can not be authenticated.

Raise

com.vmware.vapi.std.errors_client.Unauthorized if you do not have all of the privileges described as follows:

  • Method execution requires TrustedAdmin.ReadTrustedHosts.

  • The resource ClusterComputeResource referenced by the parameter cluster requires System.View.

class com.vmware.vcenter.trusted_infrastructure.trusted_clusters.kms_client.StubFactory(stub_config)

Bases: vmware.vapi.bindings.stub.StubFactoryBase

Initialize StubFactoryBase

Parameters

stub_config (vmware.vapi.bindings.stub.StubConfiguration) – Stub config instance