com.vmware.vcenter.trusted_infrastructure.trusted_clusters package¶
Submodules¶
com.vmware.vcenter.trusted_infrastructure.trusted_clusters.attestation_client module¶
The
com.vmware.vcenter.trusted_infrastructure.trusted_clusters.attestation_client
module provides classes for configuring Attestation Services for Trusted
Clusters.
-
class
com.vmware.vcenter.trusted_infrastructure.trusted_clusters.attestation_client.
Services
(config)¶ Bases:
vmware.vapi.bindings.stub.VapiInterface
The
Services
class manages the Attestation Service instances a Trusted Cluster is configured to use. This class was added in vSphere API 7.0.0.0.- Parameters
config (
vmware.vapi.bindings.stub.StubConfiguration
) – Configuration to be used for creating the stub.
-
class
CreateSpec
(type=None, service=None, trust_authority_cluster=None)¶ Bases:
vmware.vapi.bindings.struct.VapiStruct
The
Services.CreateSpec
class contains the data necessary for configuring a registered Attestation Service instance with a cluster in the environment. This class was added in vSphere API 7.0.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
type (
Services.CreateSpec.SourceType
) – Source of truth for the configuration of the Attestation Service. This attribute was added in vSphere API 7.0.0.0.service (
str
) – The service’s unique ID. This attribute was added in vSphere API 7.0.0.0. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.attestation.Service
. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.attestation.Service
. This attribute is optional and it is only relevant when the value oftype
isServices.CreateSpec.SourceType.SERVICE
.trust_authority_cluster (
str
) – The attestation cluster’s unique ID. This attribute was added in vSphere API 7.0.0.0. This attribute is optional and it is only relevant when the value oftype
isServices.CreateSpec.SourceType.CLUSTER
.
-
class
SourceType
(string)¶ Bases:
vmware.vapi.bindings.enum.Enum
The
Services.CreateSpec.SourceType
class specifies the source of truth the Attestation Service will use for its configuration. This enumeration was added in vSphere API 7.0.0.0.Note
This class represents an enumerated type in the interface language definition. The class contains class attributes which represent the values in the current version of the enumerated type. Newer versions of the enumerated type may contain new values. To use new values of the enumerated type in communication with a server that supports the newer version of the API, you instantiate this class. See enumerated type description page.
- Parameters
string (
str
) – String value for theSourceType
instance.
-
CLUSTER
= SourceType(string='CLUSTER')¶ The Attestation Service will be configured based on an ID of a whole attestation cluster. This class attribute was added in vSphere API 7.0.0.0.
-
SERVICE
= SourceType(string='SERVICE')¶ The Attestation Service will be configured based on an ID of an specific Attestation Service. This class attribute was added in vSphere API 7.0.0.0.
-
class
FilterSpec
(services=None, address=None, group=None, trust_authority_cluster=None)¶ Bases:
vmware.vapi.bindings.struct.VapiStruct
The
Services.FilterSpec
class contains the data necessary for identifying a Attestation service instance. This class was added in vSphere API 7.0.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
services (
set
ofstr
orNone
) – A set of IDs by which to filter the services. This attribute was added in vSphere API 7.0.0.0. When clients pass a value of this class as a parameter, the attribute must contain identifiers for the resource type:com.vmware.vcenter.trusted_infrastructure.attestation.Service
. When methods return a value of this class as a return value, the attribute will contain identifiers for the resource type:com.vmware.vcenter.trusted_infrastructure.attestation.Service
. If None, the services will not be filtered by ID.address (
list
ofcom.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
orNone
) – The service’s address. This attribute was added in vSphere API 7.0.0.0. If None, the services will not be filtered by address.group (
set
ofstr
orNone
) – The group specifies the Key Provider Service instances can accept reports issued by this Attestation Service instance. This attribute was added in vSphere API 7.0.0.0. If None, the services will not be filtered by group.trust_authority_cluster (
set
ofstr
orNone
) – The cluster specifies the Trust Authority Cluster this Attestation Service instance belongs to. This attribute was added in vSphere API 7.0.0.0. If None, the services will not be filtered by trustAuthorityCluster.
-
class
Info
(address=None, trusted_ca=None, group=None, trust_authority_cluster=None)¶ Bases:
vmware.vapi.bindings.struct.VapiStruct
The
Services.Info
class contains all the stored information about a registered Attestation Service instance that is configured for a cluster. This class was added in vSphere API 7.0.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
address (
com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
) – The service’s address. This attribute was added in vSphere API 7.0.0.0.trusted_ca (
com.vmware.vcenter.trusted_infrastructure_client.X509CertChain
) – The service’s TLS certificate chain. This attribute was added in vSphere API 7.0.0.0.group (
str
) – The group determines the Key Provider Service instances can accept reports issued by this Attestation Service instance. This attribute was added in vSphere API 7.0.0.0.trust_authority_cluster (
str
) – The cluster specifies the Trust Authority Cluster this Attestation Service belongs to. This attribute was added in vSphere API 7.0.0.0.
-
class
Summary
(service=None, address=None, group=None, trust_authority_cluster=None)¶ Bases:
vmware.vapi.bindings.struct.VapiStruct
The
Services.Summary
class contains basic information about a registered Attestation Service instance that is configured for a cluster. This class was added in vSphere API 7.0.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
service (
str
) – The service’s unique identifier. This attribute was added in vSphere API 7.0.0.0. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.attestation.Service
. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.attestation.Service
.address (
com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
) – The service’s address. This attribute was added in vSphere API 7.0.0.0.group (
str
) – The group specifies the Key Provider Service instances can accept reports issued by this Attestation Service instance. This attribute was added in vSphere API 7.0.0.0.trust_authority_cluster (
str
) – The cluster specifies the Trust Authority Cluster this Attestation Service belongs to. This attribute was added in vSphere API 7.0.0.0.
-
create_task
(cluster, spec)¶ Configures the cluster to use a the given registered Attestation Service. This method was added in vSphere API 7.0.0.0.
- Parameters
cluster (
str
) – The ID of the cluster. The parameter must be an identifier for the resource type:ClusterComputeResource
.spec (
Services.CreateSpec
) – Describes the registered instance of the Attestation Service
- Return type
- class
vmware.vapi.stdlib.client.task.Task
- Returns
Task instance
- Raise
com.vmware.vapi.std.errors_client.AlreadyExists
if the Attestation Service is already configured for this cluster- Raise
com.vmware.vapi.std.errors_client.Error
for any other error.- Raise
com.vmware.vapi.std.errors_client.InvalidArgument
if the CreateSpec is not valid.- Raise
com.vmware.vapi.std.errors_client.NotFound
if the cluster ID is not valid.- Raise
com.vmware.vapi.std.errors_client.UnableToAllocateResource
if all the hosts in the cluster do not have VMware vSphere Trust Authority enabled license.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the user can not be authenticated.
-
delete_task
(cluster, service)¶ Removes the Attestation Service instance from the configuration of the given cluster. This method was added in vSphere API 7.0.0.0.
- Parameters
cluster (
str
) – the unique ID of the cluster. The parameter must be an identifier for the resource type:ClusterComputeResource
.service (
str
) – the registered Attestation Service instance unique identifier. The parameter must be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.attestation.Service
.
- Raise
com.vmware.vapi.std.errors_client.Error
if there is a generic error.- Raise
com.vmware.vapi.std.errors_client.NotFound
if the Attestation Service instance or the cluster are not found.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the user can not be authenticated.
-
get
(cluster, service)¶ Returns detailed information about the given registered Attestation Service instance that is configured for the given cluster. This method was added in vSphere API 7.0.0.0.
- Parameters
cluster (
str
) – The ID of the cluster. The parameter must be an identifier for the resource type:ClusterComputeResource
.service (
str
) – The ID of the service. The parameter must be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.attestation.Service
.
- Return type
- Returns
Detailed information about the specified Attestation Service configured for the given cluster.
- Raise
com.vmware.vapi.std.errors_client.Error
if there is a generic error.- Raise
com.vmware.vapi.std.errors_client.NotFound
if the cluster or the service ID is invalid.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the user can not be authenticated.- Raise
com.vmware.vapi.std.errors_client.Unauthorized
if you do not have all of the privileges described as follows:Method execution requires
TrustedAdmin.ReadTrustedHosts
.The resource
ClusterComputeResource
referenced by the parametercluster
requiresSystem.View
.
-
list
(cluster, spec=None)¶ Returns the basic information about all configured Attestation Service instances used by this cluster. This method was added in vSphere API 7.0.0.0.
- Parameters
cluster (
str
) – The ID of the cluster. The parameter must be an identifier for the resource type:ClusterComputeResource
.spec (
Services.FilterSpec
orNone
) – Only return services matching the filters. If {\@term.unset} return all services.
- Return type
- Returns
Basic information about all configured Attestation Service instances used by this cluster.
- Raise
com.vmware.vapi.std.errors_client.Error
if there is a generic error.- Raise
com.vmware.vapi.std.errors_client.NotFound
if the cluster ID is invalid.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the user can not be authenticated.- Raise
com.vmware.vapi.std.errors_client.Unauthorized
if you do not have all of the privileges described as follows:Method execution requires
TrustedAdmin.ReadTrustedHosts
.The resource
ClusterComputeResource
referenced by the parametercluster
requiresSystem.View
.
-
class
com.vmware.vcenter.trusted_infrastructure.trusted_clusters.attestation_client.
ServicesAppliedConfig
(config)¶ Bases:
vmware.vapi.bindings.stub.VapiInterface
The
ServicesAppliedConfig
class provides information about the aggregate health of the applied Attestation Service configuration on the Trusted Clusters. The desired state of the Attestation Service is stored within vCenter, while the applied configuration is stored on the hosts in the cluster. TheServicesAppliedConfig
class is available for all clusters, not only Trusted Clusters. In such cases empty desired state is assumed, e.g. when an applied Attestation Service configuration is found outside of a Trusted Cluster it is considered anServicesAppliedConfig.Health.ERROR
. TheServicesAppliedConfig
class is able to put the applied Attestation Service configuration into a consistent state when individual host configurations have diverged from the desired state. This class was added in vSphere API 7.0.1.0.- Parameters
config (
vmware.vapi.bindings.stub.StubConfiguration
) – Configuration to be used for creating the stub.
-
class
FilterSpec
(health=None, address=None)¶ Bases:
vmware.vapi.bindings.struct.VapiStruct
The
ServicesAppliedConfig.FilterSpec
class specifies the matching criteria to be applied when filtering outServicesAppliedConfig.Summary
structures from the collection returned by the list method. OnlyServicesAppliedConfig.Summary
structures containing the values specified in this structure will be returned from the list method. If multiple members of the filter spec are set, all of them must match for a result to be filtered out and returned. This class was added in vSphere API 7.0.1.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
health (
set
ofServicesAppliedConfig.Health
orNone
) – The health of the applied Attestation Service configuration. This attribute was added in vSphere API 7.0.1.0. If None, no filtration will be performed by health.address (
list
ofcom.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
orNone
) – The network address of the Attestation Service configured for use in the Trusted Cluster. This attribute was added in vSphere API 7.0.1.0. If None, no filtration will be performed by network address.
-
class
Health
(string)¶ Bases:
vmware.vapi.bindings.enum.Enum
The
ServicesAppliedConfig.Health
class is an indicator for the consistency of the applied Attestation Service configuration in a cluster with respect to the desired state. This enumeration was added in vSphere API 7.0.1.0.Note
This class represents an enumerated type in the interface language definition. The class contains class attributes which represent the values in the current version of the enumerated type. Newer versions of the enumerated type may contain new values. To use new values of the enumerated type in communication with a server that supports the newer version of the API, you instantiate this class. See enumerated type description page.
- Parameters
string (
str
) – String value for theHealth
instance.
-
ERROR
= Health(string='ERROR')¶ The applied Attestation Service configuration has diverged from the desired state. This class attribute was added in vSphere API 7.0.1.0.
-
NONE
= Health(string='NONE')¶ The consistency of the applied configuration is unknown. This class attribute was added in vSphere API 7.0.1.0.
-
OK
= Health(string='OK')¶ The applied Attestation Service configuration is consistent with the desired state. This class attribute was added in vSphere API 7.0.1.0.
-
class
Info
(health=None, address=None, service=None, groups=None, trustedc_as=None, details=None)¶ Bases:
vmware.vapi.bindings.struct.VapiStruct
The
ServicesAppliedConfig.Info
class contains detailed information about an applied Attestation Service configuration in a Trusted cluster. This class was added in vSphere API 7.0.1.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
health (
ServicesAppliedConfig.Health
) – A health value which indicates whether the configuration applied to the cluster differs from the desired state. This attribute was added in vSphere API 7.0.1.0.address (
com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
) – The network address of the Attestation Service configured for use in the Trusted Cluster. This attribute was added in vSphere API 7.0.1.0.service (
str
orNone
) – The unique identifier of an Attestation Service configuration from the desired state. This attribute was added in vSphere API 7.0.1.0. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.attestation.Service
. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.attestation.Service
. If None, this Attestation Service is not registered within this vCenter and thus the applied configuration is not present in the desired state.groups (
set
ofstr
) – The set of distinct groups found on the hosts in the cluster which differ from the desired state. This attribute was added in vSphere API 7.0.1.0.trustedc_as (
list
ofcom.vmware.vcenter.trusted_infrastructure_client.X509CertChain
) – A list of distinct trusted CA chains found on the hosts in the cluster which differ from the desired state. This attribute was added in vSphere API 7.0.1.0.details (
list
ofcom.vmware.vapi.std_client.LocalizableMessage
) – Details regarding the health. When theServicesAppliedConfig.Health
is notServicesAppliedConfig.Health.OK
, this member will provide a detailed description of the issues present. This attribute was added in vSphere API 7.0.1.0.
-
class
Summary
(health=None, address=None, service=None)¶ Bases:
vmware.vapi.bindings.struct.VapiStruct
The
ServicesAppliedConfig.Summary
class contains basic information about the aggregated health status for a service. This class was added in vSphere API 7.0.1.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
health (
ServicesAppliedConfig.Health
) – The health value indicates whether the configuration applied to the cluster differs from the desired state. This attribute was added in vSphere API 7.0.1.0.address (
com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
) – The network address of the Attestation Service configured for use in the Trusted Cluster. This attribute was added in vSphere API 7.0.1.0.service (
str
orNone
) – The unique identifier of an Attestation Service configuration from the desired state. This attribute was added in vSphere API 7.0.1.0. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.attestation.Service
. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.attestation.Service
. If None, this Attestation Service is not registered within this vCenter and thus the applied configuration is not present in the desired state.
-
delete_task
(cluster)¶ Delete the Attestation Service configuration that has been applied to the given cluster. This method has no affect on the desired state, it only removes applied Attestation Service configuration from any Trusted Hosts within the given cluster. This method was added in vSphere API 7.0.1.0.
- Parameters
cluster (
str
) – The ID of the cluster against which the operation will be executed. The parameter must be an identifier for the resource type:ClusterComputeResource
.- Raise
com.vmware.vapi.std.errors_client.Error
if there is a generic error.- Raise
com.vmware.vapi.std.errors_client.InvalidArgument
if the cluster ID is empty.- Raise
com.vmware.vapi.std.errors_client.NotFound
if no cluster corresponding to the given ID is found within this vCenter.- Raise
com.vmware.vapi.std.errors_client.ResourceBusy
if there are ongoing mutating operations.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the caller is not authenticated.
-
get_task
(cluster, address)¶ Returns detailed information about the health of the specified Attestation Service configuration applied to the cluster with respect to the desired state. This method was added in vSphere API 7.0.1.0.
- Parameters
cluster (
str
) – The ID of the cluster against which the operation will be executed. The parameter must be an identifier for the resource type:ClusterComputeResource
.address (
com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
) – The network address of the Attestation Service instance.
- Return type
- class
vmware.vapi.stdlib.client.task.Task
- Returns
Task instance
- Raise
com.vmware.vapi.std.errors_client.Error
if there is a generic error.- Raise
com.vmware.vapi.std.errors_client.InvalidArgument
if the cluster ID is empty.- Raise
com.vmware.vapi.std.errors_client.NotFound
if no cluster corresponding to the given ID is found within this vCenter or if no service corresponding to the given address is found.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the caller is not authenticated.
-
list_task
(cluster, spec=None)¶ Returns basic information about the health of all Attestation Service configurations applied to the cluster with respect to the desired state. This method was added in vSphere API 7.0.1.0.
- Parameters
cluster (
str
) – The ID of the cluster against which the operation will be executed. The parameter must be an identifier for the resource type:ClusterComputeResource
.spec (
ServicesAppliedConfig.FilterSpec
orNone
) – The specification for the subset of results desired to be returned. If {\@term.unset} all results are returned.
- Return type
- class
vmware.vapi.stdlib.client.task.Task
- Returns
Task instance
- Raise
com.vmware.vapi.std.errors_client.Error
if there is a generic error.- Raise
com.vmware.vapi.std.errors_client.InvalidArgument
if the cluster ID is empty.- Raise
com.vmware.vapi.std.errors_client.NotFound
if no cluster corresponding to the given ID is found within this vCenter.- Raise
com.vmware.vapi.std.errors_client.ResourceBusy
if there are ongoing mutating operations.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the caller is not authenticated.
-
update_task
(cluster)¶ Update the applied Attestation Service configuration on the given Trusted Cluster to be consistent with the desired state. This method has no affect on the desired state, apart from it being used as a reference point for the remediation. This method was added in vSphere API 7.0.1.0.
- Parameters
cluster (
str
) – The ID of the Trusted Cluster against which the operation will be executed. The parameter must be an identifier for the resource type:ClusterComputeResource
.- Raise
com.vmware.vapi.std.errors_client.Error
if there is a generic error.- Raise
com.vmware.vapi.std.errors_client.InvalidArgument
if the cluster ID is empty- Raise
com.vmware.vapi.std.errors_client.NotFound
if no cluster corresponding to the given ID is found within this vCenter.- Raise
com.vmware.vapi.std.errors_client.ResourceBusy
if there are ongoing mutating operations.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the caller is not authenticated.
-
class
com.vmware.vcenter.trusted_infrastructure.trusted_clusters.attestation_client.
StubFactory
(stub_config)¶ Bases:
vmware.vapi.bindings.stub.StubFactoryBase
Initialize StubFactoryBase
- Parameters
stub_config (
vmware.vapi.bindings.stub.StubConfiguration
) – Stub config instance
com.vmware.vcenter.trusted_infrastructure.trusted_clusters.kms_client module¶
The com.vmware.vcenter.trusted_infrastructure.trusted_clusters.kms_client
module provides classes for configuring Key Provider Services for Trusted
Clusters.
-
class
com.vmware.vcenter.trusted_infrastructure.trusted_clusters.kms_client.
Services
(config)¶ Bases:
vmware.vapi.bindings.stub.VapiInterface
The
Services
class manages the Key Provider Service instances a Trusted Cluster is configured to use. This class was added in vSphere API 7.0.0.0.- Parameters
config (
vmware.vapi.bindings.stub.StubConfiguration
) – Configuration to be used for creating the stub.
-
class
CreateSpec
(type=None, service=None, trust_authority_cluster=None)¶ Bases:
vmware.vapi.bindings.struct.VapiStruct
The
Services.CreateSpec
class contains the data necessary for configuring a registered Key Provider Service instance with a cluster in the environment. This class was added in vSphere API 7.0.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
type (
Services.CreateSpec.SourceType
) – Source of truth for the configuration of the Key Provider Service. This attribute was added in vSphere API 7.0.0.0.service (
str
) – The service’s unique ID. This attribute was added in vSphere API 7.0.0.0. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.kms.Service
. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.kms.Service
. This attribute is optional and it is only relevant when the value oftype
isServices.CreateSpec.SourceType.SERVICE
.trust_authority_cluster (
str
) – The attestation cluster’s unique ID. This attribute was added in vSphere API 7.0.0.0. This attribute is optional and it is only relevant when the value oftype
isServices.CreateSpec.SourceType.CLUSTER
.
-
class
SourceType
(string)¶ Bases:
vmware.vapi.bindings.enum.Enum
The
Services.CreateSpec.SourceType
class specifies source of truth the Key Provider Service will use for its configuration. This enumeration was added in vSphere API 7.0.0.0.Note
This class represents an enumerated type in the interface language definition. The class contains class attributes which represent the values in the current version of the enumerated type. Newer versions of the enumerated type may contain new values. To use new values of the enumerated type in communication with a server that supports the newer version of the API, you instantiate this class. See enumerated type description page.
- Parameters
string (
str
) – String value for theSourceType
instance.
-
CLUSTER
= SourceType(string='CLUSTER')¶ The Key Provider Service will be configured based on an ID of a whole attestation cluster. This class attribute was added in vSphere API 7.0.0.0.
-
SERVICE
= SourceType(string='SERVICE')¶ The Key Provider Service will be configured based on an ID of an specific Key Provider Service. This class attribute was added in vSphere API 7.0.0.0.
-
class
FilterSpec
(services=None, address=None, group=None, trust_authority_cluster=None)¶ Bases:
vmware.vapi.bindings.struct.VapiStruct
The
Services.FilterSpec
class contains the data necessary for identifying a Key Provider service instance. This class was added in vSphere API 7.0.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
services (
set
ofstr
orNone
) – A set of IDs by which to filter the services. This attribute was added in vSphere API 7.0.0.0. When clients pass a value of this class as a parameter, the attribute must contain identifiers for the resource type:com.vmware.vcenter.trusted_infrastructure.kms.Service
. When methods return a value of this class as a return value, the attribute will contain identifiers for the resource type:com.vmware.vcenter.trusted_infrastructure.kms.Service
. If None, the services will not be filtered by ID.address (
list
ofcom.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
orNone
) – The service’s address. This attribute was added in vSphere API 7.0.0.0. If None, the services will not be filtered by address.group (
set
ofstr
orNone
) – The group determines the Attestation Service instances this Key Provider Service can accept reports from. This attribute was added in vSphere API 7.0.0.0. If None, the services will not be filtered by group.trust_authority_cluster (
set
ofstr
orNone
) – The cluster specifies the Trust Authority Cluster this Key Provider Service instance belongs to. This attribute was added in vSphere API 7.0.0.0. If None, the services will not be filtered by trustAuthorityCluster.
-
class
Info
(address=None, trusted_ca=None, group=None, trust_authority_cluster=None)¶ Bases:
vmware.vapi.bindings.struct.VapiStruct
The
Services.Info
class contains all the stored information about a registered Key Provider Service instance that is configured for a cluster. This class was added in vSphere API 7.0.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
address (
com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
) – The service’s address. This attribute was added in vSphere API 7.0.0.0.trusted_ca (
com.vmware.vcenter.trusted_infrastructure_client.X509CertChain
) – The service’s TLS certificate chain. This attribute was added in vSphere API 7.0.0.0.group (
str
) – The group determines the Attestation Service instances this Key Provider Service can accept reports from. This attribute was added in vSphere API 7.0.0.0.trust_authority_cluster (
str
) – The cluster specifies the Trust Authority Cluster this Key Provider Service belongs to. This attribute was added in vSphere API 7.0.0.0.
-
class
Summary
(service=None, address=None, group=None, trust_authority_cluster=None)¶ Bases:
vmware.vapi.bindings.struct.VapiStruct
The
Services.Summary
class contains basic information about a registered Key Provider Service instance that is configured for a cluster. This class was added in vSphere API 7.0.0.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
service (
str
) – The service’s unique identifier. This attribute was added in vSphere API 7.0.0.0. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.kms.Service
. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.kms.Service
.address (
com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
) – The service’s address. This attribute was added in vSphere API 7.0.0.0.group (
str
) – The group determines the Attestation Service instances this Key Provider Service can accept reports from. This attribute was added in vSphere API 7.0.0.0.trust_authority_cluster (
str
) – The cluster specifies the Trust Authority Cluster this Key Provider Service belongs to. This attribute was added in vSphere API 7.0.0.0.
-
create_task
(cluster, spec)¶ Configures the cluster to use a the given registered Key Provider Service. This method was added in vSphere API 7.0.0.0.
- Parameters
cluster (
str
) – The ID of the cluster. The parameter must be an identifier for the resource type:ClusterComputeResource
.spec (
Services.CreateSpec
) – Describes the registered instance of the Key Provider Service
- Return type
- class
vmware.vapi.stdlib.client.task.Task
- Returns
Task instance
- Raise
com.vmware.vapi.std.errors_client.AlreadyExists
if the Key Provider Service is already configured for this cluster- Raise
com.vmware.vapi.std.errors_client.Error
for any other error.- Raise
com.vmware.vapi.std.errors_client.InvalidArgument
if the CreateSpec is not valid.- Raise
com.vmware.vapi.std.errors_client.NotFound
if the cluster ID is not valid.- Raise
com.vmware.vapi.std.errors_client.UnableToAllocateResource
if all the hosts in the cluster do not have VMware vSphere Trust Authority enabled license.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the user can not be authenticated.
-
delete_task
(cluster, service)¶ Removes the Key Provider Service instance from the configuration of the given cluster. This method was added in vSphere API 7.0.0.0.
- Parameters
cluster (
str
) – the unique ID of the cluster. The parameter must be an identifier for the resource type:ClusterComputeResource
.service (
str
) – the registered Key Provider Service instance unique identifier. The parameter must be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.kms.Service
.
- Raise
com.vmware.vapi.std.errors_client.Error
if there is a generic error.- Raise
com.vmware.vapi.std.errors_client.NotFound
if the Key Provider Service instance or the cluster are not found.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the user can not be authenticated.
-
get
(cluster, service)¶ Returns detailed information about the given Key Provider Service instance used by the given cluster. This method was added in vSphere API 7.0.0.0.
- Parameters
cluster (
str
) – The ID of the cluster. The parameter must be an identifier for the resource type:ClusterComputeResource
.service (
str
) – The ID of the service. The parameter must be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.kms.Service
.
- Return type
- Returns
Detailed information about the given Key Provider Service instance used by the given cluster.
- Raise
com.vmware.vapi.std.errors_client.Error
if there is a generic error.- Raise
com.vmware.vapi.std.errors_client.NotFound
if the cluster or the service ID is invalid.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the user can not be authenticated.- Raise
com.vmware.vapi.std.errors_client.Unauthorized
if you do not have all of the privileges described as follows:Method execution requires
TrustedAdmin.ReadTrustedHosts
.The resource
ClusterComputeResource
referenced by the parametercluster
requiresSystem.View
.
-
list
(cluster, spec=None)¶ Returns basic information about all configured Key Provider Service instances used by this cluster. This method was added in vSphere API 7.0.0.0.
- Parameters
cluster (
str
) – The ID of the cluster. The parameter must be an identifier for the resource type:ClusterComputeResource
.spec (
Services.FilterSpec
orNone
) – Only return services matching the filters. If {\@term.unset} return all services.
- Return type
- Returns
basic information about all configured Key Provider Service instances used by this cluster
- Raise
com.vmware.vapi.std.errors_client.Error
if there is a generic error.- Raise
com.vmware.vapi.std.errors_client.NotFound
if the cluster ID is invalid.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the user can not be authenticated.- Raise
com.vmware.vapi.std.errors_client.Unauthorized
if you do not have all of the privileges described as follows:Method execution requires
TrustedAdmin.ReadTrustedHosts
.The resource
ClusterComputeResource
referenced by the parametercluster
requiresSystem.View
.
-
class
com.vmware.vcenter.trusted_infrastructure.trusted_clusters.kms_client.
ServicesAppliedConfig
(config)¶ Bases:
vmware.vapi.bindings.stub.VapiInterface
The
ServicesAppliedConfig
class provides information about the aggregate health of the applied Key Provider Service configuration on the Trusted Clusters. The desired state of the Key Provider Service is stored within vCenter, while the applied configuration is stored on the hosts in the cluster. TheServicesAppliedConfig
class is available for all clusters, not only Trusted Clusters. In such cases empty desired state is assumed, e.g. when an applied Key Provider Service configuration is found outside of a Trusted Cluster it is considered anServicesAppliedConfig.Health.ERROR
. TheServicesAppliedConfig
class is able to put the applied Key Provider Service configuration into a consistent state when individual host configurations have diverged from the desired state. This class was added in vSphere API 7.0.1.0.- Parameters
config (
vmware.vapi.bindings.stub.StubConfiguration
) – Configuration to be used for creating the stub.
-
class
FilterSpec
(health=None, address=None)¶ Bases:
vmware.vapi.bindings.struct.VapiStruct
The
ServicesAppliedConfig.FilterSpec
class specifies the matching criteria to be applied when filtering outServicesAppliedConfig.Summary
structures from the collection returned by the list method. OnlyServicesAppliedConfig.Summary
structures containing the values specified in this structure will be returned from the list method. If multiple members of the filter spec are set, all of them must match for a result to be filtered out and returned. This class was added in vSphere API 7.0.1.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
health (
set
ofServicesAppliedConfig.Health
orNone
) – The health of the applied Key Provider Service configuration. This attribute was added in vSphere API 7.0.1.0. If None, no filtration will be performed by health.address (
list
ofcom.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
orNone
) – The network address of the Key Provider Service configured for use in the Trusted Cluster. This attribute was added in vSphere API 7.0.1.0. If None, no filtration will be performed by network address.
-
class
Health
(string)¶ Bases:
vmware.vapi.bindings.enum.Enum
The
ServicesAppliedConfig.Health
class is an indicator for the consistency of the applied Key Provider Service configuration in a cluster with respect to the desired state. This enumeration was added in vSphere API 7.0.1.0.Note
This class represents an enumerated type in the interface language definition. The class contains class attributes which represent the values in the current version of the enumerated type. Newer versions of the enumerated type may contain new values. To use new values of the enumerated type in communication with a server that supports the newer version of the API, you instantiate this class. See enumerated type description page.
- Parameters
string (
str
) – String value for theHealth
instance.
-
ERROR
= Health(string='ERROR')¶ The applied Key Provider Service configuration has diverged from the desired state. This class attribute was added in vSphere API 7.0.1.0.
-
NONE
= Health(string='NONE')¶ The consistency of the applied configuration is unknown. This class attribute was added in vSphere API 7.0.1.0.
-
OK
= Health(string='OK')¶ The applied Key Provider Service configuration is consistent with the desired state. This class attribute was added in vSphere API 7.0.1.0.
-
class
Info
(health=None, address=None, service=None, groups=None, trustedc_as=None, details=None)¶ Bases:
vmware.vapi.bindings.struct.VapiStruct
The
ServicesAppliedConfig.Info
class contains detailed information about an applied Key Provider Service configuration in a Trusted cluster. This class was added in vSphere API 7.0.1.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
health (
ServicesAppliedConfig.Health
) – A health value which indicates whether the configuration applied to the cluster differs from the desired state. This attribute was added in vSphere API 7.0.1.0.address (
com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
) – The network address of the Key Provider Service configured for use in the Trusted Cluster. This attribute was added in vSphere API 7.0.1.0.service (
str
orNone
) – The unique identifier of a Key Provider Service configuration from the desired state. This attribute was added in vSphere API 7.0.1.0. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.kms.Service
. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.kms.Service
. If None, this Key Provider Service is not registered within this vCenter and thus the applied configuration is not present in the desired state.groups (
set
ofstr
) – The set of distinct groups found on the hosts in the cluster which differ from the desired state. This attribute was added in vSphere API 7.0.1.0.trustedc_as (
list
ofcom.vmware.vcenter.trusted_infrastructure_client.X509CertChain
) – A list of distinct trusted CA chains found on the hosts in the cluster which differ from the desired state. This attribute was added in vSphere API 7.0.1.0.details (
list
ofcom.vmware.vapi.std_client.LocalizableMessage
) – Details regarding the health. When theServicesAppliedConfig.Health
is notServicesAppliedConfig.Health.OK
, this member will provide a detailed description of the issues present. This attribute was added in vSphere API 7.0.1.0.
-
class
Summary
(health=None, address=None, service=None)¶ Bases:
vmware.vapi.bindings.struct.VapiStruct
The
ServicesAppliedConfig.Summary
class contains basic information about the aggregated health status for a service. This class was added in vSphere API 7.0.1.0.Tip
The arguments are used to initialize data attributes with the same names.
- Parameters
health (
ServicesAppliedConfig.Health
) – The health value indicates whether the configuration applied to the cluster differs from the desired state. This attribute was added in vSphere API 7.0.1.0.address (
com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
) – The network address of the Key Provider Service configured for use in the Trusted Cluster. This attribute was added in vSphere API 7.0.1.0.service (
str
orNone
) – The unique identifier of a Key Provider Service configuration from the desired state. This attribute was added in vSphere API 7.0.1.0. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.kms.Service
. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type:com.vmware.vcenter.trusted_infrastructure.kms.Service
. If None, this Key Provider Service is not registered within this vCenter and thus the applied configuration is not present in the desired state.
-
delete_task
(cluster)¶ Delete the Key Provider Service configuration that has been applied to the given cluster. This method has no affect on the desired state, it only removes applied Key Provider Service configuration from any Trusted Hosts within the given cluster. This method was added in vSphere API 7.0.1.0.
- Parameters
cluster (
str
) – The ID of the cluster against which the operation will be executed. The parameter must be an identifier for the resource type:ClusterComputeResource
.- Raise
com.vmware.vapi.std.errors_client.Error
if there is a generic error.- Raise
com.vmware.vapi.std.errors_client.InvalidArgument
if the cluster ID is empty.- Raise
com.vmware.vapi.std.errors_client.NotFound
if no cluster corresponding to the given ID is found within this vCenter.- Raise
com.vmware.vapi.std.errors_client.ResourceBusy
if there are ongoing mutating operations.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the caller is not authenticated.
-
get_task
(cluster, address)¶ Returns detailed information about the health of the specified Key Provider Service configuration applied to the cluster with respect to the desired state. This method was added in vSphere API 7.0.1.0.
- Parameters
cluster (
str
) – The ID of the cluster against which the operation will be executed. The parameter must be an identifier for the resource type:ClusterComputeResource
.address (
com.vmware.vcenter.trusted_infrastructure_client.NetworkAddress
) – The network address of the Key Provider service instance.
- Return type
- class
vmware.vapi.stdlib.client.task.Task
- Returns
Task instance
- Raise
com.vmware.vapi.std.errors_client.Error
if there is a generic error.- Raise
com.vmware.vapi.std.errors_client.InvalidArgument
if the cluster ID is empty.- Raise
com.vmware.vapi.std.errors_client.NotFound
if no cluster corresponding to the given ID is found within this vCenter or if no service corresponding to the given address is found.- Raise
com.vmware.vapi.std.errors_client.ResourceBusy
if there are ongoing mutating operations.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the caller is not authenticated.
-
list_task
(cluster, spec=None)¶ Returns basic information about the health of all Key Provider Service configurations applied to the cluster with respect to the desired state. This method was added in vSphere API 7.0.1.0.
- Parameters
cluster (
str
) – The ID of the cluster against which the operation will be executed. The parameter must be an identifier for the resource type:ClusterComputeResource
.spec (
ServicesAppliedConfig.FilterSpec
orNone
) – The specification for the subset of results desired to be returned. If {\@term.unset} all results are returned.
- Return type
- class
vmware.vapi.stdlib.client.task.Task
- Returns
Task instance
- Raise
com.vmware.vapi.std.errors_client.Error
if there is a generic error.- Raise
com.vmware.vapi.std.errors_client.InvalidArgument
if the cluster ID is empty.- Raise
com.vmware.vapi.std.errors_client.NotFound
if no cluster corresponding to the given ID is found within this vCenter.- Raise
com.vmware.vapi.std.errors_client.ResourceBusy
if there are ongoing mutating operations.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the caller is not authenticated.
-
update_task
(cluster)¶ Update the applied Key Provider Service configuration on the given Trusted Cluster to be consistent with the desired state. This method has no affect on the desired state, apart from it being used as a reference point for the remediation. This method was added in vSphere API 7.0.1.0.
- Parameters
cluster (
str
) – The ID of the Trusted Cluster against which the operation will be executed. The parameter must be an identifier for the resource type:ClusterComputeResource
.- Raise
com.vmware.vapi.std.errors_client.Error
if there is a generic error.- Raise
com.vmware.vapi.std.errors_client.InvalidArgument
if the cluster ID is empty- Raise
com.vmware.vapi.std.errors_client.NotFound
if no cluster corresponding to the given ID is found within this vCenter.- Raise
com.vmware.vapi.std.errors_client.ResourceBusy
if there are ongoing mutating operations.- Raise
com.vmware.vapi.std.errors_client.Unauthenticated
if the caller is not authenticated.
-
class
com.vmware.vcenter.trusted_infrastructure.trusted_clusters.kms_client.
StubFactory
(stub_config)¶ Bases:
vmware.vapi.bindings.stub.StubFactoryBase
Initialize StubFactoryBase
- Parameters
stub_config (
vmware.vapi.bindings.stub.StubConfiguration
) – Stub config instance