com.vmware.appliance.tls package

Submodules

com.vmware.appliance.tls.manual_parameters_client module

The com.vmware.appliance.tls.manual_parameters_client module provides classes for managing the manual/custom TLS parameters as an alternative for using VMware-provided standard TLS Profiles.

class com.vmware.appliance.tls.manual_parameters_client.Global(config)

Bases: VapiInterface

Global class provides methods APIs to configure manual/custom TLS parameters. This class was added in vSphere API 8.0.3.0.

Parameters:

config (vmware.vapi.bindings.stub.StubConfiguration) – Configuration to be used for creating the stub.

class Info(manual_active=None, spec=None)

Bases: VapiStruct

The Global.Info class contains the information about a profile and its TLS configuration. This class was added in vSphere API 8.0.3.0.

Tip

The arguments are used to initialize data attributes with the same names.

Parameters:

  • manual_active (bool) – Indicates if the current manual TLS parameters are activated for the appliance or standard TLS Profile is used instead of them. This attribute was added in vSphere API 8.0.3.0.

  • spec (Global.SetSpec) – Contains information about the configuration. This attribute was added in vSphere API 8.0.3.0.

class ProtocolVersionInfo(version=None, ciphers=None)

Bases: VapiStruct

The Global.ProtocolVersionInfo class contains the information about the TLS protocol version and its ciphers. This class was added in vSphere API 8.0.3.0.

Tip

The arguments are used to initialize data attributes with the same names.

Parameters:

  • version (str) – Defines the TLS protocol version. This attribute was added in vSphere API 8.0.3.0.

  • ciphers (list of str) – Defines the TLS protocol ciphers in IANA form. This attribute was added in vSphere API 8.0.3.0.

class SetSpec(protocol_versions=None, curves=None, fips_enforced=None)

Bases: VapiStruct

The Global.SetSpec class contains the information about the TLS Profile. This class was added in vSphere API 8.0.3.0.

Tip

The arguments are used to initialize data attributes with the same names.

Parameters:

  • protocol_versions (list of Global.ProtocolVersionInfo) – Defines the list of TLS protocol version and their ciphers. This attribute was added in vSphere API 8.0.3.0.

  • curves (list of str) – Defines the TLS Profile curves in IANA form. This attribute was added in vSphere API 8.0.3.0.

  • fips_enforced (bool) – Indicates if FIPS 140-3 compliance is enforced for the TLS Profile. If FIPS is not enforced, some TLS features that have not been yet FIPS validated can be enabled by some crypto modules. If FIPS is enforced, non FIPS validated TLS features wont be in effect. This attribute was added in vSphere API 8.0.3.0.

get()

Gets the current custom/manual global TLS parameters configured in the appliance. This method was added in vSphere API 8.0.3.0.

Return type:

Global.Info

Returns:

The current protocol version, ciphers, and other TLS parameters.

Raise:

com.vmware.vapi.std.errors_client.Error if there is some unknown internal error. The accompanying error message will give more details about the failure.

Raise:

com.vmware.vapi.std.errors_client.Unauthenticated if the session is not authenticated

Raise:

com.vmware.vapi.std.errors_client.Unauthorized if the user is not authorized. User needs to have operator privileges.

class com.vmware.appliance.tls.manual_parameters_client.StubFactory(stub_config)

Bases: StubFactoryBase

Initialize StubFactoryBase

Parameters:

stub_config (vmware.vapi.bindings.stub.StubConfiguration) – Stub config instance

com.vmware.appliance.tls.profiles_client module

class com.vmware.appliance.tls.profiles_client.Global(config)

Bases: VapiInterface

Global class provides methods APIs to configure standard TLS profile.

This is a profile based management for TLS usage on vCenter and the interface is for managing standard/built-in profiles globally in the appliance.. This class was added in vSphere API 8.0.3.0.

Parameters:

config (vmware.vapi.bindings.stub.StubConfiguration) – Configuration to be used for creating the stub.

class Info(profile=None)

Bases: VapiStruct

The Global.Info class contains the information about the profile name. This class was added in vSphere API 8.0.3.0.

Tip

The arguments are used to initialize data attributes with the same names.

Parameters:

profile (str) – Defines the standard profile name. This attribute was added in vSphere API 8.0.3.0. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type: com.vmware.appliance.tls.profiles. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type: com.vmware.appliance.tls.profiles.

class SetSpec(profile=None)

Bases: VapiStruct

The Global.SetSpec class contains the information about the profile name. This class was added in vSphere API 8.0.3.0.

Tip

The arguments are used to initialize data attributes with the same names.

Parameters:

profile (str) – Defines the standard profile name. This attribute was added in vSphere API 8.0.3.0. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type: com.vmware.appliance.tls.profiles. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type: com.vmware.appliance.tls.profiles.

get()

Gets the name of the current TLS Profile configured globally. This method was added in vSphere API 8.0.3.0.

Return type:

Global.Info

Returns:

the name of the current global TLS Profile.

Raise:

com.vmware.vapi.std.errors_client.Error if there is some unknown internal error. The accompanying error message will give more details about the failure.

Raise:

com.vmware.vapi.std.errors_client.Unauthenticated if the session is not authenticated

Raise:

com.vmware.vapi.std.errors_client.Unauthorized if the user is not authorized. User needs to have operator privileges.

set_task(spec)

Sets any one of the standard profiles globally in the appliance. The result of this operation can be queried by calling the cis/tasks/{task-id} with the task-id in the response of this call. In case of a VCHA enabled cluster, setting a profile expects the VCHA cluster to be healthy and in maintenance or disabled mode before proceeding with the operation. This method was added in vSphere API 8.0.3.0.

Parameters:

spec (Global.SetSpec) – Defines the name of the standard profile to be configured.

Raise:

com.vmware.vapi.std.errors_client.Error if there is some unknown internal error. appropriate error in case of VCHA enabled cluster if VCHA is not healthy or if it is in enabled state. The accompanying error message will give more details about the failure.

Raise:

com.vmware.vapi.std.errors_client.Unauthenticated if the session is not authenticated.

Raise:

com.vmware.vapi.std.errors_client.Unauthorized if the user is not authorized. User needs to have superAdministrator privileges to perform this operation.

class com.vmware.appliance.tls.profiles_client.StubFactory(stub_config)

Bases: StubFactoryBase

Initialize StubFactoryBase

Parameters:

stub_config (vmware.vapi.bindings.stub.StubConfiguration) – Stub config instance