com.vmware.vcenter.confidential_computing package

Submodules

com.vmware.vcenter.confidential_computing.sgx_client module

The com.vmware.vcenter.confidential_computing.sgx_client module covers VC functionality to work with Intel CPUs Software Guard Extensions (SGX) on the hosts.

Software Guard Extensions (SGX) is a feature of recent Intel CPUs that allows users applications to create secure regions of memory-called enclaves-inside their address space. An enclave is opaque to all software running outside of the enclave, including the operating system and the hypervisor. In addition to this isolation functionality, Intel SGX also provides remote attestation capabilities, allowing external entities to verify that a specific SGX enclave is running on a host. An enclave’s attestation quote is rooted on an Intel-issued Platform Certification Key (PCK) certificate that binds the current platform’s SGX cryptographic identity to Intel, essentially certifying that it is a valid Intel SGX platform.

class com.vmware.vcenter.confidential_computing.sgx_client.Hosts(config)

Bases: VapiInterface

The Hosts classes provides methods to register Intel Software Guard Extensions (SGX) for the hosts. This class was added in vSphere API 8.0.0.1.

Parameters:

config (vmware.vapi.bindings.stub.StubConfiguration) – Configuration to be used for creating the stub.

class RegisterSpec(host_id=None)

Bases: VapiStruct

The Hosts.RegisterSpec class contains the data necessary to identify the host. This class was added in vSphere API 8.0.0.1.

Tip

The arguments are used to initialize data attributes with the same names.

Parameters:

host_id (str) – The host’s identifier. This attribute was added in vSphere API 8.0.0.1. When clients pass a value of this class as a parameter, the attribute must be an identifier for the resource type: HostSystem. When methods return a value of this class as a return value, the attribute will be an identifier for the resource type: HostSystem.

register_task(spec)

Register host by stored SGX configuration. This method was added in vSphere API 8.0.0.1.

Parameters:

spec (Hosts.RegisterSpec) – Described the host that need to be registered.

Raise:

com.vmware.vapi.std.errors_client.Error for any other error.

Raise:

com.vmware.vapi.std.errors_client.NotFound if the host ID is not valid.

Raise:

com.vmware.vapi.std.errors_client.ResourceBusy if register for same host is already in progress.

Raise:

com.vmware.vapi.std.errors_client.Unauthenticated if the user can not be authenticated.

Raise:

com.vmware.vapi.std.errors_client.Unsupported if the system does not support SGX Registration.

class com.vmware.vcenter.confidential_computing.sgx_client.StubFactory(stub_config)

Bases: StubFactoryBase

Initialize StubFactoryBase

Parameters:

stub_config (vmware.vapi.bindings.stub.StubConfiguration) – Stub config instance