cribl-control-plane 0.0.13__py3-none-any.whl

cribl_control_plane/models/inputmsk.py

@@ -0,0 +1,654 @@
+"""Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT."""
+
+from __future__ import annotations
+from cribl_control_plane import utils
+from cribl_control_plane.types import BaseModel
+from cribl_control_plane.utils import validate_open_enum
+from enum import Enum
+import pydantic
+from pydantic.functional_validators import PlainValidator
+from typing import List, Optional
+from typing_extensions import Annotated, NotRequired, TypedDict
+
+
+class InputMskType(str, Enum, metaclass=utils.OpenEnumMeta):
+    MSK = "msk"
+
+
+class InputMskConnectionTypedDict(TypedDict):
+    output: str
+    pipeline: NotRequired[str]
+
+
+class InputMskConnection(BaseModel):
+    output: str
+
+    pipeline: Optional[str] = None
+
+
+class InputMskMode(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""With Smart mode, PQ will write events to the filesystem only when it detects backpressure from the processing engine. With Always On mode, PQ will always write events directly to the queue before forwarding them to the processing engine."""
+
+    SMART = "smart"
+    ALWAYS = "always"
+
+
+class InputMskCompression(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""Codec to use to compress the persisted data"""
+
+    NONE = "none"
+    GZIP = "gzip"
+
+
+class InputMskPqTypedDict(TypedDict):
+    mode: NotRequired[InputMskMode]
+    r"""With Smart mode, PQ will write events to the filesystem only when it detects backpressure from the processing engine. With Always On mode, PQ will always write events directly to the queue before forwarding them to the processing engine."""
+    max_buffer_size: NotRequired[float]
+    r"""The maximum number of events to hold in memory before writing the events to disk"""
+    commit_frequency: NotRequired[float]
+    r"""The number of events to send downstream before committing that Stream has read them"""
+    max_file_size: NotRequired[str]
+    r"""The maximum size to store in each queue file before closing and optionally compressing. Enter a numeral with units of KB, MB, etc."""
+    max_size: NotRequired[str]
+    r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc."""
+    path: NotRequired[str]
+    r"""The location for the persistent queue files. To this field's value, the system will append: /<worker-id>/inputs/<input-id>"""
+    compress: NotRequired[InputMskCompression]
+    r"""Codec to use to compress the persisted data"""
+
+
+class InputMskPq(BaseModel):
+    mode: Annotated[
+        Optional[InputMskMode], PlainValidator(validate_open_enum(False))
+    ] = InputMskMode.ALWAYS
+    r"""With Smart mode, PQ will write events to the filesystem only when it detects backpressure from the processing engine. With Always On mode, PQ will always write events directly to the queue before forwarding them to the processing engine."""
+
+    max_buffer_size: Annotated[
+        Optional[float], pydantic.Field(alias="maxBufferSize")
+    ] = 1000
+    r"""The maximum number of events to hold in memory before writing the events to disk"""
+
+    commit_frequency: Annotated[
+        Optional[float], pydantic.Field(alias="commitFrequency")
+    ] = 42
+    r"""The number of events to send downstream before committing that Stream has read them"""
+
+    max_file_size: Annotated[Optional[str], pydantic.Field(alias="maxFileSize")] = (
+        "1 MB"
+    )
+    r"""The maximum size to store in each queue file before closing and optionally compressing. Enter a numeral with units of KB, MB, etc."""
+
+    max_size: Annotated[Optional[str], pydantic.Field(alias="maxSize")] = "5GB"
+    r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc."""
+
+    path: Optional[str] = "$CRIBL_HOME/state/queues"
+    r"""The location for the persistent queue files. To this field's value, the system will append: /<worker-id>/inputs/<input-id>"""
+
+    compress: Annotated[
+        Optional[InputMskCompression], PlainValidator(validate_open_enum(False))
+    ] = InputMskCompression.NONE
+    r"""Codec to use to compress the persisted data"""
+
+
+class InputMskMetadatumTypedDict(TypedDict):
+    name: str
+    value: str
+    r"""JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.)"""
+
+
+class InputMskMetadatum(BaseModel):
+    name: str
+
+    value: str
+    r"""JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.)"""
+
+
+class InputMskAuthTypedDict(TypedDict):
+    r"""Credentials to use when authenticating with the schema registry using basic HTTP authentication"""
+
+    disabled: NotRequired[bool]
+    credentials_secret: NotRequired[str]
+    r"""Select or create a secret that references your credentials"""
+
+
+class InputMskAuth(BaseModel):
+    r"""Credentials to use when authenticating with the schema registry using basic HTTP authentication"""
+
+    disabled: Optional[bool] = True
+
+    credentials_secret: Annotated[
+        Optional[str], pydantic.Field(alias="credentialsSecret")
+    ] = None
+    r"""Select or create a secret that references your credentials"""
+
+
+class InputMskKafkaSchemaRegistryMinimumTLSVersion(
+    str, Enum, metaclass=utils.OpenEnumMeta
+):
+    TL_SV1 = "TLSv1"
+    TL_SV1_1 = "TLSv1.1"
+    TL_SV1_2 = "TLSv1.2"
+    TL_SV1_3 = "TLSv1.3"
+
+
+class InputMskKafkaSchemaRegistryMaximumTLSVersion(
+    str, Enum, metaclass=utils.OpenEnumMeta
+):
+    TL_SV1 = "TLSv1"
+    TL_SV1_1 = "TLSv1.1"
+    TL_SV1_2 = "TLSv1.2"
+    TL_SV1_3 = "TLSv1.3"
+
+
+class InputMskKafkaSchemaRegistryTLSSettingsClientSideTypedDict(TypedDict):
+    disabled: NotRequired[bool]
+    reject_unauthorized: NotRequired[bool]
+    r"""Reject certificates that are not authorized by a CA in the CA certificate path, or by another
+    trusted CA (such as the system's). Defaults to Enabled. Overrides the toggle from Advanced Settings, when also present.
+    """
+    servername: NotRequired[str]
+    r"""Server name for the SNI (Server Name Indication) TLS extension. It must be a host name, and not an IP address."""
+    certificate_name: NotRequired[str]
+    r"""The name of the predefined certificate"""
+    ca_path: NotRequired[str]
+    r"""Path on client in which to find CA certificates to verify the server's cert. PEM format. Can reference $ENV_VARS."""
+    priv_key_path: NotRequired[str]
+    r"""Path on client in which to find the private key to use. PEM format. Can reference $ENV_VARS."""
+    cert_path: NotRequired[str]
+    r"""Path on client in which to find certificates to use. PEM format. Can reference $ENV_VARS."""
+    passphrase: NotRequired[str]
+    r"""Passphrase to use to decrypt private key"""
+    min_version: NotRequired[InputMskKafkaSchemaRegistryMinimumTLSVersion]
+    max_version: NotRequired[InputMskKafkaSchemaRegistryMaximumTLSVersion]
+
+
+class InputMskKafkaSchemaRegistryTLSSettingsClientSide(BaseModel):
+    disabled: Optional[bool] = True
+
+    reject_unauthorized: Annotated[
+        Optional[bool], pydantic.Field(alias="rejectUnauthorized")
+    ] = True
+    r"""Reject certificates that are not authorized by a CA in the CA certificate path, or by another
+    trusted CA (such as the system's). Defaults to Enabled. Overrides the toggle from Advanced Settings, when also present.
+    """
+
+    servername: Optional[str] = None
+    r"""Server name for the SNI (Server Name Indication) TLS extension. It must be a host name, and not an IP address."""
+
+    certificate_name: Annotated[
+        Optional[str], pydantic.Field(alias="certificateName")
+    ] = None
+    r"""The name of the predefined certificate"""
+
+    ca_path: Annotated[Optional[str], pydantic.Field(alias="caPath")] = None
+    r"""Path on client in which to find CA certificates to verify the server's cert. PEM format. Can reference $ENV_VARS."""
+
+    priv_key_path: Annotated[Optional[str], pydantic.Field(alias="privKeyPath")] = None
+    r"""Path on client in which to find the private key to use. PEM format. Can reference $ENV_VARS."""
+
+    cert_path: Annotated[Optional[str], pydantic.Field(alias="certPath")] = None
+    r"""Path on client in which to find certificates to use. PEM format. Can reference $ENV_VARS."""
+
+    passphrase: Optional[str] = None
+    r"""Passphrase to use to decrypt private key"""
+
+    min_version: Annotated[
+        Annotated[
+            Optional[InputMskKafkaSchemaRegistryMinimumTLSVersion],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="minVersion"),
+    ] = None
+
+    max_version: Annotated[
+        Annotated[
+            Optional[InputMskKafkaSchemaRegistryMaximumTLSVersion],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="maxVersion"),
+    ] = None
+
+
+class InputMskKafkaSchemaRegistryAuthenticationTypedDict(TypedDict):
+    disabled: NotRequired[bool]
+    schema_registry_url: NotRequired[str]
+    r"""URL for accessing the Confluent Schema Registry. Example: http://localhost:8081. To connect over TLS, use https instead of http."""
+    connection_timeout: NotRequired[float]
+    r"""Maximum time to wait for a Schema Registry connection to complete successfully"""
+    request_timeout: NotRequired[float]
+    r"""Maximum time to wait for the Schema Registry to respond to a request"""
+    max_retries: NotRequired[float]
+    r"""Maximum number of times to try fetching schemas from the Schema Registry"""
+    auth: NotRequired[InputMskAuthTypedDict]
+    r"""Credentials to use when authenticating with the schema registry using basic HTTP authentication"""
+    tls: NotRequired[InputMskKafkaSchemaRegistryTLSSettingsClientSideTypedDict]
+
+
+class InputMskKafkaSchemaRegistryAuthentication(BaseModel):
+    disabled: Optional[bool] = True
+
+    schema_registry_url: Annotated[
+        Optional[str], pydantic.Field(alias="schemaRegistryURL")
+    ] = "http://localhost:8081"
+    r"""URL for accessing the Confluent Schema Registry. Example: http://localhost:8081. To connect over TLS, use https instead of http."""
+
+    connection_timeout: Annotated[
+        Optional[float], pydantic.Field(alias="connectionTimeout")
+    ] = 30000
+    r"""Maximum time to wait for a Schema Registry connection to complete successfully"""
+
+    request_timeout: Annotated[
+        Optional[float], pydantic.Field(alias="requestTimeout")
+    ] = 30000
+    r"""Maximum time to wait for the Schema Registry to respond to a request"""
+
+    max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = 1
+    r"""Maximum number of times to try fetching schemas from the Schema Registry"""
+
+    auth: Optional[InputMskAuth] = None
+    r"""Credentials to use when authenticating with the schema registry using basic HTTP authentication"""
+
+    tls: Optional[InputMskKafkaSchemaRegistryTLSSettingsClientSide] = None
+
+
+class InputMskAuthenticationMethod(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""AWS authentication method. Choose Auto to use IAM roles."""
+
+    AUTO = "auto"
+    MANUAL = "manual"
+    SECRET = "secret"
+
+
+class InputMskSignatureVersion(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""Signature version to use for signing MSK cluster requests"""
+
+    V2 = "v2"
+    V4 = "v4"
+
+
+class InputMskMinimumTLSVersion(str, Enum, metaclass=utils.OpenEnumMeta):
+    TL_SV1 = "TLSv1"
+    TL_SV1_1 = "TLSv1.1"
+    TL_SV1_2 = "TLSv1.2"
+    TL_SV1_3 = "TLSv1.3"
+
+
+class InputMskMaximumTLSVersion(str, Enum, metaclass=utils.OpenEnumMeta):
+    TL_SV1 = "TLSv1"
+    TL_SV1_1 = "TLSv1.1"
+    TL_SV1_2 = "TLSv1.2"
+    TL_SV1_3 = "TLSv1.3"
+
+
+class InputMskTLSSettingsClientSideTypedDict(TypedDict):
+    disabled: NotRequired[bool]
+    reject_unauthorized: NotRequired[bool]
+    r"""Reject certificates that are not authorized by a CA in the CA certificate path, or by another
+    trusted CA (such as the system's). Defaults to Enabled. Overrides the toggle from Advanced Settings, when also present.
+    """
+    servername: NotRequired[str]
+    r"""Server name for the SNI (Server Name Indication) TLS extension. It must be a host name, and not an IP address."""
+    certificate_name: NotRequired[str]
+    r"""The name of the predefined certificate"""
+    ca_path: NotRequired[str]
+    r"""Path on client in which to find CA certificates to verify the server's cert. PEM format. Can reference $ENV_VARS."""
+    priv_key_path: NotRequired[str]
+    r"""Path on client in which to find the private key to use. PEM format. Can reference $ENV_VARS."""
+    cert_path: NotRequired[str]
+    r"""Path on client in which to find certificates to use. PEM format. Can reference $ENV_VARS."""
+    passphrase: NotRequired[str]
+    r"""Passphrase to use to decrypt private key"""
+    min_version: NotRequired[InputMskMinimumTLSVersion]
+    max_version: NotRequired[InputMskMaximumTLSVersion]
+
+
+class InputMskTLSSettingsClientSide(BaseModel):
+    disabled: Optional[bool] = False
+
+    reject_unauthorized: Annotated[
+        Optional[bool], pydantic.Field(alias="rejectUnauthorized")
+    ] = True
+    r"""Reject certificates that are not authorized by a CA in the CA certificate path, or by another
+    trusted CA (such as the system's). Defaults to Enabled. Overrides the toggle from Advanced Settings, when also present.
+    """
+
+    servername: Optional[str] = None
+    r"""Server name for the SNI (Server Name Indication) TLS extension. It must be a host name, and not an IP address."""
+
+    certificate_name: Annotated[
+        Optional[str], pydantic.Field(alias="certificateName")
+    ] = None
+    r"""The name of the predefined certificate"""
+
+    ca_path: Annotated[Optional[str], pydantic.Field(alias="caPath")] = None
+    r"""Path on client in which to find CA certificates to verify the server's cert. PEM format. Can reference $ENV_VARS."""
+
+    priv_key_path: Annotated[Optional[str], pydantic.Field(alias="privKeyPath")] = None
+    r"""Path on client in which to find the private key to use. PEM format. Can reference $ENV_VARS."""
+
+    cert_path: Annotated[Optional[str], pydantic.Field(alias="certPath")] = None
+    r"""Path on client in which to find certificates to use. PEM format. Can reference $ENV_VARS."""
+
+    passphrase: Optional[str] = None
+    r"""Passphrase to use to decrypt private key"""
+
+    min_version: Annotated[
+        Annotated[
+            Optional[InputMskMinimumTLSVersion],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="minVersion"),
+    ] = None
+
+    max_version: Annotated[
+        Annotated[
+            Optional[InputMskMaximumTLSVersion],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="maxVersion"),
+    ] = None
+
+
+class InputMskTypedDict(TypedDict):
+    type: InputMskType
+    brokers: List[str]
+    r"""Enter each Kafka bootstrap server you want to use. Specify the hostname and port (such as mykafkabroker:9092) or just the hostname (in which case @{product} will assign port 9092)."""
+    topics: List[str]
+    r"""Topic to subscribe to. Warning: To optimize performance, Cribl suggests subscribing each Kafka Source to a single topic only."""
+    region: str
+    r"""Region where the MSK cluster is located"""
+    id: NotRequired[str]
+    r"""Unique ID for this input"""
+    disabled: NotRequired[bool]
+    pipeline: NotRequired[str]
+    r"""Pipeline to process data from this Source before sending it through the Routes"""
+    send_to_routes: NotRequired[bool]
+    r"""Select whether to send data to Routes, or directly to Destinations."""
+    environment: NotRequired[str]
+    r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere."""
+    pq_enabled: NotRequired[bool]
+    r"""Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers)."""
+    streamtags: NotRequired[List[str]]
+    r"""Tags for filtering and grouping in @{product}"""
+    connections: NotRequired[List[InputMskConnectionTypedDict]]
+    r"""Direct connections to Destinations, and optionally via a Pipeline or a Pack"""
+    pq: NotRequired[InputMskPqTypedDict]
+    group_id: NotRequired[str]
+    r"""The consumer group to which this instance belongs. Defaults to 'Cribl'."""
+    from_beginning: NotRequired[bool]
+    r"""Leave enabled if you want the Source, upon first subscribing to a topic, to read starting with the earliest available message"""
+    session_timeout: NotRequired[float]
+    r"""Timeout used to detect client failures when using Kafka's group-management facilities.
+    If the client sends no heartbeats to the broker before the timeout expires,
+    the broker will remove the client from the group and initiate a rebalance.
+    Value must be between the broker's configured group.min.session.timeout.ms and group.max.session.timeout.ms.
+    See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details.
+    """
+    rebalance_timeout: NotRequired[float]
+    r"""Maximum allowed time for each worker to join the group after a rebalance begins.
+    If the timeout is exceeded, the coordinator broker will remove the worker from the group.
+    See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details.
+    """
+    heartbeat_interval: NotRequired[float]
+    r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities.
+    Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value.
+    See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details.
+    """
+    metadata: NotRequired[List[InputMskMetadatumTypedDict]]
+    r"""Fields to add to events from this input"""
+    kafka_schema_registry: NotRequired[
+        InputMskKafkaSchemaRegistryAuthenticationTypedDict
+    ]
+    connection_timeout: NotRequired[float]
+    r"""Maximum time to wait for a connection to complete successfully"""
+    request_timeout: NotRequired[float]
+    r"""Maximum time to wait for Kafka to respond to a request"""
+    max_retries: NotRequired[float]
+    r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data"""
+    max_back_off: NotRequired[float]
+    r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds)."""
+    initial_backoff: NotRequired[float]
+    r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes)."""
+    backoff_rate: NotRequired[float]
+    r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details."""
+    authentication_timeout: NotRequired[float]
+    r"""Maximum time to wait for Kafka to respond to an authentication request"""
+    reauthentication_threshold: NotRequired[float]
+    r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire."""
+    aws_authentication_method: NotRequired[InputMskAuthenticationMethod]
+    r"""AWS authentication method. Choose Auto to use IAM roles."""
+    aws_secret_key: NotRequired[str]
+    endpoint: NotRequired[str]
+    r"""MSK cluster service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to MSK cluster-compatible endpoint."""
+    signature_version: NotRequired[InputMskSignatureVersion]
+    r"""Signature version to use for signing MSK cluster requests"""
+    reuse_connections: NotRequired[bool]
+    r"""Reuse connections between requests, which can improve performance"""
+    reject_unauthorized: NotRequired[bool]
+    r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates"""
+    enable_assume_role: NotRequired[bool]
+    r"""Use Assume Role credentials to access MSK"""
+    assume_role_arn: NotRequired[str]
+    r"""Amazon Resource Name (ARN) of the role to assume"""
+    assume_role_external_id: NotRequired[str]
+    r"""External ID to use when assuming role"""
+    duration_seconds: NotRequired[float]
+    r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours)."""
+    tls: NotRequired[InputMskTLSSettingsClientSideTypedDict]
+    auto_commit_interval: NotRequired[float]
+    r"""How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch."""
+    auto_commit_threshold: NotRequired[float]
+    r"""How many events are needed to trigger an offset commit. If both this and Offset commit interval are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch."""
+    max_bytes_per_partition: NotRequired[float]
+    r"""Maximum amount of data that Kafka will return per partition, per fetch request. Must equal or exceed the maximum message size (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, @{product} can get stuck trying to retrieve messages. Defaults to 1048576 (1 MB)."""
+    max_bytes: NotRequired[float]
+    r"""Maximum number of bytes that Kafka will return per fetch request. Defaults to 10485760 (10 MB)."""
+    max_socket_errors: NotRequired[float]
+    r"""Maximum number of network errors before the consumer re-creates a socket"""
+    description: NotRequired[str]
+    aws_api_key: NotRequired[str]
+    aws_secret: NotRequired[str]
+    r"""Select or create a stored secret that references your access key and secret key"""
+
+
+class InputMsk(BaseModel):
+    type: Annotated[InputMskType, PlainValidator(validate_open_enum(False))]
+
+    brokers: List[str]
+    r"""Enter each Kafka bootstrap server you want to use. Specify the hostname and port (such as mykafkabroker:9092) or just the hostname (in which case @{product} will assign port 9092)."""
+
+    topics: List[str]
+    r"""Topic to subscribe to. Warning: To optimize performance, Cribl suggests subscribing each Kafka Source to a single topic only."""
+
+    region: str
+    r"""Region where the MSK cluster is located"""
+
+    id: Optional[str] = None
+    r"""Unique ID for this input"""
+
+    disabled: Optional[bool] = False
+
+    pipeline: Optional[str] = None
+    r"""Pipeline to process data from this Source before sending it through the Routes"""
+
+    send_to_routes: Annotated[Optional[bool], pydantic.Field(alias="sendToRoutes")] = (
+        True
+    )
+    r"""Select whether to send data to Routes, or directly to Destinations."""
+
+    environment: Optional[str] = None
+    r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere."""
+
+    pq_enabled: Annotated[Optional[bool], pydantic.Field(alias="pqEnabled")] = False
+    r"""Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers)."""
+
+    streamtags: Optional[List[str]] = None
+    r"""Tags for filtering and grouping in @{product}"""
+
+    connections: Optional[List[InputMskConnection]] = None
+    r"""Direct connections to Destinations, and optionally via a Pipeline or a Pack"""
+
+    pq: Optional[InputMskPq] = None
+
+    group_id: Annotated[Optional[str], pydantic.Field(alias="groupId")] = "Cribl"
+    r"""The consumer group to which this instance belongs. Defaults to 'Cribl'."""
+
+    from_beginning: Annotated[Optional[bool], pydantic.Field(alias="fromBeginning")] = (
+        True
+    )
+    r"""Leave enabled if you want the Source, upon first subscribing to a topic, to read starting with the earliest available message"""
+
+    session_timeout: Annotated[
+        Optional[float], pydantic.Field(alias="sessionTimeout")
+    ] = 30000
+    r"""Timeout used to detect client failures when using Kafka's group-management facilities.
+    If the client sends no heartbeats to the broker before the timeout expires,
+    the broker will remove the client from the group and initiate a rebalance.
+    Value must be between the broker's configured group.min.session.timeout.ms and group.max.session.timeout.ms.
+    See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details.
+    """
+
+    rebalance_timeout: Annotated[
+        Optional[float], pydantic.Field(alias="rebalanceTimeout")
+    ] = 60000
+    r"""Maximum allowed time for each worker to join the group after a rebalance begins.
+    If the timeout is exceeded, the coordinator broker will remove the worker from the group.
+    See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details.
+    """
+
+    heartbeat_interval: Annotated[
+        Optional[float], pydantic.Field(alias="heartbeatInterval")
+    ] = 3000
+    r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities.
+    Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value.
+    See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details.
+    """
+
+    metadata: Optional[List[InputMskMetadatum]] = None
+    r"""Fields to add to events from this input"""
+
+    kafka_schema_registry: Annotated[
+        Optional[InputMskKafkaSchemaRegistryAuthentication],
+        pydantic.Field(alias="kafkaSchemaRegistry"),
+    ] = None
+
+    connection_timeout: Annotated[
+        Optional[float], pydantic.Field(alias="connectionTimeout")
+    ] = 10000
+    r"""Maximum time to wait for a connection to complete successfully"""
+
+    request_timeout: Annotated[
+        Optional[float], pydantic.Field(alias="requestTimeout")
+    ] = 60000
+    r"""Maximum time to wait for Kafka to respond to a request"""
+
+    max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = 5
+    r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data"""
+
+    max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = 30000
+    r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds)."""
+
+    initial_backoff: Annotated[
+        Optional[float], pydantic.Field(alias="initialBackoff")
+    ] = 300
+    r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes)."""
+
+    backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = 2
+    r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details."""
+
+    authentication_timeout: Annotated[
+        Optional[float], pydantic.Field(alias="authenticationTimeout")
+    ] = 10000
+    r"""Maximum time to wait for Kafka to respond to an authentication request"""
+
+    reauthentication_threshold: Annotated[
+        Optional[float], pydantic.Field(alias="reauthenticationThreshold")
+    ] = 10000
+    r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire."""
+
+    aws_authentication_method: Annotated[
+        Annotated[
+            Optional[InputMskAuthenticationMethod],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="awsAuthenticationMethod"),
+    ] = InputMskAuthenticationMethod.AUTO
+    r"""AWS authentication method. Choose Auto to use IAM roles."""
+
+    aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = (
+        None
+    )
+
+    endpoint: Optional[str] = None
+    r"""MSK cluster service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to MSK cluster-compatible endpoint."""
+
+    signature_version: Annotated[
+        Annotated[
+            Optional[InputMskSignatureVersion],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="signatureVersion"),
+    ] = InputMskSignatureVersion.V4
+    r"""Signature version to use for signing MSK cluster requests"""
+
+    reuse_connections: Annotated[
+        Optional[bool], pydantic.Field(alias="reuseConnections")
+    ] = True
+    r"""Reuse connections between requests, which can improve performance"""
+
+    reject_unauthorized: Annotated[
+        Optional[bool], pydantic.Field(alias="rejectUnauthorized")
+    ] = True
+    r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates"""
+
+    enable_assume_role: Annotated[
+        Optional[bool], pydantic.Field(alias="enableAssumeRole")
+    ] = False
+    r"""Use Assume Role credentials to access MSK"""
+
+    assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = (
+        None
+    )
+    r"""Amazon Resource Name (ARN) of the role to assume"""
+
+    assume_role_external_id: Annotated[
+        Optional[str], pydantic.Field(alias="assumeRoleExternalId")
+    ] = None
+    r"""External ID to use when assuming role"""
+
+    duration_seconds: Annotated[
+        Optional[float], pydantic.Field(alias="durationSeconds")
+    ] = 3600
+    r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours)."""
+
+    tls: Optional[InputMskTLSSettingsClientSide] = None
+
+    auto_commit_interval: Annotated[
+        Optional[float], pydantic.Field(alias="autoCommitInterval")
+    ] = None
+    r"""How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch."""
+
+    auto_commit_threshold: Annotated[
+        Optional[float], pydantic.Field(alias="autoCommitThreshold")
+    ] = None
+    r"""How many events are needed to trigger an offset commit. If both this and Offset commit interval are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch."""
+
+    max_bytes_per_partition: Annotated[
+        Optional[float], pydantic.Field(alias="maxBytesPerPartition")
+    ] = 1048576
+    r"""Maximum amount of data that Kafka will return per partition, per fetch request. Must equal or exceed the maximum message size (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, @{product} can get stuck trying to retrieve messages. Defaults to 1048576 (1 MB)."""
+
+    max_bytes: Annotated[Optional[float], pydantic.Field(alias="maxBytes")] = 10485760
+    r"""Maximum number of bytes that Kafka will return per fetch request. Defaults to 10485760 (10 MB)."""
+
+    max_socket_errors: Annotated[
+        Optional[float], pydantic.Field(alias="maxSocketErrors")
+    ] = 0
+    r"""Maximum number of network errors before the consumer re-creates a socket"""
+
+    description: Optional[str] = None
+
+    aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None
+
+    aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None
+    r"""Select or create a stored secret that references your access key and secret key"""