cribl-control-plane 0.0.13__py3-none-any.whl

cribl_control_plane/models/outputconfluentcloud.py

@@ -0,0 +1,591 @@
+"""Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT."""
+
+from __future__ import annotations
+from cribl_control_plane import utils
+from cribl_control_plane.types import BaseModel
+from cribl_control_plane.utils import validate_open_enum
+from enum import Enum
+import pydantic
+from pydantic.functional_validators import PlainValidator
+from typing import List, Optional
+from typing_extensions import Annotated, NotRequired, TypedDict
+
+
+class OutputConfluentCloudType(str, Enum, metaclass=utils.OpenEnumMeta):
+    CONFLUENT_CLOUD = "confluent_cloud"
+
+
+class OutputConfluentCloudMinimumTLSVersion(str, Enum, metaclass=utils.OpenEnumMeta):
+    TL_SV1 = "TLSv1"
+    TL_SV1_1 = "TLSv1.1"
+    TL_SV1_2 = "TLSv1.2"
+    TL_SV1_3 = "TLSv1.3"
+
+
+class OutputConfluentCloudMaximumTLSVersion(str, Enum, metaclass=utils.OpenEnumMeta):
+    TL_SV1 = "TLSv1"
+    TL_SV1_1 = "TLSv1.1"
+    TL_SV1_2 = "TLSv1.2"
+    TL_SV1_3 = "TLSv1.3"
+
+
+class OutputConfluentCloudTLSSettingsClientSideTypedDict(TypedDict):
+    disabled: NotRequired[bool]
+    reject_unauthorized: NotRequired[bool]
+    r"""Reject certificates that are not authorized by a CA in the CA certificate path, or by another
+    trusted CA (such as the system's). Defaults to Enabled. Overrides the toggle from Advanced Settings, when also present.
+    """
+    servername: NotRequired[str]
+    r"""Server name for the SNI (Server Name Indication) TLS extension. It must be a host name, and not an IP address."""
+    certificate_name: NotRequired[str]
+    r"""The name of the predefined certificate"""
+    ca_path: NotRequired[str]
+    r"""Path on client in which to find CA certificates to verify the server's cert. PEM format. Can reference $ENV_VARS."""
+    priv_key_path: NotRequired[str]
+    r"""Path on client in which to find the private key to use. PEM format. Can reference $ENV_VARS."""
+    cert_path: NotRequired[str]
+    r"""Path on client in which to find certificates to use. PEM format. Can reference $ENV_VARS."""
+    passphrase: NotRequired[str]
+    r"""Passphrase to use to decrypt private key"""
+    min_version: NotRequired[OutputConfluentCloudMinimumTLSVersion]
+    max_version: NotRequired[OutputConfluentCloudMaximumTLSVersion]
+
+
+class OutputConfluentCloudTLSSettingsClientSide(BaseModel):
+    disabled: Optional[bool] = False
+
+    reject_unauthorized: Annotated[
+        Optional[bool], pydantic.Field(alias="rejectUnauthorized")
+    ] = True
+    r"""Reject certificates that are not authorized by a CA in the CA certificate path, or by another
+    trusted CA (such as the system's). Defaults to Enabled. Overrides the toggle from Advanced Settings, when also present.
+    """
+
+    servername: Optional[str] = None
+    r"""Server name for the SNI (Server Name Indication) TLS extension. It must be a host name, and not an IP address."""
+
+    certificate_name: Annotated[
+        Optional[str], pydantic.Field(alias="certificateName")
+    ] = None
+    r"""The name of the predefined certificate"""
+
+    ca_path: Annotated[Optional[str], pydantic.Field(alias="caPath")] = None
+    r"""Path on client in which to find CA certificates to verify the server's cert. PEM format. Can reference $ENV_VARS."""
+
+    priv_key_path: Annotated[Optional[str], pydantic.Field(alias="privKeyPath")] = None
+    r"""Path on client in which to find the private key to use. PEM format. Can reference $ENV_VARS."""
+
+    cert_path: Annotated[Optional[str], pydantic.Field(alias="certPath")] = None
+    r"""Path on client in which to find certificates to use. PEM format. Can reference $ENV_VARS."""
+
+    passphrase: Optional[str] = None
+    r"""Passphrase to use to decrypt private key"""
+
+    min_version: Annotated[
+        Annotated[
+            Optional[OutputConfluentCloudMinimumTLSVersion],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="minVersion"),
+    ] = None
+
+    max_version: Annotated[
+        Annotated[
+            Optional[OutputConfluentCloudMaximumTLSVersion],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="maxVersion"),
+    ] = None
+
+
+class OutputConfluentCloudAcknowledgments(int, Enum, metaclass=utils.OpenEnumMeta):
+    r"""Control the number of required acknowledgments."""
+
+    ONE = 1
+    ZERO = 0
+    MINUS_1 = -1
+
+
+class OutputConfluentCloudRecordDataFormat(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""Format to use to serialize events before writing to Kafka."""
+
+    JSON = "json"
+    RAW = "raw"
+    PROTOBUF = "protobuf"
+
+
+class OutputConfluentCloudCompression(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""Codec to use to compress the data before sending to Kafka"""
+
+    NONE = "none"
+    GZIP = "gzip"
+    SNAPPY = "snappy"
+    LZ4 = "lz4"
+
+
+class OutputConfluentCloudAuthTypedDict(TypedDict):
+    r"""Credentials to use when authenticating with the schema registry using basic HTTP authentication"""
+
+    disabled: NotRequired[bool]
+    credentials_secret: NotRequired[str]
+    r"""Select or create a secret that references your credentials"""
+
+
+class OutputConfluentCloudAuth(BaseModel):
+    r"""Credentials to use when authenticating with the schema registry using basic HTTP authentication"""
+
+    disabled: Optional[bool] = True
+
+    credentials_secret: Annotated[
+        Optional[str], pydantic.Field(alias="credentialsSecret")
+    ] = None
+    r"""Select or create a secret that references your credentials"""
+
+
+class OutputConfluentCloudKafkaSchemaRegistryMinimumTLSVersion(
+    str, Enum, metaclass=utils.OpenEnumMeta
+):
+    TL_SV1 = "TLSv1"
+    TL_SV1_1 = "TLSv1.1"
+    TL_SV1_2 = "TLSv1.2"
+    TL_SV1_3 = "TLSv1.3"
+
+
+class OutputConfluentCloudKafkaSchemaRegistryMaximumTLSVersion(
+    str, Enum, metaclass=utils.OpenEnumMeta
+):
+    TL_SV1 = "TLSv1"
+    TL_SV1_1 = "TLSv1.1"
+    TL_SV1_2 = "TLSv1.2"
+    TL_SV1_3 = "TLSv1.3"
+
+
+class OutputConfluentCloudKafkaSchemaRegistryTLSSettingsClientSideTypedDict(TypedDict):
+    disabled: NotRequired[bool]
+    reject_unauthorized: NotRequired[bool]
+    r"""Reject certificates that are not authorized by a CA in the CA certificate path, or by another
+    trusted CA (such as the system's). Defaults to Enabled. Overrides the toggle from Advanced Settings, when also present.
+    """
+    servername: NotRequired[str]
+    r"""Server name for the SNI (Server Name Indication) TLS extension. It must be a host name, and not an IP address."""
+    certificate_name: NotRequired[str]
+    r"""The name of the predefined certificate"""
+    ca_path: NotRequired[str]
+    r"""Path on client in which to find CA certificates to verify the server's cert. PEM format. Can reference $ENV_VARS."""
+    priv_key_path: NotRequired[str]
+    r"""Path on client in which to find the private key to use. PEM format. Can reference $ENV_VARS."""
+    cert_path: NotRequired[str]
+    r"""Path on client in which to find certificates to use. PEM format. Can reference $ENV_VARS."""
+    passphrase: NotRequired[str]
+    r"""Passphrase to use to decrypt private key"""
+    min_version: NotRequired[OutputConfluentCloudKafkaSchemaRegistryMinimumTLSVersion]
+    max_version: NotRequired[OutputConfluentCloudKafkaSchemaRegistryMaximumTLSVersion]
+
+
+class OutputConfluentCloudKafkaSchemaRegistryTLSSettingsClientSide(BaseModel):
+    disabled: Optional[bool] = True
+
+    reject_unauthorized: Annotated[
+        Optional[bool], pydantic.Field(alias="rejectUnauthorized")
+    ] = True
+    r"""Reject certificates that are not authorized by a CA in the CA certificate path, or by another
+    trusted CA (such as the system's). Defaults to Enabled. Overrides the toggle from Advanced Settings, when also present.
+    """
+
+    servername: Optional[str] = None
+    r"""Server name for the SNI (Server Name Indication) TLS extension. It must be a host name, and not an IP address."""
+
+    certificate_name: Annotated[
+        Optional[str], pydantic.Field(alias="certificateName")
+    ] = None
+    r"""The name of the predefined certificate"""
+
+    ca_path: Annotated[Optional[str], pydantic.Field(alias="caPath")] = None
+    r"""Path on client in which to find CA certificates to verify the server's cert. PEM format. Can reference $ENV_VARS."""
+
+    priv_key_path: Annotated[Optional[str], pydantic.Field(alias="privKeyPath")] = None
+    r"""Path on client in which to find the private key to use. PEM format. Can reference $ENV_VARS."""
+
+    cert_path: Annotated[Optional[str], pydantic.Field(alias="certPath")] = None
+    r"""Path on client in which to find certificates to use. PEM format. Can reference $ENV_VARS."""
+
+    passphrase: Optional[str] = None
+    r"""Passphrase to use to decrypt private key"""
+
+    min_version: Annotated[
+        Annotated[
+            Optional[OutputConfluentCloudKafkaSchemaRegistryMinimumTLSVersion],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="minVersion"),
+    ] = None
+
+    max_version: Annotated[
+        Annotated[
+            Optional[OutputConfluentCloudKafkaSchemaRegistryMaximumTLSVersion],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="maxVersion"),
+    ] = None
+
+
+class OutputConfluentCloudKafkaSchemaRegistryAuthenticationTypedDict(TypedDict):
+    disabled: NotRequired[bool]
+    schema_registry_url: NotRequired[str]
+    r"""URL for accessing the Confluent Schema Registry. Example: http://localhost:8081. To connect over TLS, use https instead of http."""
+    connection_timeout: NotRequired[float]
+    r"""Maximum time to wait for a Schema Registry connection to complete successfully"""
+    request_timeout: NotRequired[float]
+    r"""Maximum time to wait for the Schema Registry to respond to a request"""
+    max_retries: NotRequired[float]
+    r"""Maximum number of times to try fetching schemas from the Schema Registry"""
+    auth: NotRequired[OutputConfluentCloudAuthTypedDict]
+    r"""Credentials to use when authenticating with the schema registry using basic HTTP authentication"""
+    tls: NotRequired[
+        OutputConfluentCloudKafkaSchemaRegistryTLSSettingsClientSideTypedDict
+    ]
+    default_key_schema_id: NotRequired[float]
+    r"""Used when __keySchemaIdOut is not present, to transform key values, leave blank if key transformation is not required by default."""
+    default_value_schema_id: NotRequired[float]
+    r"""Used when __valueSchemaIdOut is not present, to transform _raw, leave blank if value transformation is not required by default."""
+
+
+class OutputConfluentCloudKafkaSchemaRegistryAuthentication(BaseModel):
+    disabled: Optional[bool] = True
+
+    schema_registry_url: Annotated[
+        Optional[str], pydantic.Field(alias="schemaRegistryURL")
+    ] = "http://localhost:8081"
+    r"""URL for accessing the Confluent Schema Registry. Example: http://localhost:8081. To connect over TLS, use https instead of http."""
+
+    connection_timeout: Annotated[
+        Optional[float], pydantic.Field(alias="connectionTimeout")
+    ] = 30000
+    r"""Maximum time to wait for a Schema Registry connection to complete successfully"""
+
+    request_timeout: Annotated[
+        Optional[float], pydantic.Field(alias="requestTimeout")
+    ] = 30000
+    r"""Maximum time to wait for the Schema Registry to respond to a request"""
+
+    max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = 1
+    r"""Maximum number of times to try fetching schemas from the Schema Registry"""
+
+    auth: Optional[OutputConfluentCloudAuth] = None
+    r"""Credentials to use when authenticating with the schema registry using basic HTTP authentication"""
+
+    tls: Optional[OutputConfluentCloudKafkaSchemaRegistryTLSSettingsClientSide] = None
+
+    default_key_schema_id: Annotated[
+        Optional[float], pydantic.Field(alias="defaultKeySchemaId")
+    ] = None
+    r"""Used when __keySchemaIdOut is not present, to transform key values, leave blank if key transformation is not required by default."""
+
+    default_value_schema_id: Annotated[
+        Optional[float], pydantic.Field(alias="defaultValueSchemaId")
+    ] = None
+    r"""Used when __valueSchemaIdOut is not present, to transform _raw, leave blank if value transformation is not required by default."""
+
+
+class OutputConfluentCloudSASLMechanism(str, Enum, metaclass=utils.OpenEnumMeta):
+    PLAIN = "plain"
+    SCRAM_SHA_256 = "scram-sha-256"
+    SCRAM_SHA_512 = "scram-sha-512"
+    KERBEROS = "kerberos"
+
+
+class OutputConfluentCloudAuthenticationTypedDict(TypedDict):
+    r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended."""
+
+    disabled: NotRequired[bool]
+    mechanism: NotRequired[OutputConfluentCloudSASLMechanism]
+
+
+class OutputConfluentCloudAuthentication(BaseModel):
+    r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended."""
+
+    disabled: Optional[bool] = True
+
+    mechanism: Annotated[
+        Optional[OutputConfluentCloudSASLMechanism],
+        PlainValidator(validate_open_enum(False)),
+    ] = OutputConfluentCloudSASLMechanism.PLAIN
+
+
+class OutputConfluentCloudBackpressureBehavior(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""How to handle events when all receivers are exerting backpressure"""
+
+    BLOCK = "block"
+    DROP = "drop"
+    QUEUE = "queue"
+
+
+class OutputConfluentCloudPqCompressCompression(
+    str, Enum, metaclass=utils.OpenEnumMeta
+):
+    r"""Codec to use to compress the persisted data"""
+
+    NONE = "none"
+    GZIP = "gzip"
+
+
+class OutputConfluentCloudQueueFullBehavior(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged."""
+
+    BLOCK = "block"
+    DROP = "drop"
+
+
+class OutputConfluentCloudMode(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem."""
+
+    ERROR = "error"
+    BACKPRESSURE = "backpressure"
+    ALWAYS = "always"
+
+
+class OutputConfluentCloudPqControlsTypedDict(TypedDict):
+    pass
+
+
+class OutputConfluentCloudPqControls(BaseModel):
+    pass
+
+
+class OutputConfluentCloudTypedDict(TypedDict):
+    brokers: List[str]
+    r"""List of Confluent Cloud bootstrap servers to use, such as yourAccount.confluent.cloud:9092."""
+    topic: str
+    r"""The topic to publish events to. Can be overridden using the __topicOut field."""
+    id: NotRequired[str]
+    r"""Unique ID for this output"""
+    type: NotRequired[OutputConfluentCloudType]
+    pipeline: NotRequired[str]
+    r"""Pipeline to process data before sending out to this output"""
+    system_fields: NotRequired[List[str]]
+    r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards."""
+    environment: NotRequired[str]
+    r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere."""
+    streamtags: NotRequired[List[str]]
+    r"""Tags for filtering and grouping in @{product}"""
+    tls: NotRequired[OutputConfluentCloudTLSSettingsClientSideTypedDict]
+    ack: NotRequired[OutputConfluentCloudAcknowledgments]
+    r"""Control the number of required acknowledgments."""
+    format_: NotRequired[OutputConfluentCloudRecordDataFormat]
+    r"""Format to use to serialize events before writing to Kafka."""
+    compression: NotRequired[OutputConfluentCloudCompression]
+    r"""Codec to use to compress the data before sending to Kafka"""
+    max_record_size_kb: NotRequired[float]
+    r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting."""
+    flush_event_count: NotRequired[float]
+    r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush"""
+    flush_period_sec: NotRequired[float]
+    r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent."""
+    kafka_schema_registry: NotRequired[
+        OutputConfluentCloudKafkaSchemaRegistryAuthenticationTypedDict
+    ]
+    connection_timeout: NotRequired[float]
+    r"""Maximum time to wait for a connection to complete successfully"""
+    request_timeout: NotRequired[float]
+    r"""Maximum time to wait for Kafka to respond to a request"""
+    max_retries: NotRequired[float]
+    r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data"""
+    max_back_off: NotRequired[float]
+    r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds)."""
+    initial_backoff: NotRequired[float]
+    r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes)."""
+    backoff_rate: NotRequired[float]
+    r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details."""
+    authentication_timeout: NotRequired[float]
+    r"""Maximum time to wait for Kafka to respond to an authentication request"""
+    reauthentication_threshold: NotRequired[float]
+    r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire."""
+    sasl: NotRequired[OutputConfluentCloudAuthenticationTypedDict]
+    r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended."""
+    on_backpressure: NotRequired[OutputConfluentCloudBackpressureBehavior]
+    r"""How to handle events when all receivers are exerting backpressure"""
+    description: NotRequired[str]
+    protobuf_library_id: NotRequired[str]
+    r"""Select a set of Protobuf definitions for the events you want to send"""
+    pq_max_file_size: NotRequired[str]
+    r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)"""
+    pq_max_size: NotRequired[str]
+    r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc."""
+    pq_path: NotRequired[str]
+    r"""The location for the persistent queue files. To this field's value, the system will append: /<worker-id>/<output-id>."""
+    pq_compress: NotRequired[OutputConfluentCloudPqCompressCompression]
+    r"""Codec to use to compress the persisted data"""
+    pq_on_backpressure: NotRequired[OutputConfluentCloudQueueFullBehavior]
+    r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged."""
+    pq_mode: NotRequired[OutputConfluentCloudMode]
+    r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem."""
+    pq_controls: NotRequired[OutputConfluentCloudPqControlsTypedDict]
+
+
+class OutputConfluentCloud(BaseModel):
+    brokers: List[str]
+    r"""List of Confluent Cloud bootstrap servers to use, such as yourAccount.confluent.cloud:9092."""
+
+    topic: str
+    r"""The topic to publish events to. Can be overridden using the __topicOut field."""
+
+    id: Optional[str] = None
+    r"""Unique ID for this output"""
+
+    type: Annotated[
+        Optional[OutputConfluentCloudType], PlainValidator(validate_open_enum(False))
+    ] = None
+
+    pipeline: Optional[str] = None
+    r"""Pipeline to process data before sending out to this output"""
+
+    system_fields: Annotated[
+        Optional[List[str]], pydantic.Field(alias="systemFields")
+    ] = None
+    r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards."""
+
+    environment: Optional[str] = None
+    r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere."""
+
+    streamtags: Optional[List[str]] = None
+    r"""Tags for filtering and grouping in @{product}"""
+
+    tls: Optional[OutputConfluentCloudTLSSettingsClientSide] = None
+
+    ack: Annotated[
+        Optional[OutputConfluentCloudAcknowledgments],
+        PlainValidator(validate_open_enum(True)),
+    ] = OutputConfluentCloudAcknowledgments.ONE
+    r"""Control the number of required acknowledgments."""
+
+    format_: Annotated[
+        Annotated[
+            Optional[OutputConfluentCloudRecordDataFormat],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="format"),
+    ] = OutputConfluentCloudRecordDataFormat.JSON
+    r"""Format to use to serialize events before writing to Kafka."""
+
+    compression: Annotated[
+        Optional[OutputConfluentCloudCompression],
+        PlainValidator(validate_open_enum(False)),
+    ] = OutputConfluentCloudCompression.GZIP
+    r"""Codec to use to compress the data before sending to Kafka"""
+
+    max_record_size_kb: Annotated[
+        Optional[float], pydantic.Field(alias="maxRecordSizeKB")
+    ] = 768
+    r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting."""
+
+    flush_event_count: Annotated[
+        Optional[float], pydantic.Field(alias="flushEventCount")
+    ] = 1000
+    r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush"""
+
+    flush_period_sec: Annotated[
+        Optional[float], pydantic.Field(alias="flushPeriodSec")
+    ] = 1
+    r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent."""
+
+    kafka_schema_registry: Annotated[
+        Optional[OutputConfluentCloudKafkaSchemaRegistryAuthentication],
+        pydantic.Field(alias="kafkaSchemaRegistry"),
+    ] = None
+
+    connection_timeout: Annotated[
+        Optional[float], pydantic.Field(alias="connectionTimeout")
+    ] = 10000
+    r"""Maximum time to wait for a connection to complete successfully"""
+
+    request_timeout: Annotated[
+        Optional[float], pydantic.Field(alias="requestTimeout")
+    ] = 60000
+    r"""Maximum time to wait for Kafka to respond to a request"""
+
+    max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = 5
+    r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data"""
+
+    max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = 30000
+    r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds)."""
+
+    initial_backoff: Annotated[
+        Optional[float], pydantic.Field(alias="initialBackoff")
+    ] = 300
+    r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes)."""
+
+    backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = 2
+    r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details."""
+
+    authentication_timeout: Annotated[
+        Optional[float], pydantic.Field(alias="authenticationTimeout")
+    ] = 10000
+    r"""Maximum time to wait for Kafka to respond to an authentication request"""
+
+    reauthentication_threshold: Annotated[
+        Optional[float], pydantic.Field(alias="reauthenticationThreshold")
+    ] = 10000
+    r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire."""
+
+    sasl: Optional[OutputConfluentCloudAuthentication] = None
+    r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended."""
+
+    on_backpressure: Annotated[
+        Annotated[
+            Optional[OutputConfluentCloudBackpressureBehavior],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="onBackpressure"),
+    ] = OutputConfluentCloudBackpressureBehavior.BLOCK
+    r"""How to handle events when all receivers are exerting backpressure"""
+
+    description: Optional[str] = None
+
+    protobuf_library_id: Annotated[
+        Optional[str], pydantic.Field(alias="protobufLibraryId")
+    ] = None
+    r"""Select a set of Protobuf definitions for the events you want to send"""
+
+    pq_max_file_size: Annotated[
+        Optional[str], pydantic.Field(alias="pqMaxFileSize")
+    ] = "1 MB"
+    r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)"""
+
+    pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = "5GB"
+    r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc."""
+
+    pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = (
+        "$CRIBL_HOME/state/queues"
+    )
+    r"""The location for the persistent queue files. To this field's value, the system will append: /<worker-id>/<output-id>."""
+
+    pq_compress: Annotated[
+        Annotated[
+            Optional[OutputConfluentCloudPqCompressCompression],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="pqCompress"),
+    ] = OutputConfluentCloudPqCompressCompression.NONE
+    r"""Codec to use to compress the persisted data"""
+
+    pq_on_backpressure: Annotated[
+        Annotated[
+            Optional[OutputConfluentCloudQueueFullBehavior],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="pqOnBackpressure"),
+    ] = OutputConfluentCloudQueueFullBehavior.BLOCK
+    r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged."""
+
+    pq_mode: Annotated[
+        Annotated[
+            Optional[OutputConfluentCloudMode],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="pqMode"),
+    ] = OutputConfluentCloudMode.ERROR
+    r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem."""
+
+    pq_controls: Annotated[
+        Optional[OutputConfluentCloudPqControls], pydantic.Field(alias="pqControls")
+    ] = None