strongdm 15.1.0__zip → 15.4.0__zip

{strongdm-15.1.0 → strongdm-15.4.0}/strongdm/models.py

@@ -592,6 +592,9 @@ class AKSServiceAccount:
 
 
 class AKSServiceAccountUserImpersonation:
+    '''
+    AKSServiceAccountUserImpersonation is deprecated, see docs for more info.
+    '''
     __slots__ = [
         'bind_interface',
         'egress_filter',
@@ -740,6 +743,9 @@ class AKSServiceAccountUserImpersonation:
 
 
 class AKSUserImpersonation:
+    '''
+    AKSUserImpersonation is deprecated, see docs for more info.
+    '''
     __slots__ = [
         'bind_interface',
         'certificate_authority',
@@ -905,6 +911,167 @@ class AKSUserImpersonation:
         )
 
 
+class AMQP:
+    '''
+    AMQP is currently unstable, and its API may change, or it may be removed,
+    without a major version bump.
+    '''
+    __slots__ = [
+        'bind_interface',
+        'egress_filter',
+        'healthy',
+        'hostname',
+        'id',
+        'name',
+        'password',
+        'port',
+        'port_override',
+        'proxy_cluster_id',
+        'secret_store_id',
+        'subdomain',
+        'tags',
+        'tls_required',
+        'username',
+    ]
+
+    def __init__(
+        self,
+        bind_interface=None,
+        egress_filter=None,
+        healthy=None,
+        hostname=None,
+        id=None,
+        name=None,
+        password=None,
+        port=None,
+        port_override=None,
+        proxy_cluster_id=None,
+        secret_store_id=None,
+        subdomain=None,
+        tags=None,
+        tls_required=None,
+        username=None,
+    ):
+        self.bind_interface = bind_interface if bind_interface is not None else ''
+        '''
+         The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
+        '''
+        self.egress_filter = egress_filter if egress_filter is not None else ''
+        '''
+         A filter applied to the routing logic to pin datasource to nodes.
+        '''
+        self.healthy = healthy if healthy is not None else False
+        '''
+         True if the datasource is reachable and the credentials are valid.
+        '''
+        self.hostname = hostname if hostname is not None else ''
+        '''
+         The host to dial to initiate a connection from the egress node to this resource.
+        '''
+        self.id = id if id is not None else ''
+        '''
+         Unique identifier of the Resource.
+        '''
+        self.name = name if name is not None else ''
+        '''
+         Unique human-readable name of the Resource.
+        '''
+        self.password = password if password is not None else ''
+        '''
+         The password to authenticate with.
+        '''
+        self.port = port if port is not None else 0
+        '''
+         The port to dial to initiate a connection from the egress node to this resource.
+        '''
+        self.port_override = port_override if port_override is not None else 0
+        '''
+         The local port used by clients to connect to this resource.
+        '''
+        self.proxy_cluster_id = proxy_cluster_id if proxy_cluster_id is not None else ''
+        '''
+         ID of the proxy cluster for this resource, if any.
+        '''
+        self.secret_store_id = secret_store_id if secret_store_id is not None else ''
+        '''
+         ID of the secret store containing credentials for this resource, if any.
+        '''
+        self.subdomain = subdomain if subdomain is not None else ''
+        '''
+         Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
+        '''
+        self.tags = tags if tags is not None else _porcelain_zero_value_tags()
+        '''
+         Tags is a map of key, value pairs.
+        '''
+        self.tls_required = tls_required if tls_required is not None else False
+        '''
+         If set, TLS must be used to connect to this resource.
+        '''
+        self.username = username if username is not None else ''
+        '''
+         The username to authenticate with.
+        '''
+
+    def __repr__(self):
+        return '<sdm.AMQP ' + \
+            'bind_interface: ' + repr(self.bind_interface) + ' ' +\
+            'egress_filter: ' + repr(self.egress_filter) + ' ' +\
+            'healthy: ' + repr(self.healthy) + ' ' +\
+            'hostname: ' + repr(self.hostname) + ' ' +\
+            'id: ' + repr(self.id) + ' ' +\
+            'name: ' + repr(self.name) + ' ' +\
+            'password: ' + repr(self.password) + ' ' +\
+            'port: ' + repr(self.port) + ' ' +\
+            'port_override: ' + repr(self.port_override) + ' ' +\
+            'proxy_cluster_id: ' + repr(self.proxy_cluster_id) + ' ' +\
+            'secret_store_id: ' + repr(self.secret_store_id) + ' ' +\
+            'subdomain: ' + repr(self.subdomain) + ' ' +\
+            'tags: ' + repr(self.tags) + ' ' +\
+            'tls_required: ' + repr(self.tls_required) + ' ' +\
+            'username: ' + repr(self.username) + ' ' +\
+            '>'
+
+    def to_dict(self):
+        return {
+            'bind_interface': self.bind_interface,
+            'egress_filter': self.egress_filter,
+            'healthy': self.healthy,
+            'hostname': self.hostname,
+            'id': self.id,
+            'name': self.name,
+            'password': self.password,
+            'port': self.port,
+            'port_override': self.port_override,
+            'proxy_cluster_id': self.proxy_cluster_id,
+            'secret_store_id': self.secret_store_id,
+            'subdomain': self.subdomain,
+            'tags': self.tags,
+            'tls_required': self.tls_required,
+            'username': self.username,
+        }
+
+    @classmethod
+    def from_dict(cls, d):
+        return cls(
+            bind_interface=d.get('bind_interface'),
+            egress_filter=d.get('egress_filter'),
+            healthy=d.get('healthy'),
+            hostname=d.get('hostname'),
+            id=d.get('id'),
+            name=d.get('name'),
+            password=d.get('password'),
+            port=d.get('port'),
+            port_override=d.get('port_override'),
+            proxy_cluster_id=d.get('proxy_cluster_id'),
+            secret_store_id=d.get('secret_store_id'),
+            subdomain=d.get('subdomain'),
+            tags=d.get('tags'),
+            tls_required=d.get('tls_required'),
+            username=d.get('username'),
+        )
+
+
 class AWS:
     __slots__ = [
         'access_key',
@@ -4470,6 +4637,9 @@ class AmazonEKSInstanceProfile:
 
 
 class AmazonEKSInstanceProfileUserImpersonation:
+    '''
+    AmazonEKSInstanceProfileUserImpersonation is deprecated, see docs for more info.
+    '''
     __slots__ = [
         'bind_interface',
         'certificate_authority',
@@ -4645,6 +4815,9 @@ class AmazonEKSInstanceProfileUserImpersonation:
 
 
 class AmazonEKSUserImpersonation:
+    '''
+    AmazonEKSUserImpersonation is deprecated, see docs for more info.
+    '''
     __slots__ = [
         'access_key',
         'bind_interface',
@@ -5496,6 +5669,7 @@ class ApprovalWorkflow:
 class ApprovalWorkflowApprover:
     '''
          ApprovalWorkflowApprover links an approval workflow approver to an ApprovalWorkflowStep
+    ApprovalWorkflowApprover is deprecated, see docs for more info.
     '''
     __slots__ = [
         'account_id',
@@ -6047,6 +6221,7 @@ class ApprovalWorkflowListResponse:
 class ApprovalWorkflowStep:
     '''
          ApprovalWorkflowStep links an approval workflow step to an ApprovalWorkflow
+    ApprovalWorkflowStep is deprecated, see docs for more info.
     '''
     __slots__ = [
         'approval_flow_id',
@@ -7998,6 +8173,178 @@ class AzureMysql:
         )
 
 
+class AzureMysqlManagedIdentity:
+    '''
+    AzureMysqlManagedIdentity is currently unstable, and its API may change, or it may be removed,
+    without a major version bump.
+    '''
+    __slots__ = [
+        'bind_interface',
+        'database',
+        'egress_filter',
+        'healthy',
+        'hostname',
+        'id',
+        'name',
+        'password',
+        'port',
+        'port_override',
+        'proxy_cluster_id',
+        'secret_store_id',
+        'subdomain',
+        'tags',
+        'use_azure_single_server_usernames',
+        'username',
+    ]
+
+    def __init__(
+        self,
+        bind_interface=None,
+        database=None,
+        egress_filter=None,
+        healthy=None,
+        hostname=None,
+        id=None,
+        name=None,
+        password=None,
+        port=None,
+        port_override=None,
+        proxy_cluster_id=None,
+        secret_store_id=None,
+        subdomain=None,
+        tags=None,
+        use_azure_single_server_usernames=None,
+        username=None,
+    ):
+        self.bind_interface = bind_interface if bind_interface is not None else ''
+        '''
+         The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
+        '''
+        self.database = database if database is not None else ''
+        '''
+         The database for healthchecks. Does not affect client requests.
+        '''
+        self.egress_filter = egress_filter if egress_filter is not None else ''
+        '''
+         A filter applied to the routing logic to pin datasource to nodes.
+        '''
+        self.healthy = healthy if healthy is not None else False
+        '''
+         True if the datasource is reachable and the credentials are valid.
+        '''
+        self.hostname = hostname if hostname is not None else ''
+        '''
+         The host to dial to initiate a connection from the egress node to this resource.
+        '''
+        self.id = id if id is not None else ''
+        '''
+         Unique identifier of the Resource.
+        '''
+        self.name = name if name is not None else ''
+        '''
+         Unique human-readable name of the Resource.
+        '''
+        self.password = password if password is not None else ''
+        '''
+         The password to authenticate with.
+        '''
+        self.port = port if port is not None else 0
+        '''
+         The port to dial to initiate a connection from the egress node to this resource.
+        '''
+        self.port_override = port_override if port_override is not None else 0
+        '''
+         The local port used by clients to connect to this resource.
+        '''
+        self.proxy_cluster_id = proxy_cluster_id if proxy_cluster_id is not None else ''
+        '''
+         ID of the proxy cluster for this resource, if any.
+        '''
+        self.secret_store_id = secret_store_id if secret_store_id is not None else ''
+        '''
+         ID of the secret store containing credentials for this resource, if any.
+        '''
+        self.subdomain = subdomain if subdomain is not None else ''
+        '''
+         Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
+        '''
+        self.tags = tags if tags is not None else _porcelain_zero_value_tags()
+        '''
+         Tags is a map of key, value pairs.
+        '''
+        self.use_azure_single_server_usernames = use_azure_single_server_usernames if use_azure_single_server_usernames is not None else False
+        '''
+         If true, appends the hostname to the username when hitting a database.azure.com address
+        '''
+        self.username = username if username is not None else ''
+        '''
+         The username to authenticate with.
+        '''
+
+    def __repr__(self):
+        return '<sdm.AzureMysqlManagedIdentity ' + \
+            'bind_interface: ' + repr(self.bind_interface) + ' ' +\
+            'database: ' + repr(self.database) + ' ' +\
+            'egress_filter: ' + repr(self.egress_filter) + ' ' +\
+            'healthy: ' + repr(self.healthy) + ' ' +\
+            'hostname: ' + repr(self.hostname) + ' ' +\
+            'id: ' + repr(self.id) + ' ' +\
+            'name: ' + repr(self.name) + ' ' +\
+            'password: ' + repr(self.password) + ' ' +\
+            'port: ' + repr(self.port) + ' ' +\
+            'port_override: ' + repr(self.port_override) + ' ' +\
+            'proxy_cluster_id: ' + repr(self.proxy_cluster_id) + ' ' +\
+            'secret_store_id: ' + repr(self.secret_store_id) + ' ' +\
+            'subdomain: ' + repr(self.subdomain) + ' ' +\
+            'tags: ' + repr(self.tags) + ' ' +\
+            'use_azure_single_server_usernames: ' + repr(self.use_azure_single_server_usernames) + ' ' +\
+            'username: ' + repr(self.username) + ' ' +\
+            '>'
+
+    def to_dict(self):
+        return {
+            'bind_interface': self.bind_interface,
+            'database': self.database,
+            'egress_filter': self.egress_filter,
+            'healthy': self.healthy,
+            'hostname': self.hostname,
+            'id': self.id,
+            'name': self.name,
+            'password': self.password,
+            'port': self.port,
+            'port_override': self.port_override,
+            'proxy_cluster_id': self.proxy_cluster_id,
+            'secret_store_id': self.secret_store_id,
+            'subdomain': self.subdomain,
+            'tags': self.tags,
+            'use_azure_single_server_usernames':
+            self.use_azure_single_server_usernames,
+            'username': self.username,
+        }
+
+    @classmethod
+    def from_dict(cls, d):
+        return cls(
+            bind_interface=d.get('bind_interface'),
+            database=d.get('database'),
+            egress_filter=d.get('egress_filter'),
+            healthy=d.get('healthy'),
+            hostname=d.get('hostname'),
+            id=d.get('id'),
+            name=d.get('name'),
+            password=d.get('password'),
+            port=d.get('port'),
+            port_override=d.get('port_override'),
+            proxy_cluster_id=d.get('proxy_cluster_id'),
+            secret_store_id=d.get('secret_store_id'),
+            subdomain=d.get('subdomain'),
+            tags=d.get('tags'),
+            use_azure_single_server_usernames=d.get(
+                'use_azure_single_server_usernames'),
+            username=d.get('username'),
+        )
+
+
 class AzurePostgres:
     __slots__ = [
         'bind_interface',
@@ -13198,6 +13545,9 @@ class GoogleGKE:
 
 
 class GoogleGKEUserImpersonation:
+    '''
+    GoogleGKEUserImpersonation is deprecated, see docs for more info.
+    '''
     __slots__ = [
         'bind_interface',
         'certificate_authority',
@@ -16011,6 +16361,9 @@ class KubernetesServiceAccount:
 
 
 class KubernetesServiceAccountUserImpersonation:
+    '''
+    KubernetesServiceAccountUserImpersonation is deprecated, see docs for more info.
+    '''
     __slots__ = [
         'bind_interface',
         'egress_filter',
@@ -16159,6 +16512,9 @@ class KubernetesServiceAccountUserImpersonation:
 
 
 class KubernetesUserImpersonation:
+    '''
+    KubernetesUserImpersonation is deprecated, see docs for more info.
+    '''
     __slots__ = [
         'bind_interface',
         'certificate_authority',
@@ -16324,6 +16680,132 @@ class KubernetesUserImpersonation:
         )
 
 
+class LogCategoryConfig:
+    __slots__ = [
+        'remote_discard_replays',
+        'remote_encoder',
+    ]
+
+    def __init__(
+        self,
+        remote_discard_replays=None,
+        remote_encoder=None,
+    ):
+        self.remote_discard_replays = remote_discard_replays if remote_discard_replays is not None else False
+        '''
+         Indicates if the Organization should exclude replay data from remote logging for the log category.
+        '''
+        self.remote_encoder = remote_encoder if remote_encoder is not None else ''
+        '''
+         The Organization's remote log encryption encoder, one of the LogRemoteEncoder constants.
+        '''
+
+    def __repr__(self):
+        return '<sdm.LogCategoryConfig ' + \
+            'remote_discard_replays: ' + repr(self.remote_discard_replays) + ' ' +\
+            'remote_encoder: ' + repr(self.remote_encoder) + ' ' +\
+            '>'
+
+    def to_dict(self):
+        return {
+            'remote_discard_replays': self.remote_discard_replays,
+            'remote_encoder': self.remote_encoder,
+        }
+
+    @classmethod
+    def from_dict(cls, d):
+        return cls(
+            remote_discard_replays=d.get('remote_discard_replays'),
+            remote_encoder=d.get('remote_encoder'),
+        )
+
+
+class LogConfig:
+    __slots__ = [
+        'categories',
+        'local_encoder',
+        'local_format',
+        'local_socket_path',
+        'local_storage',
+        'local_tcp_address',
+        'public_key',
+    ]
+
+    def __init__(
+        self,
+        categories=None,
+        local_encoder=None,
+        local_format=None,
+        local_socket_path=None,
+        local_storage=None,
+        local_tcp_address=None,
+        public_key=None,
+    ):
+        self.categories = categories if categories is not None else _porcelain_zero_value_log_category_config_map(
+        )
+        '''
+         The Organization's log category configuration settings.
+        '''
+        self.local_encoder = local_encoder if local_encoder is not None else ''
+        '''
+         The Organization's local log encryption encoder, one of the LogLocalEncoder constants.
+        '''
+        self.local_format = local_format if local_format is not None else ''
+        '''
+         The Organization's local log format, one of the LogLocalFormat constants.
+        '''
+        self.local_socket_path = local_socket_path if local_socket_path is not None else ''
+        '''
+         The Organization's local log socket path.
+        '''
+        self.local_storage = local_storage if local_storage is not None else ''
+        '''
+         The Organization's local log storage, one of the LogLocalStorage constants.
+        '''
+        self.local_tcp_address = local_tcp_address if local_tcp_address is not None else ''
+        '''
+         The Organization's local log TCP address.
+        '''
+        self.public_key = public_key if public_key is not None else ''
+        '''
+         The Organization's public key in PEM format for encrypting logs.
+        '''
+
+    def __repr__(self):
+        return '<sdm.LogConfig ' + \
+            'categories: ' + repr(self.categories) + ' ' +\
+            'local_encoder: ' + repr(self.local_encoder) + ' ' +\
+            'local_format: ' + repr(self.local_format) + ' ' +\
+            'local_socket_path: ' + repr(self.local_socket_path) + ' ' +\
+            'local_storage: ' + repr(self.local_storage) + ' ' +\
+            'local_tcp_address: ' + repr(self.local_tcp_address) + ' ' +\
+            'public_key: ' + repr(self.public_key) + ' ' +\
+            '>'
+
+    def to_dict(self):
+        return {
+            'categories': self.categories,
+            'local_encoder': self.local_encoder,
+            'local_format': self.local_format,
+            'local_socket_path': self.local_socket_path,
+            'local_storage': self.local_storage,
+            'local_tcp_address': self.local_tcp_address,
+            'public_key': self.public_key,
+        }
+
+    @classmethod
+    def from_dict(cls, d):
+        return cls(
+            categories=d.get('categories'),
+            local_encoder=d.get('local_encoder'),
+            local_format=d.get('local_format'),
+            local_socket_path=d.get('local_socket_path'),
+            local_storage=d.get('local_storage'),
+            local_tcp_address=d.get('local_tcp_address'),
+            public_key=d.get('public_key'),
+        )
+
+
 class MTLSMysql:
     '''
     MTLSMysql is currently unstable, and its API may change, or it may be removed,
@@ -20288,6 +20770,7 @@ class Organization:
         'idle_timeout',
         'idle_timeout_enabled',
         'kind',
+        'log_config',
         'log_local_encoder',
         'log_local_format',
         'log_local_storage',
@@ -20322,6 +20805,7 @@ class Organization:
         idle_timeout=None,
         idle_timeout_enabled=None,
         kind=None,
+        log_config=None,
         log_local_encoder=None,
         log_local_format=None,
         log_local_storage=None,
@@ -20363,6 +20847,7 @@ class Organization:
         self.discard_replays = discard_replays if discard_replays is not None else False
         '''
          Indicates if the Organization should drop replay data for SSH, RDP, and K8s logs.
+         Deprecated: use categories specific log_config.categories[].remote_discard_replays instead
         '''
         self.enforce_single_session = enforce_single_session if enforce_single_session is not None else False
         '''
@@ -20380,29 +20865,39 @@ class Organization:
         '''
          The Organization's type, one of the OrgKind constants.
         '''
+        self.log_config = log_config if log_config is not None else None
+        '''
+         The Organization's logging settings
+        '''
         self.log_local_encoder = log_local_encoder if log_local_encoder is not None else ''
         '''
          The Organization's local log encryption encoder, one of the LogLocalEncoder constants.
+         Deprecated: use log_config.local_encoder instead
         '''
         self.log_local_format = log_local_format if log_local_format is not None else ''
         '''
          The Organization's local log format, one of the LogLocalFormat constants.
+         Deprecated: use log_config.local_format instead
         '''
         self.log_local_storage = log_local_storage if log_local_storage is not None else ''
         '''
          The Organization's local log storage, one of the LogLocalStorage constants.
+         Deprecated: use log_config.local_storage instead
         '''
         self.log_remote_encoder = log_remote_encoder if log_remote_encoder is not None else ''
         '''
          The Organization's remote log encryption encoder, one of the LogRemoteEncoder constants.
+         Deprecated: use categories specific log_config.categories[].remote_encoder instead
         '''
         self.log_socket_path = log_socket_path if log_socket_path is not None else ''
         '''
          The Organization's socket path for Socket local log storage.
+         Deprecated: use log_config.local_socket_path instead
         '''
         self.log_tcp_address = log_tcp_address if log_tcp_address is not None else ''
         '''
          The Organization's TCP address for TCP or Syslog local log storage.
+         Deprecated: use log_config.local_tcp_address instead
         '''
         self.loopback_range = loopback_range if loopback_range is not None else ''
         '''
@@ -20423,6 +20918,7 @@ class Organization:
         self.public_key_pem = public_key_pem if public_key_pem is not None else ''
         '''
          The Organization's public key PEM for encrypting remote logs.
+         Deprecated: use log_config.public_key instead
         '''
         self.require_secret_store = require_secret_store if require_secret_store is not None else False
         '''
@@ -20476,6 +20972,7 @@ class Organization:
             'idle_timeout: ' + repr(self.idle_timeout) + ' ' +\
             'idle_timeout_enabled: ' + repr(self.idle_timeout_enabled) + ' ' +\
             'kind: ' + repr(self.kind) + ' ' +\
+            'log_config: ' + repr(self.log_config) + ' ' +\
             'log_local_encoder: ' + repr(self.log_local_encoder) + ' ' +\
             'log_local_format: ' + repr(self.log_local_format) + ' ' +\
             'log_local_storage: ' + repr(self.log_local_storage) + ' ' +\
@@ -20510,6 +21007,7 @@ class Organization:
             'idle_timeout': self.idle_timeout,
             'idle_timeout_enabled': self.idle_timeout_enabled,
             'kind': self.kind,
+            'log_config': self.log_config,
             'log_local_encoder': self.log_local_encoder,
             'log_local_format': self.log_local_format,
             'log_local_storage': self.log_local_storage,
@@ -20547,6 +21045,7 @@ class Organization:
             idle_timeout=d.get('idle_timeout'),
             idle_timeout_enabled=d.get('idle_timeout_enabled'),
             kind=d.get('kind'),
+            log_config=d.get('log_config'),
             log_local_encoder=d.get('log_local_encoder'),
             log_local_format=d.get('log_local_format'),
             log_local_storage=d.get('log_local_storage'),
@@ -31134,6 +31633,7 @@ class Workflow:
 class WorkflowApprover:
     '''
          WorkflowApprover is an account or a role with the ability to approve requests bound to a workflow.
+    WorkflowApprover is deprecated, see docs for more info.
     '''
     __slots__ = [
         'account_id',
@@ -32172,3 +32672,7 @@ def _porcelain_zero_value_access_rules():
 
 def _porcelain_zero_value_access_rule():
     return {}
+
+
+def _porcelain_zero_value_log_category_config_map():
+    return {}