controllers.principals_controller module

class controllers.principals_controller.PrincipalsController(config=None, client=None, call_back=None)[source]

Bases: cohesity_management_sdk.controllers.base_controller.BaseController

A Controller to access Endpoints in the cohesity_management_sdk API.

create_reset_s_3_secret_key(body=None)[source]

Does a POST request to /public/users/s3SecretKey.

Returns the new key that was generated.

Args:
body (ResetS3SecretKeyParameters, optional): Request to reset the

S3 secret access key for the specified Cohesity user.

Returns:
NewS3SecretAccessKey: Response from the API. New S3 Secret Access

Key.

Raises:
APIException: When an error occurs while fetching the data from

the remote API. This exception includes the HTTP Response code, an error message, and the HTTP body that was received in the request.

create_user(body=None)[source]

Does a POST request to /public/users.

If an Active Directory domain is specified, a new user is added to the Cohesity Cluster for the specified Active Directory user principal. If the LOCAL domain is specified, a new user is created directly in the default LOCAL domain on the Cohesity Cluster. Returns the created or added user.

Args:
body (UserParameters, optional): Request to add or create a new

user.

Returns:

User: Response from the API. Success

Raises:
APIException: When an error occurs while fetching the data from

the remote API. This exception includes the HTTP Response code, an error message, and the HTTP body that was received in the request.

create_user_api_key(sid, body)[source]

Does a POST request to /public/users/{sid}/apiKeys.

Create an API key for user.

Args:

sid (string): Specifies the user sid. body (CreateApiKeyParams): Request to create an API key.

Returns:
CreatedApiKey: Response from the API. Get lock file status

response

Raises:
APIException: When an error occurs while fetching the data from

the remote API. This exception includes the HTTP Response code, an error message, and the HTTP body that was received in the request.

delete_user_api_key(sid, id)[source]

Does a DELETE request to /public/users/{sid}/apiKeys/{id}.

Delete an API key for user.

Args:

sid (string): Specifies the user sid. id (string): Specifies the API key id.

Returns:

void: Response from the API. No Content

Raises:
APIException: When an error occurs while fetching the data from

the remote API. This exception includes the HTTP Response code, an error message, and the HTTP body that was received in the request.

delete_users(body=None)[source]

Does a DELETE request to /public/users.

Only users from the same domain can be deleted by a single request. If the Cohesity user was created for an Active Directory user, the referenced principal user on the Active Directory domain is NOT deleted. Only the user on the Cohesity Cluster is deleted. Returns Success if the specified users are deleted.

Args:
body (UserDeleteParameters, optional): Request to delete one or

more users on the Cohesity Cluster.

Returns:

void: Response from the API. No Content

Raises:
APIException: When an error occurs while fetching the data from

the remote API. This exception includes the HTTP Response code, an error message, and the HTTP body that was received in the request.

get_all_user_api_keys(user_sids=None)[source]

Does a GET request to /public/usersApiKeys.

Fetch API keys across all users.

Args:
user_sids (list of string, optional): Specifies a list of user

sids.

Returns:

list of ApiKey: Response from the API. Success

Raises:
APIException: When an error occurs while fetching the data from

the remote API. This exception includes the HTTP Response code, an error message, and the HTTP body that was received in the request.

get_session_user()[source]

Does a GET request to /public/sessionUser.

Get the information of the logged in user.

Returns:

User: Response from the API. Success

Raises:
APIException: When an error occurs while fetching the data from

the remote API. This exception includes the HTTP Response code, an error message, and the HTTP body that was received in the request.

get_user_api_key_by_id(id, sid)[source]

Does a GET request to /public/users/{sid}/apiKeys/{id}.

Fetch an API key for user by its id.

Args:

id (string): Specifies the API key id. sid (string): Specifies the user sid.

Returns:

ApiKey: Response from the API. Success

Raises:
APIException: When an error occurs while fetching the data from

the remote API. This exception includes the HTTP Response code, an error message, and the HTTP body that was received in the request.

get_user_api_keys(sid, ids=None)[source]

Does a GET request to /public/users/{sid}/apiKeys.

Fetch API keys for user.

Args:

sid (string): Specifies the user sid. ids (list of string, optional): Specifies a list of API key ids.

Returns:
list of ApiKey: Response from the API. Get lock file status

response

Raises:
APIException: When an error occurs while fetching the data from

the remote API. This exception includes the HTTP Response code, an error message, and the HTTP body that was received in the request.

get_user_privileges()[source]

Does a GET request to /public/users/privileges.

List the privileges of the session user.

Returns:

list of string: Response from the API. Success

Raises:
APIException: When an error occurs while fetching the data from

the remote API. This exception includes the HTTP Response code, an error message, and the HTTP body that was received in the request.

get_users(tenant_ids=None, all_under_hierarchy=None, usernames=None, email_addresses=None, domain=None, partial_match=None)[source]

Does a GET request to /public/users.

If no parameters are specified, all users currently on the Cohesity Cluster are returned. Specifying parameters filters the results that are returned.

Args:
tenant_ids (list of string, optional): TenantIds contains ids of

the tenants for which objects are to be returned.

all_under_hierarchy (bool, optional): AllUnderHierarchy specifies

if objects of all the tenants under the hierarchy of the logged in user’s organization should be returned.

usernames (list of string, optional): Optionally specify a list of

usernames to filter by. All users containing username will be returned.

email_addresses (list of string, optional): Optionally specify a

list of email addresses to filter by.

domain (string, optional): Optionally specify a domain to filter

by. If no domain is specified, all users on the Cohesity Cluster are searched. If a domain is specified, only users on the Cohesity Cluster associated with that domain are searched.

partial_match (bool, optional): Optionally specify whether to

enable partial match. If set, all users with name containing Usernames will be returned. If set to false, only users with exact the same name as Usernames will be returned. By default this parameter is set to true.

Returns:

list of User: Response from the API. Success

Raises:
APIException: When an error occurs while fetching the data from

the remote API. This exception includes the HTTP Response code, an error message, and the HTTP body that was received in the request.

linux_support_user_bash_shell_access(body)[source]

Does a PUT request to /public/users/linuxSupportUserBashShellAccess.

Requests Linux ‘support’ user bash shell access.

Args:

body (LinuxSupportUserBashShellAccessReqParams): Request to update a View.

Returns:

LinuxSupportUserBashShellAccessResult: Response from the API. Success

Raises:
APIException: When an error occurs while fetching the data from

the remote API. This exception includes the HTTP Response code, an error message, and the HTTP body that was received in the request.

linux_support_user_sudo_access(body)[source]

Does a PUT request to /public/users/linuxSupportUserSudoAccess.

Requests Linux ‘support’ user sudo access.

Args:

body (LinuxSupportUserSudoAccessReqParams): Request to update a View.

Returns:

LinuxSupportUserSudoAccessResult: Response from the API. Success

Raises:
APIException: When an error occurs while fetching the data from

the remote API. This exception includes the HTTP Response code, an error message, and the HTTP body that was received in the request.

list_sources_for_principals(sids=None)[source]

Does a GET request to /public/principals/protectionSources.

From the passed in list principals (specified by SIDs), return the list of Protection Sources objects and View names that each principal has permission to access.

Args:
sids (list of string, optional): Specifies a list of security

identifiers (SIDs) that specify user or group principals.

Returns:

list of SourcesForSid: Response from the API. Success

Raises:
APIException: When an error occurs while fetching the data from

the remote API. This exception includes the HTTP Response code, an error message, and the HTTP body that was received in the request.

rotate_user_api_key(id, sid)[source]

Does a POST request to /public/users/{sid}/apiKeys/{id}/rotate.

Fetch an API key for user by its id.

Args:

sid (string): Specifies the user sid. id (string) Specifies the API key id.

Returns:

CreatedApiKey: Response from the API. Success

Raises:
APIException: When an error occurs while fetching the data from

the remote API. This exception includes the HTTP Response code, an error message, and the HTTP body that was received in the request.

search_principals(domain=None, object_class=None, search=None, sids=None, include_computers=None)[source]

Does a GET request to /public/principals/searchPrincipals.

Optionally, limit the search results by specifying security identifiers (SIDs), an object class (user or group) or a substring. You can specify SIDs or a substring but not both.

Args:
domain (string, optional): Specifies the domain name of the

principals to search. If specified the principals in that domain are searched. Domain could be an Active Directory domain joined by the Cluster or any one of the trusted domains of the Active Directory domain or the LOCAL domain. If not specified, all the domains are searched.

object_class (ObjectClassSearchPrincipalsEnum, optional):

Optionally filter by a principal object class such as ‘kGroup’ or ‘kUser’. If ‘kGroup’ is specified, only group principals are returned. If ‘kUser’ is specified, only user principals are returned. If not specified, both group and user principals are returned. ‘kUser’ specifies a user object class. ‘kGroup’ specifies a group object class. ‘kComputer’ specifies a computer object class. ‘kWellKnownPrincipal’ specifies a well known principal.

search (string, optional): Optionally filter by matching a

substring. Only principals in the with a name or sAMAccountName that matches part or all of the specified substring are returned. If specified, a ‘sids’ parameter should not be specified.

sids (list of string, optional): Optionally filter by a list of

security identifiers (SIDs) found in the specified domain. Only principals matching the specified SIDs are returned. If specified, a ‘search’ parameter should not be specified.

include_computers (bool, optional): Specifies if Computer/GMSA

accounts need to be included in this search.

Returns:

list of Principal: Response from the API. Success

Raises:
APIException: When an error occurs while fetching the data from

the remote API. This exception includes the HTTP Response code, an error message, and the HTTP body that was received in the request.

update_linux_credentials(body)[source]

Does a PUT request to /public/users/linuxPassword.

Update linux user password.

Args:

body (UpdateLinuxPasswordReqParams): Request to update a View.

Returns:

UpdateLinuxPasswordResult: Response from the API. Success

Raises:
APIException: When an error occurs while fetching the data from

the remote API. This exception includes the HTTP Response code, an error message, and the HTTP body that was received in the request.

update_sources_for_principals(body)[source]

Does a PUT request to /public/principals/protectionSources.

Specify the security identifier (SID) of the principal to grant access permissions for.

Args:
body (UpdateSourcesForPrincipalsParams): Request to set access

permissions to Protection Sources and Views for a principal.

Returns:

void: Response from the API. No Content

Raises:
APIException: When an error occurs while fetching the data from

the remote API. This exception includes the HTTP Response code, an error message, and the HTTP body that was received in the request.

update_user(body=None)[source]

Does a PUT request to /public/users.

Returns the user that was updated on the Cohesity Cluster.

Args:

body (User, optional): Request to update an existing user.

Returns:

User: Response from the API. Success

Raises:
APIException: When an error occurs while fetching the data from

the remote API. This exception includes the HTTP Response code, an error message, and the HTTP body that was received in the request.

update_user_api_key(sid, id, body)[source]

Does a PUT request to /public/users/{sid}/apiKeys/{id}.

Update an API key.

Args:

sid (string): Specifies the user sid. id (string): Specifies the API key id. body (UpdateApiKeyParams): Request to update an API key.

Returns:

CreatedApiKey: Response from the API. Success

Raises:
APIException: When an error occurs while fetching the data from

the remote API. This exception includes the HTTP Response code, an error message, and the HTTP body that was received in the request.