illumio v1.1.3

Version 1.1.3 (2023-02-10)

NEW FEATURES:

• add PolicyComputeEngine.set_tls_settings function to update verify and cert values for PCE requests session
• add PolicyComputeEngine.must_connect function to complement check_connection, raising the exception on failure rather than suppressing it

BUG FIXES:

• fix issue where PCE request could throw NoneType exception if incorrectly configured

illumio v1.1.2

Version 1.1.2 (2022-10-17)

BUG FIXES

• fix check_connection call to avoid 404s on some PCEs

NEW FEATURES

• add default timeout to PolicyComputeEngine requests session
  • add PolicyComputeEngine.set_timeout function to update timeout
• add _PCEAPIObject.get_by_name function as a convenience method for finding an exact name match

illumio v1.1.1

Version 1.1.1 (2022-09-02)

BUG FIXES:

• fix check_connection call to work with SaaS PCEs

illumio v1.1.0

Version 1.1.0 (2022-08-18)

NEW FEATURES:

• readthedocs documentation generated with Sphinx

  • API documentation
  • install guide
  • user guide
  • common use-cases
  • advanced usage

• add illumio.events module

  • adds /events PCE API endpoint

• add PolicyComputeEngine.get_default_service function

• added constant values to illumio.util.constants

  • ALL_SERVICES_NAME - default All Services Service object name
  • RESOLVE_AS_WORKLOADS - rule label resolution as workloads
  • RESOLVE_AS_VIRTUAL_SERVICES - rule label resolution as virtual services
  • ICMP_CODE_MAX - ICMP Code max value
  • ICMP_TYPE_MAX - ICMP Type max value

• add enumerations to illumio.util.constants

  • ApplyTo - enum in place of Virtual Service module constants
  • VENType - enum for VEN.ven_type field
  • ChangeType - enum for ResourceEvent.change_type field
  • EventSeverity - enum for BaseEvent.severity field
  • EventStatus - enum for BaseEvent.status field

• add illumio.util.jsonutils.Error dataclass to capture API error responses

IMPROVEMENTS:

• update illumio.rules.Rule.build function to use ['workloads'] as consumer/provider label resolution default
• broad improvements to pydoc
• add __all__ to all modules
• bug fixes and type hint improvements

illumio v1.0.4

Version 1.0.4 (2022-08-16)

BUG FIXES:

• add FirewallCoexistence object to fix decoded Workload.firewall_coexistence data type

illumio v1.0.3

Version 1.0.3 (2022-08-13)

NEW FEATURES:

• add PORT_MAX constant to util.constants
• add IllumioIntegerValidationException class
• add int validation helper function

IMPROVEMENTS:

• validate PolicyComputeEngine org_id and port values on init
• build URL for each request PolicyComputeEngine
• add private member vars for scheme/hostname/port/version
• update PolicyComputeEngine.check_connection to make a second call to validate org_id

illumio v1.0.2

Version 1.0.2 (2022-07-06)

IMPROVEMENTS:

• illumio.workloads.pairingprofile.PairingProfile - add custom encoder to enforce strict type checking for key_lifespan and allowed_uses_per_key fields
• improve unit and integration tests
  • illumio.policyobjects.service.Service - add unit test suite for /services API
• illumio.policyobjects.label.LabelSet - add custom equality function that ignores labels list ordering

illumio v1.0.1

Version 1.0.1 (2022-06-25)

NEW FEATURES:

• illumio.infrastructure.containercluster.ContainerWorkloadProfiles - add container clusters workload profiles API
• add stub for /users api
• make the include_org default configurable as a PolicyComputeEngine class attribute

IMPROVEMENTS:

• flesh out and document /container_clusters API
• move flatten_ref and resolve_enum functions to JSON encoding to avoid side-effects when creating JsonObject instances
• add sweeper module for integration test teardown
• add unit and integration tests for container clusters and workload profiles
• add unit tests to validate different request paths and include_org values

illumio v1.0.0

Version 1.0.0 (2022-06-16)

MAJOR CHANGES:

• change PolicyComputeEngine CRUD interfaces from static functions to a generic internal class (illumio.pce._PCEObjectAPI) that checks against dynamically registered endpoints

NEW FEATURES:

• CRUD operations for new model
  • illumio.pce._PCEObjectAPI::create
  • illumio.pce._PCEObjectAPI::get
  • illumio.pce._PCEObjectAPI::update
  • illumio.pce._PCEObjectAPI::delete
• illumio.pce._PCEObjectAPI::get_by_reference - given a type that can be decomposed in an HREF, get the single object it represents
• illumio.pce._PCEObjectAPI::get_async - async collection get
• illumio.pce._PCEObjectAPI::get_all - fetch all objects of the specified type by checking X-Total-Count
• add bulk operation functions
  • illumio.pce._PCEObjectAPI::bulk_create - can be used with workloads, virtual services, and security principals
  • illumio.pce._PCEObjectAPI::bulk_update - can be used with workloads and virtual services
  • illumio.pce._PCEObjectAPI::bulk_delete - can be used with workloads

REMOVED:

• illumio.util.constants.Mode - deprecated in PCE . replaced by illumio.util.constants.EnforcementMode in later versions of the PCE
• illumio.rules.Ruleset - renamed illumio.rules.RuleSet for internal consistency
• illumio.pce.PolicyComputeEngine functions
  • _get_policy_objects - change /sec_policy request behaviour for new functions to only return draft or active objects based on policy_version parameter
  • get_virtual_service - replaced by PolicyComputeEngine.virtual_services::get_by_reference
  • get_virtual_services - replaced by PolicyComputeEngine.virtual_services::get
  • get_virtual_services_by_name - deprecated in v0.8.0
  • create_virtual_service - replaced by PolicyComputeEngine.virtual_services::create
  • create_service_binding - deprecated in v0.8.2
  • create_service_bindings - replaced by PolicyComputeEngine.service_bindings::create
  • get_ip_list - replaced by PolicyComputeEngine.ip_lists::get_by_reference
  • get_ip_lists - replaced by PolicyComputeEngine.ip_lists::get
  • get_ip_lists_by_name - deprecated in v0.8.0
  • create_ip_list - replaced by PolicyComputeEngine.ip_lists::create
  • get_ruleset - replaced by PolicyComputeEngine.rule_sets::get_by_reference
  • get_rulesets - replaced by PolicyComputeEngine.rule_sets::get
  • get_rulesets_by_name - deprecated in v0.8.0
  • create_ruleset - replaced by PolicyComputeEngine.rule_sets::create
  • create_rule - replaced by PolicyComputeEngine.rules::create
  • get_enforcement_boundary - replaced by PolicyComputeEngine.enforcement_boundaries::get_by_reference
  • get_enforcement_boundaries - replaced by PolicyComputeEngine.enforcement_boundaries::get
  • get_enforcement_boundaries_by_name - deprecated in v0.8.0
  • create_enforcement_boundary - replaced by PolicyComputeEngine.enforcement_boundaries::create
  • get_pairing_profile - replaced by PolicyComputeEngine.pairing_profiles::get_by_reference
  • get_pairing_profiles - replaced by PolicyComputeEngine.pairing_profiles::get
  • get_pairing_profiles_by_name - deprecated in v0.8.0
  • create_pairing_profile - replaced by PolicyComputeEngine.pairing_profiles::create
  • update_pairing_profile - replaced by PolicyComputeEngine.pairing_profiles::update
  • delete_pairing_profile - replaced by PolicyComputeEngine.pairing_profiles::delete
  • get_workload - replaced by PolicyComputeEngine.workloads::get_by_reference
  • get_workloads - replaced by PolicyComputeEngine.workloads::get
  • update_workload_enforcement_modes - replaced with a more generic bulk_update
• illumio.util.jsonutils.ModifiableObject - changed name to MutableObject
• illumio.util.jsonutils.UnmodifiableObject - changed name to ImmutableObject

IMPROVEMENTS:

• update core JsonObject logic to perform type-based validation
• improve handling of reference types for JSON encoding
• improve URL building to be less strict
• improve tests and add integration test suite

NOTES:

• remove deprecation warning from illumio.util.functions::convert_protocol

illumio v0.8.4

Version 0.8.4 (2022-05-27)

• add CRUD operation functions for pairing profile objects to the PCE interface
• add pairing profile tests
• improve mock test scaffolding
• change IllumioEnum to metaclass and replace has_value with contains builtin