# Magic Transit ## Domain Types ### Health Check - `class HealthCheck: …` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[Target]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class TargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` ### Health Check Rate - `Literal["low", "mid", "high"]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` ### Health Check Type - `Literal["reply", "request"]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` # Apps ## List Apps `magic_transit.apps.list(AppListParams**kwargs) -> SyncSinglePage[AppListResponse]` **get** `/accounts/{account_id}/magic/apps` Lists Apps associated with an account. ### Parameters - `account_id: str` Identifier ### Returns - `AppListResponse` Collection of Hostnames and/or IP Subnets to associate with traffic decisions. - `class MagicAccountApp: …` Custom app defined for an account. - `account_app_id: str` Magic account app ID. - `hostnames: Optional[List[str]]` FQDNs to associate with traffic decisions. - `ip_subnets: Optional[List[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `name: Optional[str]` Display name for the app. - `source_subnets: Optional[List[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `type: Optional[str]` Category of the app. - `class MagicManagedApp: …` Managed app defined by Cloudflare. - `managed_app_id: str` Managed app ID. - `hostnames: Optional[List[str]]` FQDNs to associate with traffic decisions. - `ip_subnets: Optional[List[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `name: Optional[str]` Display name for the app. - `source_subnets: Optional[List[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `type: Optional[str]` Category of the app. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.magic_transit.apps.list( account_id="023e105f4ecef8ad9ca31a8372d0c353", ) page = page.result[0] print(page) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "account_app_id": "ac60d3d0435248289d446cedd870bcf4", "hostnames": [ "auth.cloudflare.com" ], "ip_subnets": [ "192.0.2.0/24" ], "name": "Cloudflare Dashboard", "source_subnets": [ "192.0.2.0/24" ], "type": "Development" } ], "success": true } ``` ## Create a new App `magic_transit.apps.create(AppCreateParams**kwargs) -> AppCreateResponse` **post** `/accounts/{account_id}/magic/apps` Creates a new App for an account ### Parameters - `account_id: str` Identifier - `name: str` Display name for the app. - `type: str` Category of the app. - `hostnames: Optional[SequenceNotStr[str]]` FQDNs to associate with traffic decisions. - `ip_subnets: Optional[SequenceNotStr[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `source_subnets: Optional[SequenceNotStr[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) ### Returns - `class AppCreateResponse: …` Custom app defined for an account. - `account_app_id: str` Magic account app ID. - `hostnames: Optional[List[str]]` FQDNs to associate with traffic decisions. - `ip_subnets: Optional[List[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `name: Optional[str]` Display name for the app. - `source_subnets: Optional[List[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `type: Optional[str]` Category of the app. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) app = client.magic_transit.apps.create( account_id="023e105f4ecef8ad9ca31a8372d0c353", name="Cloudflare Dashboard", type="Development", ) print(app.account_app_id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "account_app_id": "ac60d3d0435248289d446cedd870bcf4", "hostnames": [ "auth.cloudflare.com" ], "ip_subnets": [ "192.0.2.0/24" ], "name": "Cloudflare Dashboard", "source_subnets": [ "192.0.2.0/24" ], "type": "Development" }, "success": true } ``` ## Update an App `magic_transit.apps.update(straccount_app_id, AppUpdateParams**kwargs) -> AppUpdateResponse` **put** `/accounts/{account_id}/magic/apps/{account_app_id}` Updates an Account App ### Parameters - `account_id: str` Identifier - `account_app_id: str` Identifier - `hostnames: Optional[SequenceNotStr[str]]` FQDNs to associate with traffic decisions. - `ip_subnets: Optional[SequenceNotStr[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `name: Optional[str]` Display name for the app. - `source_subnets: Optional[SequenceNotStr[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `type: Optional[str]` Category of the app. ### Returns - `class AppUpdateResponse: …` Custom app defined for an account. - `account_app_id: str` Magic account app ID. - `hostnames: Optional[List[str]]` FQDNs to associate with traffic decisions. - `ip_subnets: Optional[List[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `name: Optional[str]` Display name for the app. - `source_subnets: Optional[List[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `type: Optional[str]` Category of the app. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) app = client.magic_transit.apps.update( account_app_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(app.account_app_id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "account_app_id": "ac60d3d0435248289d446cedd870bcf4", "hostnames": [ "auth.cloudflare.com" ], "ip_subnets": [ "192.0.2.0/24" ], "name": "Cloudflare Dashboard", "source_subnets": [ "192.0.2.0/24" ], "type": "Development" }, "success": true } ``` ## Update an App `magic_transit.apps.edit(straccount_app_id, AppEditParams**kwargs) -> AppEditResponse` **patch** `/accounts/{account_id}/magic/apps/{account_app_id}` Updates an Account App ### Parameters - `account_id: str` Identifier - `account_app_id: str` Identifier - `hostnames: Optional[SequenceNotStr[str]]` FQDNs to associate with traffic decisions. - `ip_subnets: Optional[SequenceNotStr[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `name: Optional[str]` Display name for the app. - `source_subnets: Optional[SequenceNotStr[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `type: Optional[str]` Category of the app. ### Returns - `class AppEditResponse: …` Custom app defined for an account. - `account_app_id: str` Magic account app ID. - `hostnames: Optional[List[str]]` FQDNs to associate with traffic decisions. - `ip_subnets: Optional[List[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `name: Optional[str]` Display name for the app. - `source_subnets: Optional[List[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `type: Optional[str]` Category of the app. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) response = client.magic_transit.apps.edit( account_app_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(response.account_app_id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "account_app_id": "ac60d3d0435248289d446cedd870bcf4", "hostnames": [ "auth.cloudflare.com" ], "ip_subnets": [ "192.0.2.0/24" ], "name": "Cloudflare Dashboard", "source_subnets": [ "192.0.2.0/24" ], "type": "Development" }, "success": true } ``` ## Delete Account App `magic_transit.apps.delete(straccount_app_id, AppDeleteParams**kwargs) -> AppDeleteResponse` **delete** `/accounts/{account_id}/magic/apps/{account_app_id}` Deletes specific Account App. ### Parameters - `account_id: str` Identifier - `account_app_id: str` Identifier ### Returns - `class AppDeleteResponse: …` Custom app defined for an account. - `account_app_id: str` Magic account app ID. - `hostnames: Optional[List[str]]` FQDNs to associate with traffic decisions. - `ip_subnets: Optional[List[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `name: Optional[str]` Display name for the app. - `source_subnets: Optional[List[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `type: Optional[str]` Category of the app. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) app = client.magic_transit.apps.delete( account_app_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(app.account_app_id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "account_app_id": "ac60d3d0435248289d446cedd870bcf4", "hostnames": [ "auth.cloudflare.com" ], "ip_subnets": [ "192.0.2.0/24" ], "name": "Cloudflare Dashboard", "source_subnets": [ "192.0.2.0/24" ], "type": "Development" }, "success": true } ``` ## Domain Types ### App List Response - `AppListResponse` Collection of Hostnames and/or IP Subnets to associate with traffic decisions. - `class MagicAccountApp: …` Custom app defined for an account. - `account_app_id: str` Magic account app ID. - `hostnames: Optional[List[str]]` FQDNs to associate with traffic decisions. - `ip_subnets: Optional[List[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `name: Optional[str]` Display name for the app. - `source_subnets: Optional[List[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `type: Optional[str]` Category of the app. - `class MagicManagedApp: …` Managed app defined by Cloudflare. - `managed_app_id: str` Managed app ID. - `hostnames: Optional[List[str]]` FQDNs to associate with traffic decisions. - `ip_subnets: Optional[List[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `name: Optional[str]` Display name for the app. - `source_subnets: Optional[List[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `type: Optional[str]` Category of the app. ### App Create Response - `class AppCreateResponse: …` Custom app defined for an account. - `account_app_id: str` Magic account app ID. - `hostnames: Optional[List[str]]` FQDNs to associate with traffic decisions. - `ip_subnets: Optional[List[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `name: Optional[str]` Display name for the app. - `source_subnets: Optional[List[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `type: Optional[str]` Category of the app. ### App Update Response - `class AppUpdateResponse: …` Custom app defined for an account. - `account_app_id: str` Magic account app ID. - `hostnames: Optional[List[str]]` FQDNs to associate with traffic decisions. - `ip_subnets: Optional[List[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `name: Optional[str]` Display name for the app. - `source_subnets: Optional[List[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `type: Optional[str]` Category of the app. ### App Edit Response - `class AppEditResponse: …` Custom app defined for an account. - `account_app_id: str` Magic account app ID. - `hostnames: Optional[List[str]]` FQDNs to associate with traffic decisions. - `ip_subnets: Optional[List[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `name: Optional[str]` Display name for the app. - `source_subnets: Optional[List[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `type: Optional[str]` Category of the app. ### App Delete Response - `class AppDeleteResponse: …` Custom app defined for an account. - `account_app_id: str` Magic account app ID. - `hostnames: Optional[List[str]]` FQDNs to associate with traffic decisions. - `ip_subnets: Optional[List[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `name: Optional[str]` Display name for the app. - `source_subnets: Optional[List[str]]` IPv4 CIDRs to associate with traffic decisions. (IPv6 CIDRs are currently unsupported) - `type: Optional[str]` Category of the app. # Cf Interconnects ## List interconnects `magic_transit.cf_interconnects.list(CfInterconnectListParams**kwargs) -> CfInterconnectListResponse` **get** `/accounts/{account_id}/magic/cf_interconnects` Lists interconnects associated with an account. ### Parameters - `account_id: str` Identifier - `x_magic_new_hc_target: Optional[bool]` ### Returns - `class CfInterconnectListResponse: …` - `interconnects: Optional[List[Interconnect]]` - `id: Optional[str]` Identifier - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `colo_name: Optional[str]` The name of the interconnect. The name cannot share a name with other tunnels. - `created_on: Optional[datetime]` The date and time the tunnel was created. - `description: Optional[str]` An optional description of the interconnect. - `gre: Optional[InterconnectGRE]` The configuration specific to GRE interconnects. - `cloudflare_endpoint: Optional[str]` The IP address assigned to the Cloudflare side of the GRE tunnel created as part of the Interconnect. - `health_check: Optional[HealthCheck]` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[Target]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class TargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address: Optional[str]` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `mtu: Optional[int]` The Maximum Transmission Unit (MTU) in bytes for the interconnect. The minimum value is 576. - `name: Optional[str]` The name of the interconnect. The name cannot share a name with other tunnels. - `virtual_port_reservation_id: Optional[str]` An identifier that correlates this interconnect with the corresponding V2 CNI interconnect resource. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) cf_interconnects = client.magic_transit.cf_interconnects.list( account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(cf_interconnects.interconnects) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "interconnects": [ { "id": "c4a7362d577a6c3019a474fd6f485821", "automatic_return_routing": true, "colo_name": "pni_ord", "created_on": "2017-06-14T00:00:00Z", "description": "Tunnel for Interconnect to ORD", "gre": { "cloudflare_endpoint": "203.0.113.1" }, "health_check": { "enabled": true, "rate": "low", "target": { "effective": "203.0.113.1", "saved": "203.0.113.1" }, "type": "request" }, "interface_address": "192.0.2.0/31", "interface_address6": "2606:54c1:7:0:a9fe:12d2:1:200/127", "modified_on": "2017-06-14T05:20:00Z", "mtu": 0, "name": "pni_ord", "virtual_port_reservation_id": "c4a7362d577a6c3019a474fd6f485821" } ] }, "success": true } ``` ## List interconnect Details `magic_transit.cf_interconnects.get(strcf_interconnect_id, CfInterconnectGetParams**kwargs) -> CfInterconnectGetResponse` **get** `/accounts/{account_id}/magic/cf_interconnects/{cf_interconnect_id}` Lists details for a specific interconnect. ### Parameters - `account_id: str` Identifier - `cf_interconnect_id: str` Identifier - `x_magic_new_hc_target: Optional[bool]` ### Returns - `class CfInterconnectGetResponse: …` - `interconnect: Optional[Interconnect]` - `id: Optional[str]` Identifier - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `colo_name: Optional[str]` The name of the interconnect. The name cannot share a name with other tunnels. - `created_on: Optional[datetime]` The date and time the tunnel was created. - `description: Optional[str]` An optional description of the interconnect. - `gre: Optional[InterconnectGRE]` The configuration specific to GRE interconnects. - `cloudflare_endpoint: Optional[str]` The IP address assigned to the Cloudflare side of the GRE tunnel created as part of the Interconnect. - `health_check: Optional[HealthCheck]` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[Target]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class TargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address: Optional[str]` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `mtu: Optional[int]` The Maximum Transmission Unit (MTU) in bytes for the interconnect. The minimum value is 576. - `name: Optional[str]` The name of the interconnect. The name cannot share a name with other tunnels. - `virtual_port_reservation_id: Optional[str]` An identifier that correlates this interconnect with the corresponding V2 CNI interconnect resource. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) cf_interconnect = client.magic_transit.cf_interconnects.get( cf_interconnect_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(cf_interconnect.interconnect) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "interconnect": { "id": "c4a7362d577a6c3019a474fd6f485821", "automatic_return_routing": true, "colo_name": "pni_ord", "created_on": "2017-06-14T00:00:00Z", "description": "Tunnel for Interconnect to ORD", "gre": { "cloudflare_endpoint": "203.0.113.1" }, "health_check": { "enabled": true, "rate": "low", "target": { "effective": "203.0.113.1", "saved": "203.0.113.1" }, "type": "request" }, "interface_address": "192.0.2.0/31", "interface_address6": "2606:54c1:7:0:a9fe:12d2:1:200/127", "modified_on": "2017-06-14T05:20:00Z", "mtu": 0, "name": "pni_ord", "virtual_port_reservation_id": "c4a7362d577a6c3019a474fd6f485821" } }, "success": true } ``` ## Update interconnect `magic_transit.cf_interconnects.update(strcf_interconnect_id, CfInterconnectUpdateParams**kwargs) -> CfInterconnectUpdateResponse` **put** `/accounts/{account_id}/magic/cf_interconnects/{cf_interconnect_id}` Updates a specific interconnect associated with an account. Use `?validate_only=true` as an optional query parameter to only run validation without persisting changes. ### Parameters - `account_id: str` Identifier - `cf_interconnect_id: str` Identifier - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `description: Optional[str]` An optional description of the interconnect. - `gre: Optional[GRE]` The configuration specific to GRE interconnects. - `cloudflare_endpoint: Optional[str]` The IP address assigned to the Cloudflare side of the GRE tunnel created as part of the Interconnect. - `health_check: Optional[HealthCheckParam]` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[Target]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class TargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address: Optional[str]` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `mtu: Optional[int]` The Maximum Transmission Unit (MTU) in bytes for the interconnect. The minimum value is 576. - `name: Optional[str]` The name of the interconnect. The name cannot share a name with other tunnels. - `x_magic_new_hc_target: Optional[bool]` ### Returns - `class CfInterconnectUpdateResponse: …` - `modified: Optional[bool]` - `modified_interconnect: Optional[ModifiedInterconnect]` - `id: Optional[str]` Identifier - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `colo_name: Optional[str]` The name of the interconnect. The name cannot share a name with other tunnels. - `created_on: Optional[datetime]` The date and time the tunnel was created. - `description: Optional[str]` An optional description of the interconnect. - `gre: Optional[ModifiedInterconnectGRE]` The configuration specific to GRE interconnects. - `cloudflare_endpoint: Optional[str]` The IP address assigned to the Cloudflare side of the GRE tunnel created as part of the Interconnect. - `health_check: Optional[HealthCheck]` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[Target]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class TargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address: Optional[str]` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `mtu: Optional[int]` The Maximum Transmission Unit (MTU) in bytes for the interconnect. The minimum value is 576. - `name: Optional[str]` The name of the interconnect. The name cannot share a name with other tunnels. - `virtual_port_reservation_id: Optional[str]` An identifier that correlates this interconnect with the corresponding V2 CNI interconnect resource. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) cf_interconnect = client.magic_transit.cf_interconnects.update( cf_interconnect_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(cf_interconnect.modified) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "modified": true, "modified_interconnect": { "id": "c4a7362d577a6c3019a474fd6f485821", "automatic_return_routing": true, "colo_name": "pni_ord", "created_on": "2017-06-14T00:00:00Z", "description": "Tunnel for Interconnect to ORD", "gre": { "cloudflare_endpoint": "203.0.113.1" }, "health_check": { "enabled": true, "rate": "low", "target": { "effective": "203.0.113.1", "saved": "203.0.113.1" }, "type": "request" }, "interface_address": "192.0.2.0/31", "interface_address6": "2606:54c1:7:0:a9fe:12d2:1:200/127", "modified_on": "2017-06-14T05:20:00Z", "mtu": 0, "name": "pni_ord", "virtual_port_reservation_id": "c4a7362d577a6c3019a474fd6f485821" } }, "success": true } ``` ## Update multiple interconnects `magic_transit.cf_interconnects.bulk_update(CfInterconnectBulkUpdateParams**kwargs) -> CfInterconnectBulkUpdateResponse` **put** `/accounts/{account_id}/magic/cf_interconnects` Updates multiple interconnects associated with an account. Use `?validate_only=true` as an optional query parameter to only run validation without persisting changes. ### Parameters - `account_id: str` Identifier - `body: object` - `x_magic_new_hc_target: Optional[bool]` ### Returns - `class CfInterconnectBulkUpdateResponse: …` - `modified: Optional[bool]` - `modified_interconnects: Optional[List[ModifiedInterconnect]]` - `id: Optional[str]` Identifier - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `colo_name: Optional[str]` The name of the interconnect. The name cannot share a name with other tunnels. - `created_on: Optional[datetime]` The date and time the tunnel was created. - `description: Optional[str]` An optional description of the interconnect. - `gre: Optional[ModifiedInterconnectGRE]` The configuration specific to GRE interconnects. - `cloudflare_endpoint: Optional[str]` The IP address assigned to the Cloudflare side of the GRE tunnel created as part of the Interconnect. - `health_check: Optional[HealthCheck]` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[Target]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class TargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address: Optional[str]` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `mtu: Optional[int]` The Maximum Transmission Unit (MTU) in bytes for the interconnect. The minimum value is 576. - `name: Optional[str]` The name of the interconnect. The name cannot share a name with other tunnels. - `virtual_port_reservation_id: Optional[str]` An identifier that correlates this interconnect with the corresponding V2 CNI interconnect resource. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) response = client.magic_transit.cf_interconnects.bulk_update( account_id="023e105f4ecef8ad9ca31a8372d0c353", body={}, ) print(response.modified) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "modified": true, "modified_interconnects": [ { "id": "c4a7362d577a6c3019a474fd6f485821", "automatic_return_routing": true, "colo_name": "pni_ord", "created_on": "2017-06-14T00:00:00Z", "description": "Tunnel for Interconnect to ORD", "gre": { "cloudflare_endpoint": "203.0.113.1" }, "health_check": { "enabled": true, "rate": "low", "target": { "effective": "203.0.113.1", "saved": "203.0.113.1" }, "type": "request" }, "interface_address": "192.0.2.0/31", "interface_address6": "2606:54c1:7:0:a9fe:12d2:1:200/127", "modified_on": "2017-06-14T05:20:00Z", "mtu": 0, "name": "pni_ord", "virtual_port_reservation_id": "c4a7362d577a6c3019a474fd6f485821" } ] }, "success": true } ``` ## Domain Types ### Cf Interconnect List Response - `class CfInterconnectListResponse: …` - `interconnects: Optional[List[Interconnect]]` - `id: Optional[str]` Identifier - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `colo_name: Optional[str]` The name of the interconnect. The name cannot share a name with other tunnels. - `created_on: Optional[datetime]` The date and time the tunnel was created. - `description: Optional[str]` An optional description of the interconnect. - `gre: Optional[InterconnectGRE]` The configuration specific to GRE interconnects. - `cloudflare_endpoint: Optional[str]` The IP address assigned to the Cloudflare side of the GRE tunnel created as part of the Interconnect. - `health_check: Optional[HealthCheck]` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[Target]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class TargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address: Optional[str]` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `mtu: Optional[int]` The Maximum Transmission Unit (MTU) in bytes for the interconnect. The minimum value is 576. - `name: Optional[str]` The name of the interconnect. The name cannot share a name with other tunnels. - `virtual_port_reservation_id: Optional[str]` An identifier that correlates this interconnect with the corresponding V2 CNI interconnect resource. ### Cf Interconnect Get Response - `class CfInterconnectGetResponse: …` - `interconnect: Optional[Interconnect]` - `id: Optional[str]` Identifier - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `colo_name: Optional[str]` The name of the interconnect. The name cannot share a name with other tunnels. - `created_on: Optional[datetime]` The date and time the tunnel was created. - `description: Optional[str]` An optional description of the interconnect. - `gre: Optional[InterconnectGRE]` The configuration specific to GRE interconnects. - `cloudflare_endpoint: Optional[str]` The IP address assigned to the Cloudflare side of the GRE tunnel created as part of the Interconnect. - `health_check: Optional[HealthCheck]` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[Target]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class TargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address: Optional[str]` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `mtu: Optional[int]` The Maximum Transmission Unit (MTU) in bytes for the interconnect. The minimum value is 576. - `name: Optional[str]` The name of the interconnect. The name cannot share a name with other tunnels. - `virtual_port_reservation_id: Optional[str]` An identifier that correlates this interconnect with the corresponding V2 CNI interconnect resource. ### Cf Interconnect Update Response - `class CfInterconnectUpdateResponse: …` - `modified: Optional[bool]` - `modified_interconnect: Optional[ModifiedInterconnect]` - `id: Optional[str]` Identifier - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `colo_name: Optional[str]` The name of the interconnect. The name cannot share a name with other tunnels. - `created_on: Optional[datetime]` The date and time the tunnel was created. - `description: Optional[str]` An optional description of the interconnect. - `gre: Optional[ModifiedInterconnectGRE]` The configuration specific to GRE interconnects. - `cloudflare_endpoint: Optional[str]` The IP address assigned to the Cloudflare side of the GRE tunnel created as part of the Interconnect. - `health_check: Optional[HealthCheck]` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[Target]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class TargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address: Optional[str]` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `mtu: Optional[int]` The Maximum Transmission Unit (MTU) in bytes for the interconnect. The minimum value is 576. - `name: Optional[str]` The name of the interconnect. The name cannot share a name with other tunnels. - `virtual_port_reservation_id: Optional[str]` An identifier that correlates this interconnect with the corresponding V2 CNI interconnect resource. ### Cf Interconnect Bulk Update Response - `class CfInterconnectBulkUpdateResponse: …` - `modified: Optional[bool]` - `modified_interconnects: Optional[List[ModifiedInterconnect]]` - `id: Optional[str]` Identifier - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `colo_name: Optional[str]` The name of the interconnect. The name cannot share a name with other tunnels. - `created_on: Optional[datetime]` The date and time the tunnel was created. - `description: Optional[str]` An optional description of the interconnect. - `gre: Optional[ModifiedInterconnectGRE]` The configuration specific to GRE interconnects. - `cloudflare_endpoint: Optional[str]` The IP address assigned to the Cloudflare side of the GRE tunnel created as part of the Interconnect. - `health_check: Optional[HealthCheck]` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[Target]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class TargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address: Optional[str]` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `mtu: Optional[int]` The Maximum Transmission Unit (MTU) in bytes for the interconnect. The minimum value is 576. - `name: Optional[str]` The name of the interconnect. The name cannot share a name with other tunnels. - `virtual_port_reservation_id: Optional[str]` An identifier that correlates this interconnect with the corresponding V2 CNI interconnect resource. # GRE Tunnels ## List GRE tunnels `magic_transit.gre_tunnels.list(GRETunnelListParams**kwargs) -> GRETunnelListResponse` **get** `/accounts/{account_id}/magic/gre_tunnels` Lists GRE tunnels associated with an account. ### Parameters - `account_id: str` Identifier - `x_magic_new_hc_target: Optional[bool]` ### Returns - `class GRETunnelListResponse: …` - `gre_tunnels: Optional[List[GRETunnel]]` - `id: str` Identifier - `cloudflare_gre_endpoint: str` The IP address assigned to the Cloudflare side of the GRE tunnel. - `customer_gre_endpoint: str` The IP address assigned to the customer side of the GRE tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the tunnel. The name cannot contain spaces or special characters, must be 15 characters or less, and cannot share a name with another GRE tunnel. - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[GRETunnelBGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[List[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `bgp_status: Optional[GRETunnelBGPStatus]` - `state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]` - `"BGP_DOWN"` - `"BGP_UP"` - `"BGP_ESTABLISHING"` - `tcp_established: bool` - `updated_at: datetime` - `bgp_state: Optional[str]` - `cf_speaker_ip: Optional[str]` - `cf_speaker_port: Optional[int]` - `customer_speaker_ip: Optional[str]` - `customer_speaker_port: Optional[int]` - `created_on: Optional[datetime]` The date and time the tunnel was created. - `description: Optional[str]` An optional description of the GRE tunnel. - `health_check: Optional[GRETunnelHealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[GRETunnelHealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class GRETunnelHealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `mtu: Optional[int]` Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. The minimum value is 576. - `ttl: Optional[int]` Time To Live (TTL) in number of hops of the GRE tunnel. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) gre_tunnels = client.magic_transit.gre_tunnels.list( account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(gre_tunnels.gre_tunnels) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "gre_tunnels": [ { "id": "c4a7362d577a6c3019a474fd6f485821", "cloudflare_gre_endpoint": "203.0.113.1", "customer_gre_endpoint": "203.0.113.1", "interface_address": "192.0.2.0/31", "name": "GRE_1", "automatic_return_routing": true, "bgp": { "customer_asn": 0, "extra_prefixes": [ "string" ], "md5_key": "md5_key" }, "bgp_status": { "state": "BGP_DOWN", "tcp_established": true, "updated_at": "2019-12-27T18:11:19.117Z", "bgp_state": "bgp_state", "cf_speaker_ip": "192.168.1.1", "cf_speaker_port": 1, "customer_speaker_ip": "192.168.1.1", "customer_speaker_port": 1 }, "created_on": "2017-06-14T00:00:00Z", "description": "Tunnel for ISP X", "health_check": { "direction": "bidirectional", "enabled": true, "rate": "low", "target": { "effective": "203.0.113.1", "saved": "203.0.113.1" }, "type": "request" }, "interface_address6": "2606:54c1:7:0:a9fe:12d2:1:200/127", "modified_on": "2017-06-14T05:20:00Z", "mtu": 0, "ttl": 0 } ] }, "success": true } ``` ## List GRE Tunnel Details `magic_transit.gre_tunnels.get(strgre_tunnel_id, GRETunnelGetParams**kwargs) -> GRETunnelGetResponse` **get** `/accounts/{account_id}/magic/gre_tunnels/{gre_tunnel_id}` Lists informtion for a specific GRE tunnel. ### Parameters - `account_id: str` Identifier - `gre_tunnel_id: str` Identifier - `x_magic_new_hc_target: Optional[bool]` ### Returns - `class GRETunnelGetResponse: …` - `gre_tunnel: Optional[GRETunnel]` - `id: str` Identifier - `cloudflare_gre_endpoint: str` The IP address assigned to the Cloudflare side of the GRE tunnel. - `customer_gre_endpoint: str` The IP address assigned to the customer side of the GRE tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the tunnel. The name cannot contain spaces or special characters, must be 15 characters or less, and cannot share a name with another GRE tunnel. - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[GRETunnelBGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[List[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `bgp_status: Optional[GRETunnelBGPStatus]` - `state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]` - `"BGP_DOWN"` - `"BGP_UP"` - `"BGP_ESTABLISHING"` - `tcp_established: bool` - `updated_at: datetime` - `bgp_state: Optional[str]` - `cf_speaker_ip: Optional[str]` - `cf_speaker_port: Optional[int]` - `customer_speaker_ip: Optional[str]` - `customer_speaker_port: Optional[int]` - `created_on: Optional[datetime]` The date and time the tunnel was created. - `description: Optional[str]` An optional description of the GRE tunnel. - `health_check: Optional[GRETunnelHealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[GRETunnelHealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class GRETunnelHealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `mtu: Optional[int]` Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. The minimum value is 576. - `ttl: Optional[int]` Time To Live (TTL) in number of hops of the GRE tunnel. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) gre_tunnel = client.magic_transit.gre_tunnels.get( gre_tunnel_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(gre_tunnel.gre_tunnel) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "gre_tunnel": { "id": "c4a7362d577a6c3019a474fd6f485821", "cloudflare_gre_endpoint": "203.0.113.1", "customer_gre_endpoint": "203.0.113.1", "interface_address": "192.0.2.0/31", "name": "GRE_1", "automatic_return_routing": true, "bgp": { "customer_asn": 0, "extra_prefixes": [ "string" ], "md5_key": "md5_key" }, "bgp_status": { "state": "BGP_DOWN", "tcp_established": true, "updated_at": "2019-12-27T18:11:19.117Z", "bgp_state": "bgp_state", "cf_speaker_ip": "192.168.1.1", "cf_speaker_port": 1, "customer_speaker_ip": "192.168.1.1", "customer_speaker_port": 1 }, "created_on": "2017-06-14T00:00:00Z", "description": "Tunnel for ISP X", "health_check": { "direction": "bidirectional", "enabled": true, "rate": "low", "target": { "effective": "203.0.113.1", "saved": "203.0.113.1" }, "type": "request" }, "interface_address6": "2606:54c1:7:0:a9fe:12d2:1:200/127", "modified_on": "2017-06-14T05:20:00Z", "mtu": 0, "ttl": 0 } }, "success": true } ``` ## Create a GRE tunnel `magic_transit.gre_tunnels.create(GRETunnelCreateParams**kwargs) -> GRETunnelCreateResponse` **post** `/accounts/{account_id}/magic/gre_tunnels` Creates a new GRE tunnel. Use `?validate_only=true` as an optional query parameter to only run validation without persisting changes. ### Parameters - `account_id: str` Identifier - `cloudflare_gre_endpoint: str` The IP address assigned to the Cloudflare side of the GRE tunnel. - `customer_gre_endpoint: str` The IP address assigned to the customer side of the GRE tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the tunnel. The name cannot contain spaces or special characters, must be 15 characters or less, and cannot share a name with another GRE tunnel. - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[BGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[SequenceNotStr[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `description: Optional[str]` An optional description of the GRE tunnel. - `health_check: Optional[HealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[HealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class HealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `mtu: Optional[int]` Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. The minimum value is 576. - `ttl: Optional[int]` Time To Live (TTL) in number of hops of the GRE tunnel. - `x_magic_new_hc_target: Optional[bool]` ### Returns - `class GRETunnelCreateResponse: …` - `id: str` Identifier - `cloudflare_gre_endpoint: str` The IP address assigned to the Cloudflare side of the GRE tunnel. - `customer_gre_endpoint: str` The IP address assigned to the customer side of the GRE tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the tunnel. The name cannot contain spaces or special characters, must be 15 characters or less, and cannot share a name with another GRE tunnel. - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[BGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[List[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `bgp_status: Optional[BGPStatus]` - `state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]` - `"BGP_DOWN"` - `"BGP_UP"` - `"BGP_ESTABLISHING"` - `tcp_established: bool` - `updated_at: datetime` - `bgp_state: Optional[str]` - `cf_speaker_ip: Optional[str]` - `cf_speaker_port: Optional[int]` - `customer_speaker_ip: Optional[str]` - `customer_speaker_port: Optional[int]` - `created_on: Optional[datetime]` The date and time the tunnel was created. - `description: Optional[str]` An optional description of the GRE tunnel. - `health_check: Optional[HealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[HealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class HealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `mtu: Optional[int]` Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. The minimum value is 576. - `ttl: Optional[int]` Time To Live (TTL) in number of hops of the GRE tunnel. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) gre_tunnel = client.magic_transit.gre_tunnels.create( account_id="023e105f4ecef8ad9ca31a8372d0c353", cloudflare_gre_endpoint="203.0.113.1", customer_gre_endpoint="203.0.113.1", interface_address="192.0.2.0/31", name="GRE_1", ) print(gre_tunnel.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "c4a7362d577a6c3019a474fd6f485821", "cloudflare_gre_endpoint": "203.0.113.1", "customer_gre_endpoint": "203.0.113.1", "interface_address": "192.0.2.0/31", "name": "GRE_1", "automatic_return_routing": true, "bgp": { "customer_asn": 0, "extra_prefixes": [ "string" ], "md5_key": "md5_key" }, "bgp_status": { "state": "BGP_DOWN", "tcp_established": true, "updated_at": "2019-12-27T18:11:19.117Z", "bgp_state": "bgp_state", "cf_speaker_ip": "192.168.1.1", "cf_speaker_port": 1, "customer_speaker_ip": "192.168.1.1", "customer_speaker_port": 1 }, "created_on": "2017-06-14T00:00:00Z", "description": "Tunnel for ISP X", "health_check": { "direction": "bidirectional", "enabled": true, "rate": "low", "target": { "effective": "203.0.113.1", "saved": "203.0.113.1" }, "type": "request" }, "interface_address6": "2606:54c1:7:0:a9fe:12d2:1:200/127", "modified_on": "2017-06-14T05:20:00Z", "mtu": 0, "ttl": 0 }, "success": true } ``` ## Update GRE Tunnel `magic_transit.gre_tunnels.update(strgre_tunnel_id, GRETunnelUpdateParams**kwargs) -> GRETunnelUpdateResponse` **put** `/accounts/{account_id}/magic/gre_tunnels/{gre_tunnel_id}` Updates a specific GRE tunnel. Use `?validate_only=true` as an optional query parameter to only run validation without persisting changes. ### Parameters - `account_id: str` Identifier - `gre_tunnel_id: str` Identifier - `cloudflare_gre_endpoint: str` The IP address assigned to the Cloudflare side of the GRE tunnel. - `customer_gre_endpoint: str` The IP address assigned to the customer side of the GRE tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the tunnel. The name cannot contain spaces or special characters, must be 15 characters or less, and cannot share a name with another GRE tunnel. - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `description: Optional[str]` An optional description of the GRE tunnel. - `health_check: Optional[HealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[HealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class HealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `mtu: Optional[int]` Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. The minimum value is 576. - `ttl: Optional[int]` Time To Live (TTL) in number of hops of the GRE tunnel. - `x_magic_new_hc_target: Optional[bool]` ### Returns - `class GRETunnelUpdateResponse: …` - `modified: Optional[bool]` - `modified_gre_tunnel: Optional[ModifiedGRETunnel]` - `id: str` Identifier - `cloudflare_gre_endpoint: str` The IP address assigned to the Cloudflare side of the GRE tunnel. - `customer_gre_endpoint: str` The IP address assigned to the customer side of the GRE tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the tunnel. The name cannot contain spaces or special characters, must be 15 characters or less, and cannot share a name with another GRE tunnel. - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[ModifiedGRETunnelBGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[List[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `bgp_status: Optional[ModifiedGRETunnelBGPStatus]` - `state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]` - `"BGP_DOWN"` - `"BGP_UP"` - `"BGP_ESTABLISHING"` - `tcp_established: bool` - `updated_at: datetime` - `bgp_state: Optional[str]` - `cf_speaker_ip: Optional[str]` - `cf_speaker_port: Optional[int]` - `customer_speaker_ip: Optional[str]` - `customer_speaker_port: Optional[int]` - `created_on: Optional[datetime]` The date and time the tunnel was created. - `description: Optional[str]` An optional description of the GRE tunnel. - `health_check: Optional[ModifiedGRETunnelHealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[ModifiedGRETunnelHealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class ModifiedGRETunnelHealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `mtu: Optional[int]` Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. The minimum value is 576. - `ttl: Optional[int]` Time To Live (TTL) in number of hops of the GRE tunnel. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) gre_tunnel = client.magic_transit.gre_tunnels.update( gre_tunnel_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", cloudflare_gre_endpoint="203.0.113.1", customer_gre_endpoint="203.0.113.1", interface_address="192.0.2.0/31", name="GRE_1", ) print(gre_tunnel.modified) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "modified": true, "modified_gre_tunnel": { "id": "c4a7362d577a6c3019a474fd6f485821", "cloudflare_gre_endpoint": "203.0.113.1", "customer_gre_endpoint": "203.0.113.1", "interface_address": "192.0.2.0/31", "name": "GRE_1", "automatic_return_routing": true, "bgp": { "customer_asn": 0, "extra_prefixes": [ "string" ], "md5_key": "md5_key" }, "bgp_status": { "state": "BGP_DOWN", "tcp_established": true, "updated_at": "2019-12-27T18:11:19.117Z", "bgp_state": "bgp_state", "cf_speaker_ip": "192.168.1.1", "cf_speaker_port": 1, "customer_speaker_ip": "192.168.1.1", "customer_speaker_port": 1 }, "created_on": "2017-06-14T00:00:00Z", "description": "Tunnel for ISP X", "health_check": { "direction": "bidirectional", "enabled": true, "rate": "low", "target": { "effective": "203.0.113.1", "saved": "203.0.113.1" }, "type": "request" }, "interface_address6": "2606:54c1:7:0:a9fe:12d2:1:200/127", "modified_on": "2017-06-14T05:20:00Z", "mtu": 0, "ttl": 0 } }, "success": true } ``` ## Delete GRE Tunnel `magic_transit.gre_tunnels.delete(strgre_tunnel_id, GRETunnelDeleteParams**kwargs) -> GRETunnelDeleteResponse` **delete** `/accounts/{account_id}/magic/gre_tunnels/{gre_tunnel_id}` Disables and removes a specific static GRE tunnel. Use `?validate_only=true` as an optional query parameter to only run validation without persisting changes. ### Parameters - `account_id: str` Identifier - `gre_tunnel_id: str` Identifier - `x_magic_new_hc_target: Optional[bool]` ### Returns - `class GRETunnelDeleteResponse: …` - `deleted: Optional[bool]` - `deleted_gre_tunnel: Optional[DeletedGRETunnel]` - `id: str` Identifier - `cloudflare_gre_endpoint: str` The IP address assigned to the Cloudflare side of the GRE tunnel. - `customer_gre_endpoint: str` The IP address assigned to the customer side of the GRE tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the tunnel. The name cannot contain spaces or special characters, must be 15 characters or less, and cannot share a name with another GRE tunnel. - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[DeletedGRETunnelBGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[List[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `bgp_status: Optional[DeletedGRETunnelBGPStatus]` - `state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]` - `"BGP_DOWN"` - `"BGP_UP"` - `"BGP_ESTABLISHING"` - `tcp_established: bool` - `updated_at: datetime` - `bgp_state: Optional[str]` - `cf_speaker_ip: Optional[str]` - `cf_speaker_port: Optional[int]` - `customer_speaker_ip: Optional[str]` - `customer_speaker_port: Optional[int]` - `created_on: Optional[datetime]` The date and time the tunnel was created. - `description: Optional[str]` An optional description of the GRE tunnel. - `health_check: Optional[DeletedGRETunnelHealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[DeletedGRETunnelHealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class DeletedGRETunnelHealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `mtu: Optional[int]` Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. The minimum value is 576. - `ttl: Optional[int]` Time To Live (TTL) in number of hops of the GRE tunnel. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) gre_tunnel = client.magic_transit.gre_tunnels.delete( gre_tunnel_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(gre_tunnel.deleted) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "deleted": true, "deleted_gre_tunnel": { "id": "c4a7362d577a6c3019a474fd6f485821", "cloudflare_gre_endpoint": "203.0.113.1", "customer_gre_endpoint": "203.0.113.1", "interface_address": "192.0.2.0/31", "name": "GRE_1", "automatic_return_routing": true, "bgp": { "customer_asn": 0, "extra_prefixes": [ "string" ], "md5_key": "md5_key" }, "bgp_status": { "state": "BGP_DOWN", "tcp_established": true, "updated_at": "2019-12-27T18:11:19.117Z", "bgp_state": "bgp_state", "cf_speaker_ip": "192.168.1.1", "cf_speaker_port": 1, "customer_speaker_ip": "192.168.1.1", "customer_speaker_port": 1 }, "created_on": "2017-06-14T00:00:00Z", "description": "Tunnel for ISP X", "health_check": { "direction": "bidirectional", "enabled": true, "rate": "low", "target": { "effective": "203.0.113.1", "saved": "203.0.113.1" }, "type": "request" }, "interface_address6": "2606:54c1:7:0:a9fe:12d2:1:200/127", "modified_on": "2017-06-14T05:20:00Z", "mtu": 0, "ttl": 0 } }, "success": true } ``` ## Update multiple GRE tunnels `magic_transit.gre_tunnels.bulk_update(GRETunnelBulkUpdateParams**kwargs) -> GRETunnelBulkUpdateResponse` **put** `/accounts/{account_id}/magic/gre_tunnels` Updates multiple GRE tunnels. Use `?validate_only=true` as an optional query parameter to only run validation without persisting changes. ### Parameters - `account_id: str` Identifier - `body: object` - `x_magic_new_hc_target: Optional[bool]` ### Returns - `class GRETunnelBulkUpdateResponse: …` - `modified: Optional[bool]` - `modified_gre_tunnels: Optional[List[ModifiedGRETunnel]]` - `id: str` Identifier - `cloudflare_gre_endpoint: str` The IP address assigned to the Cloudflare side of the GRE tunnel. - `customer_gre_endpoint: str` The IP address assigned to the customer side of the GRE tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the tunnel. The name cannot contain spaces or special characters, must be 15 characters or less, and cannot share a name with another GRE tunnel. - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[ModifiedGRETunnelBGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[List[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `bgp_status: Optional[ModifiedGRETunnelBGPStatus]` - `state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]` - `"BGP_DOWN"` - `"BGP_UP"` - `"BGP_ESTABLISHING"` - `tcp_established: bool` - `updated_at: datetime` - `bgp_state: Optional[str]` - `cf_speaker_ip: Optional[str]` - `cf_speaker_port: Optional[int]` - `customer_speaker_ip: Optional[str]` - `customer_speaker_port: Optional[int]` - `created_on: Optional[datetime]` The date and time the tunnel was created. - `description: Optional[str]` An optional description of the GRE tunnel. - `health_check: Optional[ModifiedGRETunnelHealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[ModifiedGRETunnelHealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class ModifiedGRETunnelHealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `mtu: Optional[int]` Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. The minimum value is 576. - `ttl: Optional[int]` Time To Live (TTL) in number of hops of the GRE tunnel. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) response = client.magic_transit.gre_tunnels.bulk_update( account_id="023e105f4ecef8ad9ca31a8372d0c353", body={}, ) print(response.modified) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "modified": true, "modified_gre_tunnels": [ { "id": "c4a7362d577a6c3019a474fd6f485821", "cloudflare_gre_endpoint": "203.0.113.1", "customer_gre_endpoint": "203.0.113.1", "interface_address": "192.0.2.0/31", "name": "GRE_1", "automatic_return_routing": true, "bgp": { "customer_asn": 0, "extra_prefixes": [ "string" ], "md5_key": "md5_key" }, "bgp_status": { "state": "BGP_DOWN", "tcp_established": true, "updated_at": "2019-12-27T18:11:19.117Z", "bgp_state": "bgp_state", "cf_speaker_ip": "192.168.1.1", "cf_speaker_port": 1, "customer_speaker_ip": "192.168.1.1", "customer_speaker_port": 1 }, "created_on": "2017-06-14T00:00:00Z", "description": "Tunnel for ISP X", "health_check": { "direction": "bidirectional", "enabled": true, "rate": "low", "target": { "effective": "203.0.113.1", "saved": "203.0.113.1" }, "type": "request" }, "interface_address6": "2606:54c1:7:0:a9fe:12d2:1:200/127", "modified_on": "2017-06-14T05:20:00Z", "mtu": 0, "ttl": 0 } ] }, "success": true } ``` ## Domain Types ### GRE Tunnel List Response - `class GRETunnelListResponse: …` - `gre_tunnels: Optional[List[GRETunnel]]` - `id: str` Identifier - `cloudflare_gre_endpoint: str` The IP address assigned to the Cloudflare side of the GRE tunnel. - `customer_gre_endpoint: str` The IP address assigned to the customer side of the GRE tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the tunnel. The name cannot contain spaces or special characters, must be 15 characters or less, and cannot share a name with another GRE tunnel. - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[GRETunnelBGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[List[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `bgp_status: Optional[GRETunnelBGPStatus]` - `state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]` - `"BGP_DOWN"` - `"BGP_UP"` - `"BGP_ESTABLISHING"` - `tcp_established: bool` - `updated_at: datetime` - `bgp_state: Optional[str]` - `cf_speaker_ip: Optional[str]` - `cf_speaker_port: Optional[int]` - `customer_speaker_ip: Optional[str]` - `customer_speaker_port: Optional[int]` - `created_on: Optional[datetime]` The date and time the tunnel was created. - `description: Optional[str]` An optional description of the GRE tunnel. - `health_check: Optional[GRETunnelHealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[GRETunnelHealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class GRETunnelHealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `mtu: Optional[int]` Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. The minimum value is 576. - `ttl: Optional[int]` Time To Live (TTL) in number of hops of the GRE tunnel. ### GRE Tunnel Get Response - `class GRETunnelGetResponse: …` - `gre_tunnel: Optional[GRETunnel]` - `id: str` Identifier - `cloudflare_gre_endpoint: str` The IP address assigned to the Cloudflare side of the GRE tunnel. - `customer_gre_endpoint: str` The IP address assigned to the customer side of the GRE tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the tunnel. The name cannot contain spaces or special characters, must be 15 characters or less, and cannot share a name with another GRE tunnel. - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[GRETunnelBGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[List[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `bgp_status: Optional[GRETunnelBGPStatus]` - `state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]` - `"BGP_DOWN"` - `"BGP_UP"` - `"BGP_ESTABLISHING"` - `tcp_established: bool` - `updated_at: datetime` - `bgp_state: Optional[str]` - `cf_speaker_ip: Optional[str]` - `cf_speaker_port: Optional[int]` - `customer_speaker_ip: Optional[str]` - `customer_speaker_port: Optional[int]` - `created_on: Optional[datetime]` The date and time the tunnel was created. - `description: Optional[str]` An optional description of the GRE tunnel. - `health_check: Optional[GRETunnelHealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[GRETunnelHealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class GRETunnelHealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `mtu: Optional[int]` Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. The minimum value is 576. - `ttl: Optional[int]` Time To Live (TTL) in number of hops of the GRE tunnel. ### GRE Tunnel Create Response - `class GRETunnelCreateResponse: …` - `id: str` Identifier - `cloudflare_gre_endpoint: str` The IP address assigned to the Cloudflare side of the GRE tunnel. - `customer_gre_endpoint: str` The IP address assigned to the customer side of the GRE tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the tunnel. The name cannot contain spaces or special characters, must be 15 characters or less, and cannot share a name with another GRE tunnel. - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[BGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[List[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `bgp_status: Optional[BGPStatus]` - `state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]` - `"BGP_DOWN"` - `"BGP_UP"` - `"BGP_ESTABLISHING"` - `tcp_established: bool` - `updated_at: datetime` - `bgp_state: Optional[str]` - `cf_speaker_ip: Optional[str]` - `cf_speaker_port: Optional[int]` - `customer_speaker_ip: Optional[str]` - `customer_speaker_port: Optional[int]` - `created_on: Optional[datetime]` The date and time the tunnel was created. - `description: Optional[str]` An optional description of the GRE tunnel. - `health_check: Optional[HealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[HealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class HealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `mtu: Optional[int]` Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. The minimum value is 576. - `ttl: Optional[int]` Time To Live (TTL) in number of hops of the GRE tunnel. ### GRE Tunnel Update Response - `class GRETunnelUpdateResponse: …` - `modified: Optional[bool]` - `modified_gre_tunnel: Optional[ModifiedGRETunnel]` - `id: str` Identifier - `cloudflare_gre_endpoint: str` The IP address assigned to the Cloudflare side of the GRE tunnel. - `customer_gre_endpoint: str` The IP address assigned to the customer side of the GRE tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the tunnel. The name cannot contain spaces or special characters, must be 15 characters or less, and cannot share a name with another GRE tunnel. - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[ModifiedGRETunnelBGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[List[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `bgp_status: Optional[ModifiedGRETunnelBGPStatus]` - `state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]` - `"BGP_DOWN"` - `"BGP_UP"` - `"BGP_ESTABLISHING"` - `tcp_established: bool` - `updated_at: datetime` - `bgp_state: Optional[str]` - `cf_speaker_ip: Optional[str]` - `cf_speaker_port: Optional[int]` - `customer_speaker_ip: Optional[str]` - `customer_speaker_port: Optional[int]` - `created_on: Optional[datetime]` The date and time the tunnel was created. - `description: Optional[str]` An optional description of the GRE tunnel. - `health_check: Optional[ModifiedGRETunnelHealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[ModifiedGRETunnelHealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class ModifiedGRETunnelHealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `mtu: Optional[int]` Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. The minimum value is 576. - `ttl: Optional[int]` Time To Live (TTL) in number of hops of the GRE tunnel. ### GRE Tunnel Delete Response - `class GRETunnelDeleteResponse: …` - `deleted: Optional[bool]` - `deleted_gre_tunnel: Optional[DeletedGRETunnel]` - `id: str` Identifier - `cloudflare_gre_endpoint: str` The IP address assigned to the Cloudflare side of the GRE tunnel. - `customer_gre_endpoint: str` The IP address assigned to the customer side of the GRE tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the tunnel. The name cannot contain spaces or special characters, must be 15 characters or less, and cannot share a name with another GRE tunnel. - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[DeletedGRETunnelBGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[List[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `bgp_status: Optional[DeletedGRETunnelBGPStatus]` - `state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]` - `"BGP_DOWN"` - `"BGP_UP"` - `"BGP_ESTABLISHING"` - `tcp_established: bool` - `updated_at: datetime` - `bgp_state: Optional[str]` - `cf_speaker_ip: Optional[str]` - `cf_speaker_port: Optional[int]` - `customer_speaker_ip: Optional[str]` - `customer_speaker_port: Optional[int]` - `created_on: Optional[datetime]` The date and time the tunnel was created. - `description: Optional[str]` An optional description of the GRE tunnel. - `health_check: Optional[DeletedGRETunnelHealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[DeletedGRETunnelHealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class DeletedGRETunnelHealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `mtu: Optional[int]` Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. The minimum value is 576. - `ttl: Optional[int]` Time To Live (TTL) in number of hops of the GRE tunnel. ### GRE Tunnel Bulk Update Response - `class GRETunnelBulkUpdateResponse: …` - `modified: Optional[bool]` - `modified_gre_tunnels: Optional[List[ModifiedGRETunnel]]` - `id: str` Identifier - `cloudflare_gre_endpoint: str` The IP address assigned to the Cloudflare side of the GRE tunnel. - `customer_gre_endpoint: str` The IP address assigned to the customer side of the GRE tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the tunnel. The name cannot contain spaces or special characters, must be 15 characters or less, and cannot share a name with another GRE tunnel. - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[ModifiedGRETunnelBGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[List[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `bgp_status: Optional[ModifiedGRETunnelBGPStatus]` - `state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]` - `"BGP_DOWN"` - `"BGP_UP"` - `"BGP_ESTABLISHING"` - `tcp_established: bool` - `updated_at: datetime` - `bgp_state: Optional[str]` - `cf_speaker_ip: Optional[str]` - `cf_speaker_port: Optional[int]` - `customer_speaker_ip: Optional[str]` - `customer_speaker_port: Optional[int]` - `created_on: Optional[datetime]` The date and time the tunnel was created. - `description: Optional[str]` An optional description of the GRE tunnel. - `health_check: Optional[ModifiedGRETunnelHealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[ModifiedGRETunnelHealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class ModifiedGRETunnelHealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `mtu: Optional[int]` Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. The minimum value is 576. - `ttl: Optional[int]` Time To Live (TTL) in number of hops of the GRE tunnel. # IPSEC Tunnels ## List IPsec tunnels `magic_transit.ipsec_tunnels.list(IPSECTunnelListParams**kwargs) -> IPSECTunnelListResponse` **get** `/accounts/{account_id}/magic/ipsec_tunnels` Lists IPsec tunnels associated with an account. ### Parameters - `account_id: str` Identifier - `x_magic_new_hc_target: Optional[bool]` ### Returns - `class IPSECTunnelListResponse: …` - `ipsec_tunnels: Optional[List[IPSECTunnel]]` - `id: str` Identifier - `cloudflare_endpoint: str` The IP address assigned to the Cloudflare side of the IPsec tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the IPsec tunnel. The name cannot share a name with other tunnels. - `allow_null_cipher: Optional[bool]` When `true`, the tunnel can use a null-cipher (`ENCR_NULL`) in the ESP tunnel (Phase 2). - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[IPSECTunnelBGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[List[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `bgp_status: Optional[IPSECTunnelBGPStatus]` - `state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]` - `"BGP_DOWN"` - `"BGP_UP"` - `"BGP_ESTABLISHING"` - `tcp_established: bool` - `updated_at: datetime` - `bgp_state: Optional[str]` - `cf_speaker_ip: Optional[str]` - `cf_speaker_port: Optional[int]` - `customer_speaker_ip: Optional[str]` - `customer_speaker_port: Optional[int]` - `created_on: Optional[datetime]` The date and time the tunnel was created. - `custom_remote_identities: Optional[IPSECTunnelCustomRemoteIdentities]` - `fqdn_id: Optional[str]` A custom IKE ID of type FQDN that may be used to identity the IPsec tunnel. The generated IKE IDs can still be used even if this custom value is specified. Must be of the form `..custom.ipsec.cloudflare.com`. This custom ID does not need to be unique. Two IPsec tunnels may have the same custom fqdn_id. However, if another IPsec tunnel has the same value then the two tunnels cannot have the same cloudflare_endpoint. - `customer_endpoint: Optional[str]` The IP address assigned to the customer side of the IPsec tunnel. Not required, but must be set for proactive traceroutes to work. - `description: Optional[str]` An optional description forthe IPsec tunnel. - `health_check: Optional[IPSECTunnelHealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[IPSECTunnelHealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class IPSECTunnelHealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `psk_metadata: Optional[PSKMetadata]` The PSK metadata that includes when the PSK was generated. - `last_generated_on: Optional[datetime]` The date and time the tunnel was last modified. - `replay_protection: Optional[bool]` If `true`, then IPsec replay protection will be supported in the Cloudflare-to-customer direction. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) ipsec_tunnels = client.magic_transit.ipsec_tunnels.list( account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(ipsec_tunnels.ipsec_tunnels) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "ipsec_tunnels": [ { "id": "c4a7362d577a6c3019a474fd6f485821", "cloudflare_endpoint": "203.0.113.1", "interface_address": "192.0.2.0/31", "name": "IPsec_1", "allow_null_cipher": true, "automatic_return_routing": true, "bgp": { "customer_asn": 0, "extra_prefixes": [ "string" ], "md5_key": "md5_key" }, "bgp_status": { "state": "BGP_DOWN", "tcp_established": true, "updated_at": "2019-12-27T18:11:19.117Z", "bgp_state": "bgp_state", "cf_speaker_ip": "192.168.1.1", "cf_speaker_port": 1, "customer_speaker_ip": "192.168.1.1", "customer_speaker_port": 1 }, "created_on": "2017-06-14T00:00:00Z", "custom_remote_identities": { "fqdn_id": "fqdn_id" }, "customer_endpoint": "203.0.113.1", "description": "Tunnel for ISP X", "health_check": { "direction": "bidirectional", "enabled": true, "rate": "low", "target": { "effective": "203.0.113.1", "saved": "203.0.113.1" }, "type": "request" }, "interface_address6": "2606:54c1:7:0:a9fe:12d2:1:200/127", "modified_on": "2017-06-14T05:20:00Z", "psk_metadata": { "last_generated_on": "2017-06-14T05:20:00Z" }, "replay_protection": false } ] }, "success": true } ``` ## List IPsec tunnel details `magic_transit.ipsec_tunnels.get(stripsec_tunnel_id, IPSECTunnelGetParams**kwargs) -> IPSECTunnelGetResponse` **get** `/accounts/{account_id}/magic/ipsec_tunnels/{ipsec_tunnel_id}` Lists details for a specific IPsec tunnel. ### Parameters - `account_id: str` Identifier - `ipsec_tunnel_id: str` Identifier - `x_magic_new_hc_target: Optional[bool]` ### Returns - `class IPSECTunnelGetResponse: …` - `ipsec_tunnel: Optional[IPSECTunnel]` - `id: str` Identifier - `cloudflare_endpoint: str` The IP address assigned to the Cloudflare side of the IPsec tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the IPsec tunnel. The name cannot share a name with other tunnels. - `allow_null_cipher: Optional[bool]` When `true`, the tunnel can use a null-cipher (`ENCR_NULL`) in the ESP tunnel (Phase 2). - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[IPSECTunnelBGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[List[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `bgp_status: Optional[IPSECTunnelBGPStatus]` - `state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]` - `"BGP_DOWN"` - `"BGP_UP"` - `"BGP_ESTABLISHING"` - `tcp_established: bool` - `updated_at: datetime` - `bgp_state: Optional[str]` - `cf_speaker_ip: Optional[str]` - `cf_speaker_port: Optional[int]` - `customer_speaker_ip: Optional[str]` - `customer_speaker_port: Optional[int]` - `created_on: Optional[datetime]` The date and time the tunnel was created. - `custom_remote_identities: Optional[IPSECTunnelCustomRemoteIdentities]` - `fqdn_id: Optional[str]` A custom IKE ID of type FQDN that may be used to identity the IPsec tunnel. The generated IKE IDs can still be used even if this custom value is specified. Must be of the form `..custom.ipsec.cloudflare.com`. This custom ID does not need to be unique. Two IPsec tunnels may have the same custom fqdn_id. However, if another IPsec tunnel has the same value then the two tunnels cannot have the same cloudflare_endpoint. - `customer_endpoint: Optional[str]` The IP address assigned to the customer side of the IPsec tunnel. Not required, but must be set for proactive traceroutes to work. - `description: Optional[str]` An optional description forthe IPsec tunnel. - `health_check: Optional[IPSECTunnelHealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[IPSECTunnelHealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class IPSECTunnelHealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `psk_metadata: Optional[PSKMetadata]` The PSK metadata that includes when the PSK was generated. - `last_generated_on: Optional[datetime]` The date and time the tunnel was last modified. - `replay_protection: Optional[bool]` If `true`, then IPsec replay protection will be supported in the Cloudflare-to-customer direction. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) ipsec_tunnel = client.magic_transit.ipsec_tunnels.get( ipsec_tunnel_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(ipsec_tunnel.ipsec_tunnel) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "ipsec_tunnel": { "id": "c4a7362d577a6c3019a474fd6f485821", "cloudflare_endpoint": "203.0.113.1", "interface_address": "192.0.2.0/31", "name": "IPsec_1", "allow_null_cipher": true, "automatic_return_routing": true, "bgp": { "customer_asn": 0, "extra_prefixes": [ "string" ], "md5_key": "md5_key" }, "bgp_status": { "state": "BGP_DOWN", "tcp_established": true, "updated_at": "2019-12-27T18:11:19.117Z", "bgp_state": "bgp_state", "cf_speaker_ip": "192.168.1.1", "cf_speaker_port": 1, "customer_speaker_ip": "192.168.1.1", "customer_speaker_port": 1 }, "created_on": "2017-06-14T00:00:00Z", "custom_remote_identities": { "fqdn_id": "fqdn_id" }, "customer_endpoint": "203.0.113.1", "description": "Tunnel for ISP X", "health_check": { "direction": "bidirectional", "enabled": true, "rate": "low", "target": { "effective": "203.0.113.1", "saved": "203.0.113.1" }, "type": "request" }, "interface_address6": "2606:54c1:7:0:a9fe:12d2:1:200/127", "modified_on": "2017-06-14T05:20:00Z", "psk_metadata": { "last_generated_on": "2017-06-14T05:20:00Z" }, "replay_protection": false } }, "success": true } ``` ## Create an IPsec tunnel `magic_transit.ipsec_tunnels.create(IPSECTunnelCreateParams**kwargs) -> IPSECTunnelCreateResponse` **post** `/accounts/{account_id}/magic/ipsec_tunnels` Creates a new IPsec tunnel associated with an account. Use `?validate_only=true` as an optional query parameter to only run validation without persisting changes. ### Parameters - `account_id: str` Identifier - `cloudflare_endpoint: str` The IP address assigned to the Cloudflare side of the IPsec tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the IPsec tunnel. The name cannot share a name with other tunnels. - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[BGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[SequenceNotStr[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `custom_remote_identities: Optional[CustomRemoteIdentities]` - `fqdn_id: Optional[str]` A custom IKE ID of type FQDN that may be used to identity the IPsec tunnel. The generated IKE IDs can still be used even if this custom value is specified. Must be of the form `..custom.ipsec.cloudflare.com`. This custom ID does not need to be unique. Two IPsec tunnels may have the same custom fqdn_id. However, if another IPsec tunnel has the same value then the two tunnels cannot have the same cloudflare_endpoint. - `customer_endpoint: Optional[str]` The IP address assigned to the customer side of the IPsec tunnel. Not required, but must be set for proactive traceroutes to work. - `description: Optional[str]` An optional description forthe IPsec tunnel. - `health_check: Optional[HealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[HealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class HealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `psk: Optional[str]` A randomly generated or provided string for use in the IPsec tunnel. - `replay_protection: Optional[bool]` If `true`, then IPsec replay protection will be supported in the Cloudflare-to-customer direction. - `x_magic_new_hc_target: Optional[bool]` ### Returns - `class IPSECTunnelCreateResponse: …` - `id: str` Identifier - `cloudflare_endpoint: str` The IP address assigned to the Cloudflare side of the IPsec tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the IPsec tunnel. The name cannot share a name with other tunnels. - `allow_null_cipher: Optional[bool]` When `true`, the tunnel can use a null-cipher (`ENCR_NULL`) in the ESP tunnel (Phase 2). - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[BGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[List[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `bgp_status: Optional[BGPStatus]` - `state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]` - `"BGP_DOWN"` - `"BGP_UP"` - `"BGP_ESTABLISHING"` - `tcp_established: bool` - `updated_at: datetime` - `bgp_state: Optional[str]` - `cf_speaker_ip: Optional[str]` - `cf_speaker_port: Optional[int]` - `customer_speaker_ip: Optional[str]` - `customer_speaker_port: Optional[int]` - `created_on: Optional[datetime]` The date and time the tunnel was created. - `custom_remote_identities: Optional[CustomRemoteIdentities]` - `fqdn_id: Optional[str]` A custom IKE ID of type FQDN that may be used to identity the IPsec tunnel. The generated IKE IDs can still be used even if this custom value is specified. Must be of the form `..custom.ipsec.cloudflare.com`. This custom ID does not need to be unique. Two IPsec tunnels may have the same custom fqdn_id. However, if another IPsec tunnel has the same value then the two tunnels cannot have the same cloudflare_endpoint. - `customer_endpoint: Optional[str]` The IP address assigned to the customer side of the IPsec tunnel. Not required, but must be set for proactive traceroutes to work. - `description: Optional[str]` An optional description forthe IPsec tunnel. - `health_check: Optional[HealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[HealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class HealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `psk_metadata: Optional[PSKMetadata]` The PSK metadata that includes when the PSK was generated. - `last_generated_on: Optional[datetime]` The date and time the tunnel was last modified. - `replay_protection: Optional[bool]` If `true`, then IPsec replay protection will be supported in the Cloudflare-to-customer direction. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) ipsec_tunnel = client.magic_transit.ipsec_tunnels.create( account_id="023e105f4ecef8ad9ca31a8372d0c353", cloudflare_endpoint="203.0.113.1", interface_address="192.0.2.0/31", name="IPsec_1", ) print(ipsec_tunnel.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "c4a7362d577a6c3019a474fd6f485821", "cloudflare_endpoint": "203.0.113.1", "interface_address": "192.0.2.0/31", "name": "IPsec_1", "allow_null_cipher": true, "automatic_return_routing": true, "bgp": { "customer_asn": 0, "extra_prefixes": [ "string" ], "md5_key": "md5_key" }, "bgp_status": { "state": "BGP_DOWN", "tcp_established": true, "updated_at": "2019-12-27T18:11:19.117Z", "bgp_state": "bgp_state", "cf_speaker_ip": "192.168.1.1", "cf_speaker_port": 1, "customer_speaker_ip": "192.168.1.1", "customer_speaker_port": 1 }, "created_on": "2017-06-14T00:00:00Z", "custom_remote_identities": { "fqdn_id": "fqdn_id" }, "customer_endpoint": "203.0.113.1", "description": "Tunnel for ISP X", "health_check": { "direction": "bidirectional", "enabled": true, "rate": "low", "target": { "effective": "203.0.113.1", "saved": "203.0.113.1" }, "type": "request" }, "interface_address6": "2606:54c1:7:0:a9fe:12d2:1:200/127", "modified_on": "2017-06-14T05:20:00Z", "psk_metadata": { "last_generated_on": "2017-06-14T05:20:00Z" }, "replay_protection": false }, "success": true } ``` ## Update IPsec Tunnel `magic_transit.ipsec_tunnels.update(stripsec_tunnel_id, IPSECTunnelUpdateParams**kwargs) -> IPSECTunnelUpdateResponse` **put** `/accounts/{account_id}/magic/ipsec_tunnels/{ipsec_tunnel_id}` Updates a specific IPsec tunnel associated with an account. Use `?validate_only=true` as an optional query parameter to only run validation without persisting changes. ### Parameters - `account_id: str` Identifier - `ipsec_tunnel_id: str` Identifier - `cloudflare_endpoint: str` The IP address assigned to the Cloudflare side of the IPsec tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the IPsec tunnel. The name cannot share a name with other tunnels. - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[BGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[SequenceNotStr[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `custom_remote_identities: Optional[CustomRemoteIdentities]` - `fqdn_id: Optional[str]` A custom IKE ID of type FQDN that may be used to identity the IPsec tunnel. The generated IKE IDs can still be used even if this custom value is specified. Must be of the form `..custom.ipsec.cloudflare.com`. This custom ID does not need to be unique. Two IPsec tunnels may have the same custom fqdn_id. However, if another IPsec tunnel has the same value then the two tunnels cannot have the same cloudflare_endpoint. - `customer_endpoint: Optional[str]` The IP address assigned to the customer side of the IPsec tunnel. Not required, but must be set for proactive traceroutes to work. - `description: Optional[str]` An optional description forthe IPsec tunnel. - `health_check: Optional[HealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[HealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class HealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `psk: Optional[str]` A randomly generated or provided string for use in the IPsec tunnel. - `replay_protection: Optional[bool]` If `true`, then IPsec replay protection will be supported in the Cloudflare-to-customer direction. - `x_magic_new_hc_target: Optional[bool]` ### Returns - `class IPSECTunnelUpdateResponse: …` - `modified: Optional[bool]` - `modified_ipsec_tunnel: Optional[ModifiedIPSECTunnel]` - `id: str` Identifier - `cloudflare_endpoint: str` The IP address assigned to the Cloudflare side of the IPsec tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the IPsec tunnel. The name cannot share a name with other tunnels. - `allow_null_cipher: Optional[bool]` When `true`, the tunnel can use a null-cipher (`ENCR_NULL`) in the ESP tunnel (Phase 2). - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[ModifiedIPSECTunnelBGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[List[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `bgp_status: Optional[ModifiedIPSECTunnelBGPStatus]` - `state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]` - `"BGP_DOWN"` - `"BGP_UP"` - `"BGP_ESTABLISHING"` - `tcp_established: bool` - `updated_at: datetime` - `bgp_state: Optional[str]` - `cf_speaker_ip: Optional[str]` - `cf_speaker_port: Optional[int]` - `customer_speaker_ip: Optional[str]` - `customer_speaker_port: Optional[int]` - `created_on: Optional[datetime]` The date and time the tunnel was created. - `custom_remote_identities: Optional[ModifiedIPSECTunnelCustomRemoteIdentities]` - `fqdn_id: Optional[str]` A custom IKE ID of type FQDN that may be used to identity the IPsec tunnel. The generated IKE IDs can still be used even if this custom value is specified. Must be of the form `..custom.ipsec.cloudflare.com`. This custom ID does not need to be unique. Two IPsec tunnels may have the same custom fqdn_id. However, if another IPsec tunnel has the same value then the two tunnels cannot have the same cloudflare_endpoint. - `customer_endpoint: Optional[str]` The IP address assigned to the customer side of the IPsec tunnel. Not required, but must be set for proactive traceroutes to work. - `description: Optional[str]` An optional description forthe IPsec tunnel. - `health_check: Optional[ModifiedIPSECTunnelHealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[ModifiedIPSECTunnelHealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class ModifiedIPSECTunnelHealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `psk_metadata: Optional[PSKMetadata]` The PSK metadata that includes when the PSK was generated. - `last_generated_on: Optional[datetime]` The date and time the tunnel was last modified. - `replay_protection: Optional[bool]` If `true`, then IPsec replay protection will be supported in the Cloudflare-to-customer direction. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) ipsec_tunnel = client.magic_transit.ipsec_tunnels.update( ipsec_tunnel_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", cloudflare_endpoint="203.0.113.1", interface_address="192.0.2.0/31", name="IPsec_1", ) print(ipsec_tunnel.modified) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "modified": true, "modified_ipsec_tunnel": { "id": "c4a7362d577a6c3019a474fd6f485821", "cloudflare_endpoint": "203.0.113.1", "interface_address": "192.0.2.0/31", "name": "IPsec_1", "allow_null_cipher": true, "automatic_return_routing": true, "bgp": { "customer_asn": 0, "extra_prefixes": [ "string" ], "md5_key": "md5_key" }, "bgp_status": { "state": "BGP_DOWN", "tcp_established": true, "updated_at": "2019-12-27T18:11:19.117Z", "bgp_state": "bgp_state", "cf_speaker_ip": "192.168.1.1", "cf_speaker_port": 1, "customer_speaker_ip": "192.168.1.1", "customer_speaker_port": 1 }, "created_on": "2017-06-14T00:00:00Z", "custom_remote_identities": { "fqdn_id": "fqdn_id" }, "customer_endpoint": "203.0.113.1", "description": "Tunnel for ISP X", "health_check": { "direction": "bidirectional", "enabled": true, "rate": "low", "target": { "effective": "203.0.113.1", "saved": "203.0.113.1" }, "type": "request" }, "interface_address6": "2606:54c1:7:0:a9fe:12d2:1:200/127", "modified_on": "2017-06-14T05:20:00Z", "psk_metadata": { "last_generated_on": "2017-06-14T05:20:00Z" }, "replay_protection": false } }, "success": true } ``` ## Delete IPsec Tunnel `magic_transit.ipsec_tunnels.delete(stripsec_tunnel_id, IPSECTunnelDeleteParams**kwargs) -> IPSECTunnelDeleteResponse` **delete** `/accounts/{account_id}/magic/ipsec_tunnels/{ipsec_tunnel_id}` Disables and removes a specific static IPsec Tunnel associated with an account. Use `?validate_only=true` as an optional query parameter to only run validation without persisting changes. ### Parameters - `account_id: str` Identifier - `ipsec_tunnel_id: str` Identifier - `x_magic_new_hc_target: Optional[bool]` ### Returns - `class IPSECTunnelDeleteResponse: …` - `deleted: Optional[bool]` - `deleted_ipsec_tunnel: Optional[DeletedIPSECTunnel]` - `id: str` Identifier - `cloudflare_endpoint: str` The IP address assigned to the Cloudflare side of the IPsec tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the IPsec tunnel. The name cannot share a name with other tunnels. - `allow_null_cipher: Optional[bool]` When `true`, the tunnel can use a null-cipher (`ENCR_NULL`) in the ESP tunnel (Phase 2). - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[DeletedIPSECTunnelBGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[List[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `bgp_status: Optional[DeletedIPSECTunnelBGPStatus]` - `state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]` - `"BGP_DOWN"` - `"BGP_UP"` - `"BGP_ESTABLISHING"` - `tcp_established: bool` - `updated_at: datetime` - `bgp_state: Optional[str]` - `cf_speaker_ip: Optional[str]` - `cf_speaker_port: Optional[int]` - `customer_speaker_ip: Optional[str]` - `customer_speaker_port: Optional[int]` - `created_on: Optional[datetime]` The date and time the tunnel was created. - `custom_remote_identities: Optional[DeletedIPSECTunnelCustomRemoteIdentities]` - `fqdn_id: Optional[str]` A custom IKE ID of type FQDN that may be used to identity the IPsec tunnel. The generated IKE IDs can still be used even if this custom value is specified. Must be of the form `..custom.ipsec.cloudflare.com`. This custom ID does not need to be unique. Two IPsec tunnels may have the same custom fqdn_id. However, if another IPsec tunnel has the same value then the two tunnels cannot have the same cloudflare_endpoint. - `customer_endpoint: Optional[str]` The IP address assigned to the customer side of the IPsec tunnel. Not required, but must be set for proactive traceroutes to work. - `description: Optional[str]` An optional description forthe IPsec tunnel. - `health_check: Optional[DeletedIPSECTunnelHealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[DeletedIPSECTunnelHealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class DeletedIPSECTunnelHealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `psk_metadata: Optional[PSKMetadata]` The PSK metadata that includes when the PSK was generated. - `last_generated_on: Optional[datetime]` The date and time the tunnel was last modified. - `replay_protection: Optional[bool]` If `true`, then IPsec replay protection will be supported in the Cloudflare-to-customer direction. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) ipsec_tunnel = client.magic_transit.ipsec_tunnels.delete( ipsec_tunnel_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(ipsec_tunnel.deleted) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "deleted": true, "deleted_ipsec_tunnel": { "id": "c4a7362d577a6c3019a474fd6f485821", "cloudflare_endpoint": "203.0.113.1", "interface_address": "192.0.2.0/31", "name": "IPsec_1", "allow_null_cipher": true, "automatic_return_routing": true, "bgp": { "customer_asn": 0, "extra_prefixes": [ "string" ], "md5_key": "md5_key" }, "bgp_status": { "state": "BGP_DOWN", "tcp_established": true, "updated_at": "2019-12-27T18:11:19.117Z", "bgp_state": "bgp_state", "cf_speaker_ip": "192.168.1.1", "cf_speaker_port": 1, "customer_speaker_ip": "192.168.1.1", "customer_speaker_port": 1 }, "created_on": "2017-06-14T00:00:00Z", "custom_remote_identities": { "fqdn_id": "fqdn_id" }, "customer_endpoint": "203.0.113.1", "description": "Tunnel for ISP X", "health_check": { "direction": "bidirectional", "enabled": true, "rate": "low", "target": { "effective": "203.0.113.1", "saved": "203.0.113.1" }, "type": "request" }, "interface_address6": "2606:54c1:7:0:a9fe:12d2:1:200/127", "modified_on": "2017-06-14T05:20:00Z", "psk_metadata": { "last_generated_on": "2017-06-14T05:20:00Z" }, "replay_protection": false } }, "success": true } ``` ## Update multiple IPsec tunnels `magic_transit.ipsec_tunnels.bulk_update(IPSECTunnelBulkUpdateParams**kwargs) -> IPSECTunnelBulkUpdateResponse` **put** `/accounts/{account_id}/magic/ipsec_tunnels` Update multiple IPsec tunnels associated with an account. Use `?validate_only=true` as an optional query parameter to only run validation without persisting changes. ### Parameters - `account_id: str` Identifier - `body: object` - `x_magic_new_hc_target: Optional[bool]` ### Returns - `class IPSECTunnelBulkUpdateResponse: …` - `modified: Optional[bool]` - `modified_ipsec_tunnels: Optional[List[ModifiedIPSECTunnel]]` - `id: str` Identifier - `cloudflare_endpoint: str` The IP address assigned to the Cloudflare side of the IPsec tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the IPsec tunnel. The name cannot share a name with other tunnels. - `allow_null_cipher: Optional[bool]` When `true`, the tunnel can use a null-cipher (`ENCR_NULL`) in the ESP tunnel (Phase 2). - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[ModifiedIPSECTunnelBGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[List[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `bgp_status: Optional[ModifiedIPSECTunnelBGPStatus]` - `state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]` - `"BGP_DOWN"` - `"BGP_UP"` - `"BGP_ESTABLISHING"` - `tcp_established: bool` - `updated_at: datetime` - `bgp_state: Optional[str]` - `cf_speaker_ip: Optional[str]` - `cf_speaker_port: Optional[int]` - `customer_speaker_ip: Optional[str]` - `customer_speaker_port: Optional[int]` - `created_on: Optional[datetime]` The date and time the tunnel was created. - `custom_remote_identities: Optional[ModifiedIPSECTunnelCustomRemoteIdentities]` - `fqdn_id: Optional[str]` A custom IKE ID of type FQDN that may be used to identity the IPsec tunnel. The generated IKE IDs can still be used even if this custom value is specified. Must be of the form `..custom.ipsec.cloudflare.com`. This custom ID does not need to be unique. Two IPsec tunnels may have the same custom fqdn_id. However, if another IPsec tunnel has the same value then the two tunnels cannot have the same cloudflare_endpoint. - `customer_endpoint: Optional[str]` The IP address assigned to the customer side of the IPsec tunnel. Not required, but must be set for proactive traceroutes to work. - `description: Optional[str]` An optional description forthe IPsec tunnel. - `health_check: Optional[ModifiedIPSECTunnelHealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[ModifiedIPSECTunnelHealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class ModifiedIPSECTunnelHealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `psk_metadata: Optional[PSKMetadata]` The PSK metadata that includes when the PSK was generated. - `last_generated_on: Optional[datetime]` The date and time the tunnel was last modified. - `replay_protection: Optional[bool]` If `true`, then IPsec replay protection will be supported in the Cloudflare-to-customer direction. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) response = client.magic_transit.ipsec_tunnels.bulk_update( account_id="023e105f4ecef8ad9ca31a8372d0c353", body={}, ) print(response.modified) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "modified": true, "modified_ipsec_tunnels": [ { "id": "c4a7362d577a6c3019a474fd6f485821", "cloudflare_endpoint": "203.0.113.1", "interface_address": "192.0.2.0/31", "name": "IPsec_1", "allow_null_cipher": true, "automatic_return_routing": true, "bgp": { "customer_asn": 0, "extra_prefixes": [ "string" ], "md5_key": "md5_key" }, "bgp_status": { "state": "BGP_DOWN", "tcp_established": true, "updated_at": "2019-12-27T18:11:19.117Z", "bgp_state": "bgp_state", "cf_speaker_ip": "192.168.1.1", "cf_speaker_port": 1, "customer_speaker_ip": "192.168.1.1", "customer_speaker_port": 1 }, "created_on": "2017-06-14T00:00:00Z", "custom_remote_identities": { "fqdn_id": "fqdn_id" }, "customer_endpoint": "203.0.113.1", "description": "Tunnel for ISP X", "health_check": { "direction": "bidirectional", "enabled": true, "rate": "low", "target": { "effective": "203.0.113.1", "saved": "203.0.113.1" }, "type": "request" }, "interface_address6": "2606:54c1:7:0:a9fe:12d2:1:200/127", "modified_on": "2017-06-14T05:20:00Z", "psk_metadata": { "last_generated_on": "2017-06-14T05:20:00Z" }, "replay_protection": false } ] }, "success": true } ``` ## Generate Pre Shared Key (PSK) for IPsec tunnels `magic_transit.ipsec_tunnels.psk_generate(stripsec_tunnel_id, IPSECTunnelPSKGenerateParams**kwargs) -> IPSECTunnelPSKGenerateResponse` **post** `/accounts/{account_id}/magic/ipsec_tunnels/{ipsec_tunnel_id}/psk_generate` Generates a Pre Shared Key for a specific IPsec tunnel used in the IKE session. Use `?validate_only=true` as an optional query parameter to only run validation without persisting changes. After a PSK is generated, the PSK is immediately persisted to Cloudflare's edge and cannot be retrieved later. Note the PSK in a safe place. ### Parameters - `account_id: str` Identifier - `ipsec_tunnel_id: str` Identifier - `body: object` ### Returns - `class IPSECTunnelPSKGenerateResponse: …` - `ipsec_tunnel_id: Optional[str]` Identifier - `psk: Optional[str]` A randomly generated or provided string for use in the IPsec tunnel. - `psk_metadata: Optional[PSKMetadata]` The PSK metadata that includes when the PSK was generated. - `last_generated_on: Optional[datetime]` The date and time the tunnel was last modified. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) response = client.magic_transit.ipsec_tunnels.psk_generate( ipsec_tunnel_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", body={}, ) print(response.ipsec_tunnel_id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "ipsec_tunnel_id": "023e105f4ecef8ad9ca31a8372d0c353", "psk": "O3bwKSjnaoCxDoUxjcq4Rk8ZKkezQUiy", "psk_metadata": { "last_generated_on": "2017-06-14T05:20:00Z" } }, "success": true } ``` ## Domain Types ### PSK Metadata - `class PSKMetadata: …` The PSK metadata that includes when the PSK was generated. - `last_generated_on: Optional[datetime]` The date and time the tunnel was last modified. ### IPSEC Tunnel List Response - `class IPSECTunnelListResponse: …` - `ipsec_tunnels: Optional[List[IPSECTunnel]]` - `id: str` Identifier - `cloudflare_endpoint: str` The IP address assigned to the Cloudflare side of the IPsec tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the IPsec tunnel. The name cannot share a name with other tunnels. - `allow_null_cipher: Optional[bool]` When `true`, the tunnel can use a null-cipher (`ENCR_NULL`) in the ESP tunnel (Phase 2). - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[IPSECTunnelBGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[List[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `bgp_status: Optional[IPSECTunnelBGPStatus]` - `state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]` - `"BGP_DOWN"` - `"BGP_UP"` - `"BGP_ESTABLISHING"` - `tcp_established: bool` - `updated_at: datetime` - `bgp_state: Optional[str]` - `cf_speaker_ip: Optional[str]` - `cf_speaker_port: Optional[int]` - `customer_speaker_ip: Optional[str]` - `customer_speaker_port: Optional[int]` - `created_on: Optional[datetime]` The date and time the tunnel was created. - `custom_remote_identities: Optional[IPSECTunnelCustomRemoteIdentities]` - `fqdn_id: Optional[str]` A custom IKE ID of type FQDN that may be used to identity the IPsec tunnel. The generated IKE IDs can still be used even if this custom value is specified. Must be of the form `..custom.ipsec.cloudflare.com`. This custom ID does not need to be unique. Two IPsec tunnels may have the same custom fqdn_id. However, if another IPsec tunnel has the same value then the two tunnels cannot have the same cloudflare_endpoint. - `customer_endpoint: Optional[str]` The IP address assigned to the customer side of the IPsec tunnel. Not required, but must be set for proactive traceroutes to work. - `description: Optional[str]` An optional description forthe IPsec tunnel. - `health_check: Optional[IPSECTunnelHealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[IPSECTunnelHealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class IPSECTunnelHealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `psk_metadata: Optional[PSKMetadata]` The PSK metadata that includes when the PSK was generated. - `last_generated_on: Optional[datetime]` The date and time the tunnel was last modified. - `replay_protection: Optional[bool]` If `true`, then IPsec replay protection will be supported in the Cloudflare-to-customer direction. ### IPSEC Tunnel Get Response - `class IPSECTunnelGetResponse: …` - `ipsec_tunnel: Optional[IPSECTunnel]` - `id: str` Identifier - `cloudflare_endpoint: str` The IP address assigned to the Cloudflare side of the IPsec tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the IPsec tunnel. The name cannot share a name with other tunnels. - `allow_null_cipher: Optional[bool]` When `true`, the tunnel can use a null-cipher (`ENCR_NULL`) in the ESP tunnel (Phase 2). - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[IPSECTunnelBGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[List[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `bgp_status: Optional[IPSECTunnelBGPStatus]` - `state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]` - `"BGP_DOWN"` - `"BGP_UP"` - `"BGP_ESTABLISHING"` - `tcp_established: bool` - `updated_at: datetime` - `bgp_state: Optional[str]` - `cf_speaker_ip: Optional[str]` - `cf_speaker_port: Optional[int]` - `customer_speaker_ip: Optional[str]` - `customer_speaker_port: Optional[int]` - `created_on: Optional[datetime]` The date and time the tunnel was created. - `custom_remote_identities: Optional[IPSECTunnelCustomRemoteIdentities]` - `fqdn_id: Optional[str]` A custom IKE ID of type FQDN that may be used to identity the IPsec tunnel. The generated IKE IDs can still be used even if this custom value is specified. Must be of the form `..custom.ipsec.cloudflare.com`. This custom ID does not need to be unique. Two IPsec tunnels may have the same custom fqdn_id. However, if another IPsec tunnel has the same value then the two tunnels cannot have the same cloudflare_endpoint. - `customer_endpoint: Optional[str]` The IP address assigned to the customer side of the IPsec tunnel. Not required, but must be set for proactive traceroutes to work. - `description: Optional[str]` An optional description forthe IPsec tunnel. - `health_check: Optional[IPSECTunnelHealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[IPSECTunnelHealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class IPSECTunnelHealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `psk_metadata: Optional[PSKMetadata]` The PSK metadata that includes when the PSK was generated. - `last_generated_on: Optional[datetime]` The date and time the tunnel was last modified. - `replay_protection: Optional[bool]` If `true`, then IPsec replay protection will be supported in the Cloudflare-to-customer direction. ### IPSEC Tunnel Create Response - `class IPSECTunnelCreateResponse: …` - `id: str` Identifier - `cloudflare_endpoint: str` The IP address assigned to the Cloudflare side of the IPsec tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the IPsec tunnel. The name cannot share a name with other tunnels. - `allow_null_cipher: Optional[bool]` When `true`, the tunnel can use a null-cipher (`ENCR_NULL`) in the ESP tunnel (Phase 2). - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[BGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[List[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `bgp_status: Optional[BGPStatus]` - `state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]` - `"BGP_DOWN"` - `"BGP_UP"` - `"BGP_ESTABLISHING"` - `tcp_established: bool` - `updated_at: datetime` - `bgp_state: Optional[str]` - `cf_speaker_ip: Optional[str]` - `cf_speaker_port: Optional[int]` - `customer_speaker_ip: Optional[str]` - `customer_speaker_port: Optional[int]` - `created_on: Optional[datetime]` The date and time the tunnel was created. - `custom_remote_identities: Optional[CustomRemoteIdentities]` - `fqdn_id: Optional[str]` A custom IKE ID of type FQDN that may be used to identity the IPsec tunnel. The generated IKE IDs can still be used even if this custom value is specified. Must be of the form `..custom.ipsec.cloudflare.com`. This custom ID does not need to be unique. Two IPsec tunnels may have the same custom fqdn_id. However, if another IPsec tunnel has the same value then the two tunnels cannot have the same cloudflare_endpoint. - `customer_endpoint: Optional[str]` The IP address assigned to the customer side of the IPsec tunnel. Not required, but must be set for proactive traceroutes to work. - `description: Optional[str]` An optional description forthe IPsec tunnel. - `health_check: Optional[HealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[HealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class HealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `psk_metadata: Optional[PSKMetadata]` The PSK metadata that includes when the PSK was generated. - `last_generated_on: Optional[datetime]` The date and time the tunnel was last modified. - `replay_protection: Optional[bool]` If `true`, then IPsec replay protection will be supported in the Cloudflare-to-customer direction. ### IPSEC Tunnel Update Response - `class IPSECTunnelUpdateResponse: …` - `modified: Optional[bool]` - `modified_ipsec_tunnel: Optional[ModifiedIPSECTunnel]` - `id: str` Identifier - `cloudflare_endpoint: str` The IP address assigned to the Cloudflare side of the IPsec tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the IPsec tunnel. The name cannot share a name with other tunnels. - `allow_null_cipher: Optional[bool]` When `true`, the tunnel can use a null-cipher (`ENCR_NULL`) in the ESP tunnel (Phase 2). - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[ModifiedIPSECTunnelBGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[List[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `bgp_status: Optional[ModifiedIPSECTunnelBGPStatus]` - `state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]` - `"BGP_DOWN"` - `"BGP_UP"` - `"BGP_ESTABLISHING"` - `tcp_established: bool` - `updated_at: datetime` - `bgp_state: Optional[str]` - `cf_speaker_ip: Optional[str]` - `cf_speaker_port: Optional[int]` - `customer_speaker_ip: Optional[str]` - `customer_speaker_port: Optional[int]` - `created_on: Optional[datetime]` The date and time the tunnel was created. - `custom_remote_identities: Optional[ModifiedIPSECTunnelCustomRemoteIdentities]` - `fqdn_id: Optional[str]` A custom IKE ID of type FQDN that may be used to identity the IPsec tunnel. The generated IKE IDs can still be used even if this custom value is specified. Must be of the form `..custom.ipsec.cloudflare.com`. This custom ID does not need to be unique. Two IPsec tunnels may have the same custom fqdn_id. However, if another IPsec tunnel has the same value then the two tunnels cannot have the same cloudflare_endpoint. - `customer_endpoint: Optional[str]` The IP address assigned to the customer side of the IPsec tunnel. Not required, but must be set for proactive traceroutes to work. - `description: Optional[str]` An optional description forthe IPsec tunnel. - `health_check: Optional[ModifiedIPSECTunnelHealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[ModifiedIPSECTunnelHealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class ModifiedIPSECTunnelHealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `psk_metadata: Optional[PSKMetadata]` The PSK metadata that includes when the PSK was generated. - `last_generated_on: Optional[datetime]` The date and time the tunnel was last modified. - `replay_protection: Optional[bool]` If `true`, then IPsec replay protection will be supported in the Cloudflare-to-customer direction. ### IPSEC Tunnel Delete Response - `class IPSECTunnelDeleteResponse: …` - `deleted: Optional[bool]` - `deleted_ipsec_tunnel: Optional[DeletedIPSECTunnel]` - `id: str` Identifier - `cloudflare_endpoint: str` The IP address assigned to the Cloudflare side of the IPsec tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the IPsec tunnel. The name cannot share a name with other tunnels. - `allow_null_cipher: Optional[bool]` When `true`, the tunnel can use a null-cipher (`ENCR_NULL`) in the ESP tunnel (Phase 2). - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[DeletedIPSECTunnelBGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[List[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `bgp_status: Optional[DeletedIPSECTunnelBGPStatus]` - `state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]` - `"BGP_DOWN"` - `"BGP_UP"` - `"BGP_ESTABLISHING"` - `tcp_established: bool` - `updated_at: datetime` - `bgp_state: Optional[str]` - `cf_speaker_ip: Optional[str]` - `cf_speaker_port: Optional[int]` - `customer_speaker_ip: Optional[str]` - `customer_speaker_port: Optional[int]` - `created_on: Optional[datetime]` The date and time the tunnel was created. - `custom_remote_identities: Optional[DeletedIPSECTunnelCustomRemoteIdentities]` - `fqdn_id: Optional[str]` A custom IKE ID of type FQDN that may be used to identity the IPsec tunnel. The generated IKE IDs can still be used even if this custom value is specified. Must be of the form `..custom.ipsec.cloudflare.com`. This custom ID does not need to be unique. Two IPsec tunnels may have the same custom fqdn_id. However, if another IPsec tunnel has the same value then the two tunnels cannot have the same cloudflare_endpoint. - `customer_endpoint: Optional[str]` The IP address assigned to the customer side of the IPsec tunnel. Not required, but must be set for proactive traceroutes to work. - `description: Optional[str]` An optional description forthe IPsec tunnel. - `health_check: Optional[DeletedIPSECTunnelHealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[DeletedIPSECTunnelHealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class DeletedIPSECTunnelHealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `psk_metadata: Optional[PSKMetadata]` The PSK metadata that includes when the PSK was generated. - `last_generated_on: Optional[datetime]` The date and time the tunnel was last modified. - `replay_protection: Optional[bool]` If `true`, then IPsec replay protection will be supported in the Cloudflare-to-customer direction. ### IPSEC Tunnel Bulk Update Response - `class IPSECTunnelBulkUpdateResponse: …` - `modified: Optional[bool]` - `modified_ipsec_tunnels: Optional[List[ModifiedIPSECTunnel]]` - `id: str` Identifier - `cloudflare_endpoint: str` The IP address assigned to the Cloudflare side of the IPsec tunnel. - `interface_address: str` A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255. - `name: str` The name of the IPsec tunnel. The name cannot share a name with other tunnels. - `allow_null_cipher: Optional[bool]` When `true`, the tunnel can use a null-cipher (`ENCR_NULL`) in the ESP tunnel (Phase 2). - `automatic_return_routing: Optional[bool]` True if automatic stateful return routing should be enabled for a tunnel, false otherwise. - `bgp: Optional[ModifiedIPSECTunnelBGP]` - `customer_asn: int` ASN used on the customer end of the BGP session - `extra_prefixes: Optional[List[str]]` Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table. - `md5_key: Optional[str]` MD5 key to use for session authentication. Note that *this is not a security measure*. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is *only* supported for preventing misconfiguration, not for defending against malicious attacks. The MD5 key, if set, must be of non-zero length and consist only of the following types of character: * ASCII alphanumerics: `[a-zA-Z0-9]` * Special characters in the set `'!@#$%^&*()+[]{}<>/.,;:_-~`= |` In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark (`"`), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (`?`). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected. - `bgp_status: Optional[ModifiedIPSECTunnelBGPStatus]` - `state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]` - `"BGP_DOWN"` - `"BGP_UP"` - `"BGP_ESTABLISHING"` - `tcp_established: bool` - `updated_at: datetime` - `bgp_state: Optional[str]` - `cf_speaker_ip: Optional[str]` - `cf_speaker_port: Optional[int]` - `customer_speaker_ip: Optional[str]` - `customer_speaker_port: Optional[int]` - `created_on: Optional[datetime]` The date and time the tunnel was created. - `custom_remote_identities: Optional[ModifiedIPSECTunnelCustomRemoteIdentities]` - `fqdn_id: Optional[str]` A custom IKE ID of type FQDN that may be used to identity the IPsec tunnel. The generated IKE IDs can still be used even if this custom value is specified. Must be of the form `..custom.ipsec.cloudflare.com`. This custom ID does not need to be unique. Two IPsec tunnels may have the same custom fqdn_id. However, if another IPsec tunnel has the same value then the two tunnels cannot have the same cloudflare_endpoint. - `customer_endpoint: Optional[str]` The IP address assigned to the customer side of the IPsec tunnel. Not required, but must be set for proactive traceroutes to work. - `description: Optional[str]` An optional description forthe IPsec tunnel. - `health_check: Optional[ModifiedIPSECTunnelHealthCheck]` - `direction: Optional[Literal["unidirectional", "bidirectional"]]` The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel. - `"unidirectional"` - `"bidirectional"` - `enabled: Optional[bool]` Determines whether to run healthchecks for a tunnel. - `rate: Optional[HealthCheckRate]` How frequent the health check is run. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `target: Optional[ModifiedIPSECTunnelHealthCheckTarget]` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false. - `class ModifiedIPSECTunnelHealthCheckTargetMagicHealthCheckTarget: …` The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to `customer_gre_endpoint address`. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. - `effective: Optional[str]` The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests. - `saved: Optional[str]` The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used. - `str` - `type: Optional[HealthCheckType]` The type of healthcheck to run, reply or request. The default value is `reply`. - `"reply"` - `"request"` - `interface_address6: Optional[str]` A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127 - `modified_on: Optional[datetime]` The date and time the tunnel was last modified. - `psk_metadata: Optional[PSKMetadata]` The PSK metadata that includes when the PSK was generated. - `last_generated_on: Optional[datetime]` The date and time the tunnel was last modified. - `replay_protection: Optional[bool]` If `true`, then IPsec replay protection will be supported in the Cloudflare-to-customer direction. ### IPSEC Tunnel PSK Generate Response - `class IPSECTunnelPSKGenerateResponse: …` - `ipsec_tunnel_id: Optional[str]` Identifier - `psk: Optional[str]` A randomly generated or provided string for use in the IPsec tunnel. - `psk_metadata: Optional[PSKMetadata]` The PSK metadata that includes when the PSK was generated. - `last_generated_on: Optional[datetime]` The date and time the tunnel was last modified. # Routes ## List Routes `magic_transit.routes.list(RouteListParams**kwargs) -> RouteListResponse` **get** `/accounts/{account_id}/magic/routes` List all Magic static routes. ### Parameters - `account_id: str` Identifier ### Returns - `class RouteListResponse: …` - `routes: Optional[List[Route]]` - `id: str` Identifier - `nexthop: str` The next-hop IP Address for the static route. - `prefix: str` IP Prefix in Classless Inter-Domain Routing format. - `priority: int` Priority of the static route. - `created_on: Optional[datetime]` When the route was created. - `description: Optional[str]` An optional human provided description of the static route. - `modified_on: Optional[datetime]` When the route was last modified. - `scope: Optional[Scope]` Used only for ECMP routes. - `colo_names: Optional[List[str]]` List of colo names for the ECMP scope. - `colo_regions: Optional[List[str]]` List of colo regions for the ECMP scope. - `weight: Optional[int]` Optional weight of the ECMP scope - if provided. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) routes = client.magic_transit.routes.list( account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(routes.routes) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "routes": [ { "id": "023e105f4ecef8ad9ca31a8372d0c353", "nexthop": "203.0.113.1", "prefix": "192.0.2.0/24", "priority": 0, "created_on": "2017-06-14T00:00:00Z", "description": "New route for new prefix 203.0.113.1", "modified_on": "2017-06-14T05:20:00Z", "scope": { "colo_names": [ "den01" ], "colo_regions": [ "APAC" ] }, "weight": 0 } ] }, "success": true } ``` ## Route Details `magic_transit.routes.get(strroute_id, RouteGetParams**kwargs) -> RouteGetResponse` **get** `/accounts/{account_id}/magic/routes/{route_id}` Get a specific Magic static route. ### Parameters - `account_id: str` Identifier - `route_id: str` Identifier ### Returns - `class RouteGetResponse: …` - `route: Optional[Route]` - `id: str` Identifier - `nexthop: str` The next-hop IP Address for the static route. - `prefix: str` IP Prefix in Classless Inter-Domain Routing format. - `priority: int` Priority of the static route. - `created_on: Optional[datetime]` When the route was created. - `description: Optional[str]` An optional human provided description of the static route. - `modified_on: Optional[datetime]` When the route was last modified. - `scope: Optional[Scope]` Used only for ECMP routes. - `colo_names: Optional[List[str]]` List of colo names for the ECMP scope. - `colo_regions: Optional[List[str]]` List of colo regions for the ECMP scope. - `weight: Optional[int]` Optional weight of the ECMP scope - if provided. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) route = client.magic_transit.routes.get( route_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(route.route) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "route": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "nexthop": "203.0.113.1", "prefix": "192.0.2.0/24", "priority": 0, "created_on": "2017-06-14T00:00:00Z", "description": "New route for new prefix 203.0.113.1", "modified_on": "2017-06-14T05:20:00Z", "scope": { "colo_names": [ "den01" ], "colo_regions": [ "APAC" ] }, "weight": 0 } }, "success": true } ``` ## Create a Route `magic_transit.routes.create(RouteCreateParams**kwargs) -> RouteCreateResponse` **post** `/accounts/{account_id}/magic/routes` Creates a new Magic static route. Use `?validate_only=true` as an optional query parameter to run validation only without persisting changes. ### Parameters - `account_id: str` Identifier - `nexthop: str` The next-hop IP Address for the static route. - `prefix: str` IP Prefix in Classless Inter-Domain Routing format. - `priority: int` Priority of the static route. - `description: Optional[str]` An optional human provided description of the static route. - `scope: Optional[ScopeParam]` Used only for ECMP routes. - `colo_names: Optional[List[str]]` List of colo names for the ECMP scope. - `colo_regions: Optional[List[str]]` List of colo regions for the ECMP scope. - `weight: Optional[int]` Optional weight of the ECMP scope - if provided. ### Returns - `class RouteCreateResponse: …` - `id: str` Identifier - `nexthop: str` The next-hop IP Address for the static route. - `prefix: str` IP Prefix in Classless Inter-Domain Routing format. - `priority: int` Priority of the static route. - `created_on: Optional[datetime]` When the route was created. - `description: Optional[str]` An optional human provided description of the static route. - `modified_on: Optional[datetime]` When the route was last modified. - `scope: Optional[Scope]` Used only for ECMP routes. - `colo_names: Optional[List[str]]` List of colo names for the ECMP scope. - `colo_regions: Optional[List[str]]` List of colo regions for the ECMP scope. - `weight: Optional[int]` Optional weight of the ECMP scope - if provided. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) route = client.magic_transit.routes.create( account_id="023e105f4ecef8ad9ca31a8372d0c353", nexthop="203.0.113.1", prefix="192.0.2.0/24", priority=0, ) print(route.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "nexthop": "203.0.113.1", "prefix": "192.0.2.0/24", "priority": 0, "created_on": "2017-06-14T00:00:00Z", "description": "New route for new prefix 203.0.113.1", "modified_on": "2017-06-14T05:20:00Z", "scope": { "colo_names": [ "den01" ], "colo_regions": [ "APAC" ] }, "weight": 0 }, "success": true } ``` ## Update Route `magic_transit.routes.update(strroute_id, RouteUpdateParams**kwargs) -> RouteUpdateResponse` **put** `/accounts/{account_id}/magic/routes/{route_id}` Update a specific Magic static route. Use `?validate_only=true` as an optional query parameter to run validation only without persisting changes. ### Parameters - `account_id: str` Identifier - `route_id: str` Identifier - `nexthop: str` The next-hop IP Address for the static route. - `prefix: str` IP Prefix in Classless Inter-Domain Routing format. - `priority: int` Priority of the static route. - `description: Optional[str]` An optional human provided description of the static route. - `scope: Optional[ScopeParam]` Used only for ECMP routes. - `colo_names: Optional[List[str]]` List of colo names for the ECMP scope. - `colo_regions: Optional[List[str]]` List of colo regions for the ECMP scope. - `weight: Optional[int]` Optional weight of the ECMP scope - if provided. ### Returns - `class RouteUpdateResponse: …` - `modified: Optional[bool]` - `modified_route: Optional[ModifiedRoute]` - `id: str` Identifier - `nexthop: str` The next-hop IP Address for the static route. - `prefix: str` IP Prefix in Classless Inter-Domain Routing format. - `priority: int` Priority of the static route. - `created_on: Optional[datetime]` When the route was created. - `description: Optional[str]` An optional human provided description of the static route. - `modified_on: Optional[datetime]` When the route was last modified. - `scope: Optional[Scope]` Used only for ECMP routes. - `colo_names: Optional[List[str]]` List of colo names for the ECMP scope. - `colo_regions: Optional[List[str]]` List of colo regions for the ECMP scope. - `weight: Optional[int]` Optional weight of the ECMP scope - if provided. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) route = client.magic_transit.routes.update( route_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", nexthop="203.0.113.1", prefix="192.0.2.0/24", priority=0, ) print(route.modified) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "modified": true, "modified_route": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "nexthop": "203.0.113.1", "prefix": "192.0.2.0/24", "priority": 0, "created_on": "2017-06-14T00:00:00Z", "description": "New route for new prefix 203.0.113.1", "modified_on": "2017-06-14T05:20:00Z", "scope": { "colo_names": [ "den01" ], "colo_regions": [ "APAC" ] }, "weight": 0 } }, "success": true } ``` ## Delete Route `magic_transit.routes.delete(strroute_id, RouteDeleteParams**kwargs) -> RouteDeleteResponse` **delete** `/accounts/{account_id}/magic/routes/{route_id}` Disable and remove a specific Magic static route. ### Parameters - `account_id: str` Identifier - `route_id: str` Identifier ### Returns - `class RouteDeleteResponse: …` - `deleted: Optional[bool]` - `deleted_route: Optional[DeletedRoute]` - `id: str` Identifier - `nexthop: str` The next-hop IP Address for the static route. - `prefix: str` IP Prefix in Classless Inter-Domain Routing format. - `priority: int` Priority of the static route. - `created_on: Optional[datetime]` When the route was created. - `description: Optional[str]` An optional human provided description of the static route. - `modified_on: Optional[datetime]` When the route was last modified. - `scope: Optional[Scope]` Used only for ECMP routes. - `colo_names: Optional[List[str]]` List of colo names for the ECMP scope. - `colo_regions: Optional[List[str]]` List of colo regions for the ECMP scope. - `weight: Optional[int]` Optional weight of the ECMP scope - if provided. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) route = client.magic_transit.routes.delete( route_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(route.deleted) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "deleted": true, "deleted_route": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "nexthop": "203.0.113.1", "prefix": "192.0.2.0/24", "priority": 0, "created_on": "2017-06-14T00:00:00Z", "description": "New route for new prefix 203.0.113.1", "modified_on": "2017-06-14T05:20:00Z", "scope": { "colo_names": [ "den01" ], "colo_regions": [ "APAC" ] }, "weight": 0 } }, "success": true } ``` ## Update Many Routes `magic_transit.routes.bulk_update(RouteBulkUpdateParams**kwargs) -> RouteBulkUpdateResponse` **put** `/accounts/{account_id}/magic/routes` Update multiple Magic static routes. Use `?validate_only=true` as an optional query parameter to run validation only without persisting changes. Only fields for a route that need to be changed need be provided. ### Parameters - `account_id: str` Identifier - `routes: Iterable[Route]` - `id: str` Identifier - `nexthop: str` The next-hop IP Address for the static route. - `prefix: str` IP Prefix in Classless Inter-Domain Routing format. - `priority: int` Priority of the static route. - `description: Optional[str]` An optional human provided description of the static route. - `scope: Optional[ScopeParam]` Used only for ECMP routes. - `colo_names: Optional[List[str]]` List of colo names for the ECMP scope. - `colo_regions: Optional[List[str]]` List of colo regions for the ECMP scope. - `weight: Optional[int]` Optional weight of the ECMP scope - if provided. ### Returns - `class RouteBulkUpdateResponse: …` - `modified: Optional[bool]` - `modified_routes: Optional[List[ModifiedRoute]]` - `id: str` Identifier - `nexthop: str` The next-hop IP Address for the static route. - `prefix: str` IP Prefix in Classless Inter-Domain Routing format. - `priority: int` Priority of the static route. - `created_on: Optional[datetime]` When the route was created. - `description: Optional[str]` An optional human provided description of the static route. - `modified_on: Optional[datetime]` When the route was last modified. - `scope: Optional[Scope]` Used only for ECMP routes. - `colo_names: Optional[List[str]]` List of colo names for the ECMP scope. - `colo_regions: Optional[List[str]]` List of colo regions for the ECMP scope. - `weight: Optional[int]` Optional weight of the ECMP scope - if provided. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) response = client.magic_transit.routes.bulk_update( account_id="023e105f4ecef8ad9ca31a8372d0c353", routes=[{ "id": "023e105f4ecef8ad9ca31a8372d0c353", "nexthop": "203.0.113.1", "prefix": "192.0.2.0/24", "priority": 0, }], ) print(response.modified) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "modified": true, "modified_routes": [ { "id": "023e105f4ecef8ad9ca31a8372d0c353", "nexthop": "203.0.113.1", "prefix": "192.0.2.0/24", "priority": 0, "created_on": "2017-06-14T00:00:00Z", "description": "New route for new prefix 203.0.113.1", "modified_on": "2017-06-14T05:20:00Z", "scope": { "colo_names": [ "den01" ], "colo_regions": [ "APAC" ] }, "weight": 0 } ] }, "success": true } ``` ## Delete Many Routes `magic_transit.routes.empty(RouteEmptyParams**kwargs) -> RouteEmptyResponse` **delete** `/accounts/{account_id}/magic/routes` Delete multiple Magic static routes. ### Parameters - `account_id: str` Identifier ### Returns - `class RouteEmptyResponse: …` - `deleted: Optional[bool]` - `deleted_routes: Optional[List[DeletedRoute]]` - `id: str` Identifier - `nexthop: str` The next-hop IP Address for the static route. - `prefix: str` IP Prefix in Classless Inter-Domain Routing format. - `priority: int` Priority of the static route. - `created_on: Optional[datetime]` When the route was created. - `description: Optional[str]` An optional human provided description of the static route. - `modified_on: Optional[datetime]` When the route was last modified. - `scope: Optional[Scope]` Used only for ECMP routes. - `colo_names: Optional[List[str]]` List of colo names for the ECMP scope. - `colo_regions: Optional[List[str]]` List of colo regions for the ECMP scope. - `weight: Optional[int]` Optional weight of the ECMP scope - if provided. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) response = client.magic_transit.routes.empty( account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(response.deleted) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "deleted": true, "deleted_routes": [ { "id": "023e105f4ecef8ad9ca31a8372d0c353", "nexthop": "203.0.113.1", "prefix": "192.0.2.0/24", "priority": 0, "created_on": "2017-06-14T00:00:00Z", "description": "New route for new prefix 203.0.113.1", "modified_on": "2017-06-14T05:20:00Z", "scope": { "colo_names": [ "den01" ], "colo_regions": [ "APAC" ] }, "weight": 0 } ] }, "success": true } ``` ## Domain Types ### Scope - `class Scope: …` Used only for ECMP routes. - `colo_names: Optional[List[str]]` List of colo names for the ECMP scope. - `colo_regions: Optional[List[str]]` List of colo regions for the ECMP scope. ### Route List Response - `class RouteListResponse: …` - `routes: Optional[List[Route]]` - `id: str` Identifier - `nexthop: str` The next-hop IP Address for the static route. - `prefix: str` IP Prefix in Classless Inter-Domain Routing format. - `priority: int` Priority of the static route. - `created_on: Optional[datetime]` When the route was created. - `description: Optional[str]` An optional human provided description of the static route. - `modified_on: Optional[datetime]` When the route was last modified. - `scope: Optional[Scope]` Used only for ECMP routes. - `colo_names: Optional[List[str]]` List of colo names for the ECMP scope. - `colo_regions: Optional[List[str]]` List of colo regions for the ECMP scope. - `weight: Optional[int]` Optional weight of the ECMP scope - if provided. ### Route Get Response - `class RouteGetResponse: …` - `route: Optional[Route]` - `id: str` Identifier - `nexthop: str` The next-hop IP Address for the static route. - `prefix: str` IP Prefix in Classless Inter-Domain Routing format. - `priority: int` Priority of the static route. - `created_on: Optional[datetime]` When the route was created. - `description: Optional[str]` An optional human provided description of the static route. - `modified_on: Optional[datetime]` When the route was last modified. - `scope: Optional[Scope]` Used only for ECMP routes. - `colo_names: Optional[List[str]]` List of colo names for the ECMP scope. - `colo_regions: Optional[List[str]]` List of colo regions for the ECMP scope. - `weight: Optional[int]` Optional weight of the ECMP scope - if provided. ### Route Create Response - `class RouteCreateResponse: …` - `id: str` Identifier - `nexthop: str` The next-hop IP Address for the static route. - `prefix: str` IP Prefix in Classless Inter-Domain Routing format. - `priority: int` Priority of the static route. - `created_on: Optional[datetime]` When the route was created. - `description: Optional[str]` An optional human provided description of the static route. - `modified_on: Optional[datetime]` When the route was last modified. - `scope: Optional[Scope]` Used only for ECMP routes. - `colo_names: Optional[List[str]]` List of colo names for the ECMP scope. - `colo_regions: Optional[List[str]]` List of colo regions for the ECMP scope. - `weight: Optional[int]` Optional weight of the ECMP scope - if provided. ### Route Update Response - `class RouteUpdateResponse: …` - `modified: Optional[bool]` - `modified_route: Optional[ModifiedRoute]` - `id: str` Identifier - `nexthop: str` The next-hop IP Address for the static route. - `prefix: str` IP Prefix in Classless Inter-Domain Routing format. - `priority: int` Priority of the static route. - `created_on: Optional[datetime]` When the route was created. - `description: Optional[str]` An optional human provided description of the static route. - `modified_on: Optional[datetime]` When the route was last modified. - `scope: Optional[Scope]` Used only for ECMP routes. - `colo_names: Optional[List[str]]` List of colo names for the ECMP scope. - `colo_regions: Optional[List[str]]` List of colo regions for the ECMP scope. - `weight: Optional[int]` Optional weight of the ECMP scope - if provided. ### Route Delete Response - `class RouteDeleteResponse: …` - `deleted: Optional[bool]` - `deleted_route: Optional[DeletedRoute]` - `id: str` Identifier - `nexthop: str` The next-hop IP Address for the static route. - `prefix: str` IP Prefix in Classless Inter-Domain Routing format. - `priority: int` Priority of the static route. - `created_on: Optional[datetime]` When the route was created. - `description: Optional[str]` An optional human provided description of the static route. - `modified_on: Optional[datetime]` When the route was last modified. - `scope: Optional[Scope]` Used only for ECMP routes. - `colo_names: Optional[List[str]]` List of colo names for the ECMP scope. - `colo_regions: Optional[List[str]]` List of colo regions for the ECMP scope. - `weight: Optional[int]` Optional weight of the ECMP scope - if provided. ### Route Bulk Update Response - `class RouteBulkUpdateResponse: …` - `modified: Optional[bool]` - `modified_routes: Optional[List[ModifiedRoute]]` - `id: str` Identifier - `nexthop: str` The next-hop IP Address for the static route. - `prefix: str` IP Prefix in Classless Inter-Domain Routing format. - `priority: int` Priority of the static route. - `created_on: Optional[datetime]` When the route was created. - `description: Optional[str]` An optional human provided description of the static route. - `modified_on: Optional[datetime]` When the route was last modified. - `scope: Optional[Scope]` Used only for ECMP routes. - `colo_names: Optional[List[str]]` List of colo names for the ECMP scope. - `colo_regions: Optional[List[str]]` List of colo regions for the ECMP scope. - `weight: Optional[int]` Optional weight of the ECMP scope - if provided. ### Route Empty Response - `class RouteEmptyResponse: …` - `deleted: Optional[bool]` - `deleted_routes: Optional[List[DeletedRoute]]` - `id: str` Identifier - `nexthop: str` The next-hop IP Address for the static route. - `prefix: str` IP Prefix in Classless Inter-Domain Routing format. - `priority: int` Priority of the static route. - `created_on: Optional[datetime]` When the route was created. - `description: Optional[str]` An optional human provided description of the static route. - `modified_on: Optional[datetime]` When the route was last modified. - `scope: Optional[Scope]` Used only for ECMP routes. - `colo_names: Optional[List[str]]` List of colo names for the ECMP scope. - `colo_regions: Optional[List[str]]` List of colo regions for the ECMP scope. - `weight: Optional[int]` Optional weight of the ECMP scope - if provided. # Sites ## List Sites `magic_transit.sites.list(SiteListParams**kwargs) -> SyncSinglePage[Site]` **get** `/accounts/{account_id}/magic/sites` Lists Sites associated with an account. Use connectorid query param to return sites where connectorid matches either site.ConnectorID or site.SecondaryConnectorID. ### Parameters - `account_id: str` Identifier - `connectorid: Optional[str]` Identifier ### Returns - `class Site: …` - `id: Optional[str]` Identifier - `connector_id: Optional[str]` Magic Connector identifier tag. - `description: Optional[str]` - `ha_mode: Optional[bool]` Site high availability mode. If set to true, the site can have two connectors and runs in high availability mode. - `location: Optional[SiteLocation]` Location of site in latitude and longitude. - `lat: Optional[str]` Latitude - `lon: Optional[str]` Longitude - `name: Optional[str]` The name of the site. - `secondary_connector_id: Optional[str]` Magic Connector identifier tag. Used when high availability mode is on. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.magic_transit.sites.list( account_id="023e105f4ecef8ad9ca31a8372d0c353", ) page = page.result[0] print(page.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "023e105f4ecef8ad9ca31a8372d0c353", "connector_id": "ac60d3d0435248289d446cedd870bcf4", "description": "description", "ha_mode": true, "location": { "lat": "37.6192", "lon": "122.3816" }, "name": "site_1", "secondary_connector_id": "8d67040d3835dbcf46ce29da440dc482" } ], "success": true } ``` ## Site Details `magic_transit.sites.get(strsite_id, SiteGetParams**kwargs) -> Site` **get** `/accounts/{account_id}/magic/sites/{site_id}` Get a specific Site. ### Parameters - `account_id: str` Identifier - `site_id: str` Identifier - `x_magic_new_hc_target: Optional[bool]` ### Returns - `class Site: …` - `id: Optional[str]` Identifier - `connector_id: Optional[str]` Magic Connector identifier tag. - `description: Optional[str]` - `ha_mode: Optional[bool]` Site high availability mode. If set to true, the site can have two connectors and runs in high availability mode. - `location: Optional[SiteLocation]` Location of site in latitude and longitude. - `lat: Optional[str]` Latitude - `lon: Optional[str]` Longitude - `name: Optional[str]` The name of the site. - `secondary_connector_id: Optional[str]` Magic Connector identifier tag. Used when high availability mode is on. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) site = client.magic_transit.sites.get( site_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(site.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "connector_id": "ac60d3d0435248289d446cedd870bcf4", "description": "description", "ha_mode": true, "location": { "lat": "37.6192", "lon": "122.3816" }, "name": "site_1", "secondary_connector_id": "8d67040d3835dbcf46ce29da440dc482" }, "success": true } ``` ## Create a new Site `magic_transit.sites.create(SiteCreateParams**kwargs) -> Site` **post** `/accounts/{account_id}/magic/sites` Creates a new Site ### Parameters - `account_id: str` Identifier - `name: str` The name of the site. - `connector_id: Optional[str]` Magic Connector identifier tag. - `description: Optional[str]` - `ha_mode: Optional[bool]` Site high availability mode. If set to true, the site can have two connectors and runs in high availability mode. - `location: Optional[SiteLocationParam]` Location of site in latitude and longitude. - `lat: Optional[str]` Latitude - `lon: Optional[str]` Longitude - `secondary_connector_id: Optional[str]` Magic Connector identifier tag. Used when high availability mode is on. ### Returns - `class Site: …` - `id: Optional[str]` Identifier - `connector_id: Optional[str]` Magic Connector identifier tag. - `description: Optional[str]` - `ha_mode: Optional[bool]` Site high availability mode. If set to true, the site can have two connectors and runs in high availability mode. - `location: Optional[SiteLocation]` Location of site in latitude and longitude. - `lat: Optional[str]` Latitude - `lon: Optional[str]` Longitude - `name: Optional[str]` The name of the site. - `secondary_connector_id: Optional[str]` Magic Connector identifier tag. Used when high availability mode is on. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) site = client.magic_transit.sites.create( account_id="023e105f4ecef8ad9ca31a8372d0c353", name="site_1", ) print(site.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "connector_id": "ac60d3d0435248289d446cedd870bcf4", "description": "description", "ha_mode": true, "location": { "lat": "37.6192", "lon": "122.3816" }, "name": "site_1", "secondary_connector_id": "8d67040d3835dbcf46ce29da440dc482" }, "success": true } ``` ## Update Site `magic_transit.sites.update(strsite_id, SiteUpdateParams**kwargs) -> Site` **put** `/accounts/{account_id}/magic/sites/{site_id}` Update a specific Site. ### Parameters - `account_id: str` Identifier - `site_id: str` Identifier - `connector_id: Optional[str]` Magic Connector identifier tag. - `description: Optional[str]` - `location: Optional[SiteLocationParam]` Location of site in latitude and longitude. - `lat: Optional[str]` Latitude - `lon: Optional[str]` Longitude - `name: Optional[str]` The name of the site. - `secondary_connector_id: Optional[str]` Magic Connector identifier tag. Used when high availability mode is on. ### Returns - `class Site: …` - `id: Optional[str]` Identifier - `connector_id: Optional[str]` Magic Connector identifier tag. - `description: Optional[str]` - `ha_mode: Optional[bool]` Site high availability mode. If set to true, the site can have two connectors and runs in high availability mode. - `location: Optional[SiteLocation]` Location of site in latitude and longitude. - `lat: Optional[str]` Latitude - `lon: Optional[str]` Longitude - `name: Optional[str]` The name of the site. - `secondary_connector_id: Optional[str]` Magic Connector identifier tag. Used when high availability mode is on. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) site = client.magic_transit.sites.update( site_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(site.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "connector_id": "ac60d3d0435248289d446cedd870bcf4", "description": "description", "ha_mode": true, "location": { "lat": "37.6192", "lon": "122.3816" }, "name": "site_1", "secondary_connector_id": "8d67040d3835dbcf46ce29da440dc482" }, "success": true } ``` ## Patch Site `magic_transit.sites.edit(strsite_id, SiteEditParams**kwargs) -> Site` **patch** `/accounts/{account_id}/magic/sites/{site_id}` Patch a specific Site. ### Parameters - `account_id: str` Identifier - `site_id: str` Identifier - `connector_id: Optional[str]` Magic Connector identifier tag. - `description: Optional[str]` - `location: Optional[SiteLocationParam]` Location of site in latitude and longitude. - `lat: Optional[str]` Latitude - `lon: Optional[str]` Longitude - `name: Optional[str]` The name of the site. - `secondary_connector_id: Optional[str]` Magic Connector identifier tag. Used when high availability mode is on. ### Returns - `class Site: …` - `id: Optional[str]` Identifier - `connector_id: Optional[str]` Magic Connector identifier tag. - `description: Optional[str]` - `ha_mode: Optional[bool]` Site high availability mode. If set to true, the site can have two connectors and runs in high availability mode. - `location: Optional[SiteLocation]` Location of site in latitude and longitude. - `lat: Optional[str]` Latitude - `lon: Optional[str]` Longitude - `name: Optional[str]` The name of the site. - `secondary_connector_id: Optional[str]` Magic Connector identifier tag. Used when high availability mode is on. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) site = client.magic_transit.sites.edit( site_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(site.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "connector_id": "ac60d3d0435248289d446cedd870bcf4", "description": "description", "ha_mode": true, "location": { "lat": "37.6192", "lon": "122.3816" }, "name": "site_1", "secondary_connector_id": "8d67040d3835dbcf46ce29da440dc482" }, "success": true } ``` ## Delete Site `magic_transit.sites.delete(strsite_id, SiteDeleteParams**kwargs) -> Site` **delete** `/accounts/{account_id}/magic/sites/{site_id}` Remove a specific Site. ### Parameters - `account_id: str` Identifier - `site_id: str` Identifier ### Returns - `class Site: …` - `id: Optional[str]` Identifier - `connector_id: Optional[str]` Magic Connector identifier tag. - `description: Optional[str]` - `ha_mode: Optional[bool]` Site high availability mode. If set to true, the site can have two connectors and runs in high availability mode. - `location: Optional[SiteLocation]` Location of site in latitude and longitude. - `lat: Optional[str]` Latitude - `lon: Optional[str]` Longitude - `name: Optional[str]` The name of the site. - `secondary_connector_id: Optional[str]` Magic Connector identifier tag. Used when high availability mode is on. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) site = client.magic_transit.sites.delete( site_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(site.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "connector_id": "ac60d3d0435248289d446cedd870bcf4", "description": "description", "ha_mode": true, "location": { "lat": "37.6192", "lon": "122.3816" }, "name": "site_1", "secondary_connector_id": "8d67040d3835dbcf46ce29da440dc482" }, "success": true } ``` ## Domain Types ### Site - `class Site: …` - `id: Optional[str]` Identifier - `connector_id: Optional[str]` Magic Connector identifier tag. - `description: Optional[str]` - `ha_mode: Optional[bool]` Site high availability mode. If set to true, the site can have two connectors and runs in high availability mode. - `location: Optional[SiteLocation]` Location of site in latitude and longitude. - `lat: Optional[str]` Latitude - `lon: Optional[str]` Longitude - `name: Optional[str]` The name of the site. - `secondary_connector_id: Optional[str]` Magic Connector identifier tag. Used when high availability mode is on. ### Site Location - `class SiteLocation: …` Location of site in latitude and longitude. - `lat: Optional[str]` Latitude - `lon: Optional[str]` Longitude # App Configuration # ACLs ## List Site ACLs `magic_transit.sites.acls.list(strsite_id, ACLListParams**kwargs) -> SyncSinglePage[ACL]` **get** `/accounts/{account_id}/magic/sites/{site_id}/acls` Lists Site ACLs associated with an account. ### Parameters - `account_id: str` Identifier - `site_id: str` Identifier ### Returns - `class ACL: …` Bidirectional ACL policy for network traffic within a site. - `id: Optional[str]` Identifier - `description: Optional[str]` Description for the ACL. - `forward_locally: Optional[bool]` The desired forwarding action for this ACL policy. If set to "false", the policy will forward traffic to Cloudflare. If set to "true", the policy will forward traffic locally on the Magic Connector. If not included in request, will default to false. - `lan_1: Optional[ACLConfiguration]` - `lan_id: str` The identifier for the LAN you want to create an ACL policy with. - `lan_name: Optional[str]` The name of the LAN based on the provided lan_id. - `port_ranges: Optional[List[str]]` Array of port ranges on the provided LAN that will be included in the ACL. If no ports or port rangess are provided, communication on any port on this LAN is allowed. - `ports: Optional[List[int]]` Array of ports on the provided LAN that will be included in the ACL. If no ports or port ranges are provided, communication on any port on this LAN is allowed. - `subnets: Optional[List[Subnet]]` Array of subnet IPs within the LAN that will be included in the ACL. If no subnets are provided, communication on any subnets on this LAN are allowed. - `lan_2: Optional[ACLConfiguration]` - `name: Optional[str]` The name of the ACL. - `protocols: Optional[List[AllowedProtocol]]` - `"tcp"` - `"udp"` - `"icmp"` - `unidirectional: Optional[bool]` The desired traffic direction for this ACL policy. If set to "false", the policy will allow bidirectional traffic. If set to "true", the policy will only allow traffic in one direction. If not included in request, will default to false. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.magic_transit.sites.acls.list( site_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) page = page.result[0] print(page.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "023e105f4ecef8ad9ca31a8372d0c353", "description": "Allows local traffic between PIN pads and cash register.", "forward_locally": true, "lan_1": { "lan_id": "lan_id", "lan_name": "lan_name", "port_ranges": [ "8080-9000" ], "ports": [ 1 ], "subnets": [ "192.0.2.1" ] }, "lan_2": { "lan_id": "lan_id", "lan_name": "lan_name", "port_ranges": [ "8080-9000" ], "ports": [ 1 ], "subnets": [ "192.0.2.1" ] }, "name": "PIN Pad - Cash Register", "protocols": [ "tcp" ], "unidirectional": true } ], "success": true } ``` ## Site ACL Details `magic_transit.sites.acls.get(stracl_id, ACLGetParams**kwargs) -> ACL` **get** `/accounts/{account_id}/magic/sites/{site_id}/acls/{acl_id}` Get a specific Site ACL. ### Parameters - `account_id: str` Identifier - `site_id: str` Identifier - `acl_id: str` Identifier ### Returns - `class ACL: …` Bidirectional ACL policy for network traffic within a site. - `id: Optional[str]` Identifier - `description: Optional[str]` Description for the ACL. - `forward_locally: Optional[bool]` The desired forwarding action for this ACL policy. If set to "false", the policy will forward traffic to Cloudflare. If set to "true", the policy will forward traffic locally on the Magic Connector. If not included in request, will default to false. - `lan_1: Optional[ACLConfiguration]` - `lan_id: str` The identifier for the LAN you want to create an ACL policy with. - `lan_name: Optional[str]` The name of the LAN based on the provided lan_id. - `port_ranges: Optional[List[str]]` Array of port ranges on the provided LAN that will be included in the ACL. If no ports or port rangess are provided, communication on any port on this LAN is allowed. - `ports: Optional[List[int]]` Array of ports on the provided LAN that will be included in the ACL. If no ports or port ranges are provided, communication on any port on this LAN is allowed. - `subnets: Optional[List[Subnet]]` Array of subnet IPs within the LAN that will be included in the ACL. If no subnets are provided, communication on any subnets on this LAN are allowed. - `lan_2: Optional[ACLConfiguration]` - `name: Optional[str]` The name of the ACL. - `protocols: Optional[List[AllowedProtocol]]` - `"tcp"` - `"udp"` - `"icmp"` - `unidirectional: Optional[bool]` The desired traffic direction for this ACL policy. If set to "false", the policy will allow bidirectional traffic. If set to "true", the policy will only allow traffic in one direction. If not included in request, will default to false. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) acl = client.magic_transit.sites.acls.get( acl_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", site_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(acl.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "description": "Allows local traffic between PIN pads and cash register.", "forward_locally": true, "lan_1": { "lan_id": "lan_id", "lan_name": "lan_name", "port_ranges": [ "8080-9000" ], "ports": [ 1 ], "subnets": [ "192.0.2.1" ] }, "lan_2": { "lan_id": "lan_id", "lan_name": "lan_name", "port_ranges": [ "8080-9000" ], "ports": [ 1 ], "subnets": [ "192.0.2.1" ] }, "name": "PIN Pad - Cash Register", "protocols": [ "tcp" ], "unidirectional": true }, "success": true } ``` ## Create a new Site ACL `magic_transit.sites.acls.create(strsite_id, ACLCreateParams**kwargs) -> ACL` **post** `/accounts/{account_id}/magic/sites/{site_id}/acls` Creates a new Site ACL. ### Parameters - `account_id: str` Identifier - `site_id: str` Identifier - `lan_1: ACLConfigurationParam` - `lan_id: str` The identifier for the LAN you want to create an ACL policy with. - `lan_name: Optional[str]` The name of the LAN based on the provided lan_id. - `port_ranges: Optional[List[str]]` Array of port ranges on the provided LAN that will be included in the ACL. If no ports or port rangess are provided, communication on any port on this LAN is allowed. - `ports: Optional[List[int]]` Array of ports on the provided LAN that will be included in the ACL. If no ports or port ranges are provided, communication on any port on this LAN is allowed. - `subnets: Optional[List[Subnet]]` Array of subnet IPs within the LAN that will be included in the ACL. If no subnets are provided, communication on any subnets on this LAN are allowed. - `lan_2: ACLConfigurationParam` - `name: str` The name of the ACL. - `description: Optional[str]` Description for the ACL. - `forward_locally: Optional[bool]` The desired forwarding action for this ACL policy. If set to "false", the policy will forward traffic to Cloudflare. If set to "true", the policy will forward traffic locally on the Magic Connector. If not included in request, will default to false. - `protocols: Optional[List[AllowedProtocol]]` - `"tcp"` - `"udp"` - `"icmp"` - `unidirectional: Optional[bool]` The desired traffic direction for this ACL policy. If set to "false", the policy will allow bidirectional traffic. If set to "true", the policy will only allow traffic in one direction. If not included in request, will default to false. ### Returns - `class ACL: …` Bidirectional ACL policy for network traffic within a site. - `id: Optional[str]` Identifier - `description: Optional[str]` Description for the ACL. - `forward_locally: Optional[bool]` The desired forwarding action for this ACL policy. If set to "false", the policy will forward traffic to Cloudflare. If set to "true", the policy will forward traffic locally on the Magic Connector. If not included in request, will default to false. - `lan_1: Optional[ACLConfiguration]` - `lan_id: str` The identifier for the LAN you want to create an ACL policy with. - `lan_name: Optional[str]` The name of the LAN based on the provided lan_id. - `port_ranges: Optional[List[str]]` Array of port ranges on the provided LAN that will be included in the ACL. If no ports or port rangess are provided, communication on any port on this LAN is allowed. - `ports: Optional[List[int]]` Array of ports on the provided LAN that will be included in the ACL. If no ports or port ranges are provided, communication on any port on this LAN is allowed. - `subnets: Optional[List[Subnet]]` Array of subnet IPs within the LAN that will be included in the ACL. If no subnets are provided, communication on any subnets on this LAN are allowed. - `lan_2: Optional[ACLConfiguration]` - `name: Optional[str]` The name of the ACL. - `protocols: Optional[List[AllowedProtocol]]` - `"tcp"` - `"udp"` - `"icmp"` - `unidirectional: Optional[bool]` The desired traffic direction for this ACL policy. If set to "false", the policy will allow bidirectional traffic. If set to "true", the policy will only allow traffic in one direction. If not included in request, will default to false. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) acl = client.magic_transit.sites.acls.create( site_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", lan_1={ "lan_id": "lan_id" }, lan_2={ "lan_id": "lan_id" }, name="PIN Pad - Cash Register", ) print(acl.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "description": "Allows local traffic between PIN pads and cash register.", "forward_locally": true, "lan_1": { "lan_id": "lan_id", "lan_name": "lan_name", "port_ranges": [ "8080-9000" ], "ports": [ 1 ], "subnets": [ "192.0.2.1" ] }, "lan_2": { "lan_id": "lan_id", "lan_name": "lan_name", "port_ranges": [ "8080-9000" ], "ports": [ 1 ], "subnets": [ "192.0.2.1" ] }, "name": "PIN Pad - Cash Register", "protocols": [ "tcp" ], "unidirectional": true }, "success": true } ``` ## Update Site ACL `magic_transit.sites.acls.update(stracl_id, ACLUpdateParams**kwargs) -> ACL` **put** `/accounts/{account_id}/magic/sites/{site_id}/acls/{acl_id}` Update a specific Site ACL. ### Parameters - `account_id: str` Identifier - `site_id: str` Identifier - `acl_id: str` Identifier - `description: Optional[str]` Description for the ACL. - `forward_locally: Optional[bool]` The desired forwarding action for this ACL policy. If set to "false", the policy will forward traffic to Cloudflare. If set to "true", the policy will forward traffic locally on the Magic Connector. If not included in request, will default to false. - `lan_1: Optional[ACLConfigurationParam]` - `lan_id: str` The identifier for the LAN you want to create an ACL policy with. - `lan_name: Optional[str]` The name of the LAN based on the provided lan_id. - `port_ranges: Optional[List[str]]` Array of port ranges on the provided LAN that will be included in the ACL. If no ports or port rangess are provided, communication on any port on this LAN is allowed. - `ports: Optional[List[int]]` Array of ports on the provided LAN that will be included in the ACL. If no ports or port ranges are provided, communication on any port on this LAN is allowed. - `subnets: Optional[List[Subnet]]` Array of subnet IPs within the LAN that will be included in the ACL. If no subnets are provided, communication on any subnets on this LAN are allowed. - `lan_2: Optional[ACLConfigurationParam]` - `name: Optional[str]` The name of the ACL. - `protocols: Optional[List[AllowedProtocol]]` - `"tcp"` - `"udp"` - `"icmp"` - `unidirectional: Optional[bool]` The desired traffic direction for this ACL policy. If set to "false", the policy will allow bidirectional traffic. If set to "true", the policy will only allow traffic in one direction. If not included in request, will default to false. ### Returns - `class ACL: …` Bidirectional ACL policy for network traffic within a site. - `id: Optional[str]` Identifier - `description: Optional[str]` Description for the ACL. - `forward_locally: Optional[bool]` The desired forwarding action for this ACL policy. If set to "false", the policy will forward traffic to Cloudflare. If set to "true", the policy will forward traffic locally on the Magic Connector. If not included in request, will default to false. - `lan_1: Optional[ACLConfiguration]` - `lan_id: str` The identifier for the LAN you want to create an ACL policy with. - `lan_name: Optional[str]` The name of the LAN based on the provided lan_id. - `port_ranges: Optional[List[str]]` Array of port ranges on the provided LAN that will be included in the ACL. If no ports or port rangess are provided, communication on any port on this LAN is allowed. - `ports: Optional[List[int]]` Array of ports on the provided LAN that will be included in the ACL. If no ports or port ranges are provided, communication on any port on this LAN is allowed. - `subnets: Optional[List[Subnet]]` Array of subnet IPs within the LAN that will be included in the ACL. If no subnets are provided, communication on any subnets on this LAN are allowed. - `lan_2: Optional[ACLConfiguration]` - `name: Optional[str]` The name of the ACL. - `protocols: Optional[List[AllowedProtocol]]` - `"tcp"` - `"udp"` - `"icmp"` - `unidirectional: Optional[bool]` The desired traffic direction for this ACL policy. If set to "false", the policy will allow bidirectional traffic. If set to "true", the policy will only allow traffic in one direction. If not included in request, will default to false. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) acl = client.magic_transit.sites.acls.update( acl_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", site_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(acl.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "description": "Allows local traffic between PIN pads and cash register.", "forward_locally": true, "lan_1": { "lan_id": "lan_id", "lan_name": "lan_name", "port_ranges": [ "8080-9000" ], "ports": [ 1 ], "subnets": [ "192.0.2.1" ] }, "lan_2": { "lan_id": "lan_id", "lan_name": "lan_name", "port_ranges": [ "8080-9000" ], "ports": [ 1 ], "subnets": [ "192.0.2.1" ] }, "name": "PIN Pad - Cash Register", "protocols": [ "tcp" ], "unidirectional": true }, "success": true } ``` ## Patch Site ACL `magic_transit.sites.acls.edit(stracl_id, ACLEditParams**kwargs) -> ACL` **patch** `/accounts/{account_id}/magic/sites/{site_id}/acls/{acl_id}` Patch a specific Site ACL. ### Parameters - `account_id: str` Identifier - `site_id: str` Identifier - `acl_id: str` Identifier - `description: Optional[str]` Description for the ACL. - `forward_locally: Optional[bool]` The desired forwarding action for this ACL policy. If set to "false", the policy will forward traffic to Cloudflare. If set to "true", the policy will forward traffic locally on the Magic Connector. If not included in request, will default to false. - `lan_1: Optional[ACLConfigurationParam]` - `lan_id: str` The identifier for the LAN you want to create an ACL policy with. - `lan_name: Optional[str]` The name of the LAN based on the provided lan_id. - `port_ranges: Optional[List[str]]` Array of port ranges on the provided LAN that will be included in the ACL. If no ports or port rangess are provided, communication on any port on this LAN is allowed. - `ports: Optional[List[int]]` Array of ports on the provided LAN that will be included in the ACL. If no ports or port ranges are provided, communication on any port on this LAN is allowed. - `subnets: Optional[List[Subnet]]` Array of subnet IPs within the LAN that will be included in the ACL. If no subnets are provided, communication on any subnets on this LAN are allowed. - `lan_2: Optional[ACLConfigurationParam]` - `name: Optional[str]` The name of the ACL. - `protocols: Optional[List[AllowedProtocol]]` - `"tcp"` - `"udp"` - `"icmp"` - `unidirectional: Optional[bool]` The desired traffic direction for this ACL policy. If set to "false", the policy will allow bidirectional traffic. If set to "true", the policy will only allow traffic in one direction. If not included in request, will default to false. ### Returns - `class ACL: …` Bidirectional ACL policy for network traffic within a site. - `id: Optional[str]` Identifier - `description: Optional[str]` Description for the ACL. - `forward_locally: Optional[bool]` The desired forwarding action for this ACL policy. If set to "false", the policy will forward traffic to Cloudflare. If set to "true", the policy will forward traffic locally on the Magic Connector. If not included in request, will default to false. - `lan_1: Optional[ACLConfiguration]` - `lan_id: str` The identifier for the LAN you want to create an ACL policy with. - `lan_name: Optional[str]` The name of the LAN based on the provided lan_id. - `port_ranges: Optional[List[str]]` Array of port ranges on the provided LAN that will be included in the ACL. If no ports or port rangess are provided, communication on any port on this LAN is allowed. - `ports: Optional[List[int]]` Array of ports on the provided LAN that will be included in the ACL. If no ports or port ranges are provided, communication on any port on this LAN is allowed. - `subnets: Optional[List[Subnet]]` Array of subnet IPs within the LAN that will be included in the ACL. If no subnets are provided, communication on any subnets on this LAN are allowed. - `lan_2: Optional[ACLConfiguration]` - `name: Optional[str]` The name of the ACL. - `protocols: Optional[List[AllowedProtocol]]` - `"tcp"` - `"udp"` - `"icmp"` - `unidirectional: Optional[bool]` The desired traffic direction for this ACL policy. If set to "false", the policy will allow bidirectional traffic. If set to "true", the policy will only allow traffic in one direction. If not included in request, will default to false. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) acl = client.magic_transit.sites.acls.edit( acl_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", site_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(acl.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "description": "Allows local traffic between PIN pads and cash register.", "forward_locally": true, "lan_1": { "lan_id": "lan_id", "lan_name": "lan_name", "port_ranges": [ "8080-9000" ], "ports": [ 1 ], "subnets": [ "192.0.2.1" ] }, "lan_2": { "lan_id": "lan_id", "lan_name": "lan_name", "port_ranges": [ "8080-9000" ], "ports": [ 1 ], "subnets": [ "192.0.2.1" ] }, "name": "PIN Pad - Cash Register", "protocols": [ "tcp" ], "unidirectional": true }, "success": true } ``` ## Delete Site ACL `magic_transit.sites.acls.delete(stracl_id, ACLDeleteParams**kwargs) -> ACL` **delete** `/accounts/{account_id}/magic/sites/{site_id}/acls/{acl_id}` Remove a specific Site ACL. ### Parameters - `account_id: str` Identifier - `site_id: str` Identifier - `acl_id: str` Identifier ### Returns - `class ACL: …` Bidirectional ACL policy for network traffic within a site. - `id: Optional[str]` Identifier - `description: Optional[str]` Description for the ACL. - `forward_locally: Optional[bool]` The desired forwarding action for this ACL policy. If set to "false", the policy will forward traffic to Cloudflare. If set to "true", the policy will forward traffic locally on the Magic Connector. If not included in request, will default to false. - `lan_1: Optional[ACLConfiguration]` - `lan_id: str` The identifier for the LAN you want to create an ACL policy with. - `lan_name: Optional[str]` The name of the LAN based on the provided lan_id. - `port_ranges: Optional[List[str]]` Array of port ranges on the provided LAN that will be included in the ACL. If no ports or port rangess are provided, communication on any port on this LAN is allowed. - `ports: Optional[List[int]]` Array of ports on the provided LAN that will be included in the ACL. If no ports or port ranges are provided, communication on any port on this LAN is allowed. - `subnets: Optional[List[Subnet]]` Array of subnet IPs within the LAN that will be included in the ACL. If no subnets are provided, communication on any subnets on this LAN are allowed. - `lan_2: Optional[ACLConfiguration]` - `name: Optional[str]` The name of the ACL. - `protocols: Optional[List[AllowedProtocol]]` - `"tcp"` - `"udp"` - `"icmp"` - `unidirectional: Optional[bool]` The desired traffic direction for this ACL policy. If set to "false", the policy will allow bidirectional traffic. If set to "true", the policy will only allow traffic in one direction. If not included in request, will default to false. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) acl = client.magic_transit.sites.acls.delete( acl_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", site_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(acl.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "description": "Allows local traffic between PIN pads and cash register.", "forward_locally": true, "lan_1": { "lan_id": "lan_id", "lan_name": "lan_name", "port_ranges": [ "8080-9000" ], "ports": [ 1 ], "subnets": [ "192.0.2.1" ] }, "lan_2": { "lan_id": "lan_id", "lan_name": "lan_name", "port_ranges": [ "8080-9000" ], "ports": [ 1 ], "subnets": [ "192.0.2.1" ] }, "name": "PIN Pad - Cash Register", "protocols": [ "tcp" ], "unidirectional": true }, "success": true } ``` ## Domain Types ### ACL - `class ACL: …` Bidirectional ACL policy for network traffic within a site. - `id: Optional[str]` Identifier - `description: Optional[str]` Description for the ACL. - `forward_locally: Optional[bool]` The desired forwarding action for this ACL policy. If set to "false", the policy will forward traffic to Cloudflare. If set to "true", the policy will forward traffic locally on the Magic Connector. If not included in request, will default to false. - `lan_1: Optional[ACLConfiguration]` - `lan_id: str` The identifier for the LAN you want to create an ACL policy with. - `lan_name: Optional[str]` The name of the LAN based on the provided lan_id. - `port_ranges: Optional[List[str]]` Array of port ranges on the provided LAN that will be included in the ACL. If no ports or port rangess are provided, communication on any port on this LAN is allowed. - `ports: Optional[List[int]]` Array of ports on the provided LAN that will be included in the ACL. If no ports or port ranges are provided, communication on any port on this LAN is allowed. - `subnets: Optional[List[Subnet]]` Array of subnet IPs within the LAN that will be included in the ACL. If no subnets are provided, communication on any subnets on this LAN are allowed. - `lan_2: Optional[ACLConfiguration]` - `name: Optional[str]` The name of the ACL. - `protocols: Optional[List[AllowedProtocol]]` - `"tcp"` - `"udp"` - `"icmp"` - `unidirectional: Optional[bool]` The desired traffic direction for this ACL policy. If set to "false", the policy will allow bidirectional traffic. If set to "true", the policy will only allow traffic in one direction. If not included in request, will default to false. ### ACL Configuration - `class ACLConfiguration: …` - `lan_id: str` The identifier for the LAN you want to create an ACL policy with. - `lan_name: Optional[str]` The name of the LAN based on the provided lan_id. - `port_ranges: Optional[List[str]]` Array of port ranges on the provided LAN that will be included in the ACL. If no ports or port rangess are provided, communication on any port on this LAN is allowed. - `ports: Optional[List[int]]` Array of ports on the provided LAN that will be included in the ACL. If no ports or port ranges are provided, communication on any port on this LAN is allowed. - `subnets: Optional[List[Subnet]]` Array of subnet IPs within the LAN that will be included in the ACL. If no subnets are provided, communication on any subnets on this LAN are allowed. ### Allowed Protocol - `Literal["tcp", "udp", "icmp"]` Array of allowed communication protocols between configured LANs. If no protocols are provided, all protocols are allowed. - `"tcp"` - `"udp"` - `"icmp"` ### Subnet - `str` A valid IPv4 address. # LANs ## List Site LANs `magic_transit.sites.lans.list(strsite_id, LANListParams**kwargs) -> SyncSinglePage[LAN]` **get** `/accounts/{account_id}/magic/sites/{site_id}/lans` Lists Site LANs associated with an account. ### Parameters - `account_id: str` Identifier - `site_id: str` Identifier ### Returns - `class LAN: …` - `id: Optional[str]` Identifier - `bond_id: Optional[int]` - `ha_link: Optional[bool]` mark true to use this LAN for HA probing. only works for site with HA turned on. only one LAN can be set as the ha_link. - `is_breakout: Optional[bool]` mark true to use this LAN for source-based breakout traffic - `is_prioritized: Optional[bool]` mark true to use this LAN for source-based prioritized traffic - `name: Optional[str]` - `nat: Optional[Nat]` - `static_prefix: Optional[str]` A valid CIDR notation representing an IP range. - `physport: Optional[int]` - `routed_subnets: Optional[List[RoutedSubnet]]` - `next_hop: str` A valid IPv4 address. - `prefix: str` A valid CIDR notation representing an IP range. - `nat: Optional[Nat]` - `site_id: Optional[str]` Identifier - `static_addressing: Optional[LANStaticAddressing]` If the site is not configured in high availability mode, this configuration is optional (if omitted, use DHCP). However, if in high availability mode, static_address is required along with secondary and virtual address. - `address: str` A valid CIDR notation representing an IP range. - `dhcp_relay: Optional[DHCPRelay]` - `server_addresses: Optional[List[str]]` List of DHCP server IPs. - `dhcp_server: Optional[DHCPServer]` - `dhcp_pool_end: Optional[str]` A valid IPv4 address. - `dhcp_pool_start: Optional[str]` A valid IPv4 address. - `dns_server: Optional[str]` A valid IPv4 address. - `dns_servers: Optional[List[str]]` - `reservations: Optional[Dict[str, str]]` Mapping of MAC addresses to IP addresses - `secondary_address: Optional[str]` A valid CIDR notation representing an IP range. - `virtual_address: Optional[str]` A valid CIDR notation representing an IP range. - `vlan_tag: Optional[int]` VLAN ID. Use zero for untagged. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.magic_transit.sites.lans.list( site_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) page = page.result[0] print(page.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "023e105f4ecef8ad9ca31a8372d0c353", "bond_id": 2, "ha_link": true, "is_breakout": true, "is_prioritized": true, "name": "name", "nat": { "static_prefix": "192.0.2.0/24" }, "physport": 1, "routed_subnets": [ { "next_hop": "192.0.2.1", "prefix": "192.0.2.0/24", "nat": { "static_prefix": "192.0.2.0/24" } } ], "site_id": "023e105f4ecef8ad9ca31a8372d0c353", "static_addressing": { "address": "192.0.2.0/24", "dhcp_relay": { "server_addresses": [ "192.0.2.1" ] }, "dhcp_server": { "dhcp_pool_end": "192.0.2.1", "dhcp_pool_start": "192.0.2.1", "dns_server": "192.0.2.1", "dns_servers": [ "192.0.2.1" ], "reservations": { "00:11:22:33:44:55": "192.0.2.100", "AA:BB:CC:DD:EE:FF": "192.168.1.101" } }, "secondary_address": "192.0.2.0/24", "virtual_address": "192.0.2.0/24" }, "vlan_tag": 42 } ], "success": true } ``` ## Site LAN Details `magic_transit.sites.lans.get(strlan_id, LANGetParams**kwargs) -> LAN` **get** `/accounts/{account_id}/magic/sites/{site_id}/lans/{lan_id}` Get a specific Site LAN. ### Parameters - `account_id: str` Identifier - `site_id: str` Identifier - `lan_id: str` Identifier ### Returns - `class LAN: …` - `id: Optional[str]` Identifier - `bond_id: Optional[int]` - `ha_link: Optional[bool]` mark true to use this LAN for HA probing. only works for site with HA turned on. only one LAN can be set as the ha_link. - `is_breakout: Optional[bool]` mark true to use this LAN for source-based breakout traffic - `is_prioritized: Optional[bool]` mark true to use this LAN for source-based prioritized traffic - `name: Optional[str]` - `nat: Optional[Nat]` - `static_prefix: Optional[str]` A valid CIDR notation representing an IP range. - `physport: Optional[int]` - `routed_subnets: Optional[List[RoutedSubnet]]` - `next_hop: str` A valid IPv4 address. - `prefix: str` A valid CIDR notation representing an IP range. - `nat: Optional[Nat]` - `site_id: Optional[str]` Identifier - `static_addressing: Optional[LANStaticAddressing]` If the site is not configured in high availability mode, this configuration is optional (if omitted, use DHCP). However, if in high availability mode, static_address is required along with secondary and virtual address. - `address: str` A valid CIDR notation representing an IP range. - `dhcp_relay: Optional[DHCPRelay]` - `server_addresses: Optional[List[str]]` List of DHCP server IPs. - `dhcp_server: Optional[DHCPServer]` - `dhcp_pool_end: Optional[str]` A valid IPv4 address. - `dhcp_pool_start: Optional[str]` A valid IPv4 address. - `dns_server: Optional[str]` A valid IPv4 address. - `dns_servers: Optional[List[str]]` - `reservations: Optional[Dict[str, str]]` Mapping of MAC addresses to IP addresses - `secondary_address: Optional[str]` A valid CIDR notation representing an IP range. - `virtual_address: Optional[str]` A valid CIDR notation representing an IP range. - `vlan_tag: Optional[int]` VLAN ID. Use zero for untagged. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) lan = client.magic_transit.sites.lans.get( lan_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", site_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(lan.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "bond_id": 2, "ha_link": true, "is_breakout": true, "is_prioritized": true, "name": "name", "nat": { "static_prefix": "192.0.2.0/24" }, "physport": 1, "routed_subnets": [ { "next_hop": "192.0.2.1", "prefix": "192.0.2.0/24", "nat": { "static_prefix": "192.0.2.0/24" } } ], "site_id": "023e105f4ecef8ad9ca31a8372d0c353", "static_addressing": { "address": "192.0.2.0/24", "dhcp_relay": { "server_addresses": [ "192.0.2.1" ] }, "dhcp_server": { "dhcp_pool_end": "192.0.2.1", "dhcp_pool_start": "192.0.2.1", "dns_server": "192.0.2.1", "dns_servers": [ "192.0.2.1" ], "reservations": { "00:11:22:33:44:55": "192.0.2.100", "AA:BB:CC:DD:EE:FF": "192.168.1.101" } }, "secondary_address": "192.0.2.0/24", "virtual_address": "192.0.2.0/24" }, "vlan_tag": 42 }, "success": true } ``` ## Create a new Site LAN `magic_transit.sites.lans.create(strsite_id, LANCreateParams**kwargs) -> SyncSinglePage[LAN]` **post** `/accounts/{account_id}/magic/sites/{site_id}/lans` Creates a new Site LAN. If the site is in high availability mode, static_addressing is required along with secondary and virtual address. ### Parameters - `account_id: str` Identifier - `site_id: str` Identifier - `bond_id: Optional[int]` - `ha_link: Optional[bool]` mark true to use this LAN for HA probing. only works for site with HA turned on. only one LAN can be set as the ha_link. - `is_breakout: Optional[bool]` mark true to use this LAN for source-based breakout traffic - `is_prioritized: Optional[bool]` mark true to use this LAN for source-based prioritized traffic - `name: Optional[str]` - `nat: Optional[NatParam]` - `static_prefix: Optional[str]` A valid CIDR notation representing an IP range. - `physport: Optional[int]` - `routed_subnets: Optional[Iterable[RoutedSubnetParam]]` - `next_hop: str` A valid IPv4 address. - `prefix: str` A valid CIDR notation representing an IP range. - `nat: Optional[Nat]` - `static_addressing: Optional[LANStaticAddressingParam]` If the site is not configured in high availability mode, this configuration is optional (if omitted, use DHCP). However, if in high availability mode, static_address is required along with secondary and virtual address. - `address: str` A valid CIDR notation representing an IP range. - `dhcp_relay: Optional[DHCPRelay]` - `server_addresses: Optional[List[str]]` List of DHCP server IPs. - `dhcp_server: Optional[DHCPServer]` - `dhcp_pool_end: Optional[str]` A valid IPv4 address. - `dhcp_pool_start: Optional[str]` A valid IPv4 address. - `dns_server: Optional[str]` A valid IPv4 address. - `dns_servers: Optional[List[str]]` - `reservations: Optional[Dict[str, str]]` Mapping of MAC addresses to IP addresses - `secondary_address: Optional[str]` A valid CIDR notation representing an IP range. - `virtual_address: Optional[str]` A valid CIDR notation representing an IP range. - `vlan_tag: Optional[int]` VLAN ID. Use zero for untagged. ### Returns - `class LAN: …` - `id: Optional[str]` Identifier - `bond_id: Optional[int]` - `ha_link: Optional[bool]` mark true to use this LAN for HA probing. only works for site with HA turned on. only one LAN can be set as the ha_link. - `is_breakout: Optional[bool]` mark true to use this LAN for source-based breakout traffic - `is_prioritized: Optional[bool]` mark true to use this LAN for source-based prioritized traffic - `name: Optional[str]` - `nat: Optional[Nat]` - `static_prefix: Optional[str]` A valid CIDR notation representing an IP range. - `physport: Optional[int]` - `routed_subnets: Optional[List[RoutedSubnet]]` - `next_hop: str` A valid IPv4 address. - `prefix: str` A valid CIDR notation representing an IP range. - `nat: Optional[Nat]` - `site_id: Optional[str]` Identifier - `static_addressing: Optional[LANStaticAddressing]` If the site is not configured in high availability mode, this configuration is optional (if omitted, use DHCP). However, if in high availability mode, static_address is required along with secondary and virtual address. - `address: str` A valid CIDR notation representing an IP range. - `dhcp_relay: Optional[DHCPRelay]` - `server_addresses: Optional[List[str]]` List of DHCP server IPs. - `dhcp_server: Optional[DHCPServer]` - `dhcp_pool_end: Optional[str]` A valid IPv4 address. - `dhcp_pool_start: Optional[str]` A valid IPv4 address. - `dns_server: Optional[str]` A valid IPv4 address. - `dns_servers: Optional[List[str]]` - `reservations: Optional[Dict[str, str]]` Mapping of MAC addresses to IP addresses - `secondary_address: Optional[str]` A valid CIDR notation representing an IP range. - `virtual_address: Optional[str]` A valid CIDR notation representing an IP range. - `vlan_tag: Optional[int]` VLAN ID. Use zero for untagged. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.magic_transit.sites.lans.create( site_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) page = page.result[0] print(page.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "023e105f4ecef8ad9ca31a8372d0c353", "bond_id": 2, "ha_link": true, "is_breakout": true, "is_prioritized": true, "name": "name", "nat": { "static_prefix": "192.0.2.0/24" }, "physport": 1, "routed_subnets": [ { "next_hop": "192.0.2.1", "prefix": "192.0.2.0/24", "nat": { "static_prefix": "192.0.2.0/24" } } ], "site_id": "023e105f4ecef8ad9ca31a8372d0c353", "static_addressing": { "address": "192.0.2.0/24", "dhcp_relay": { "server_addresses": [ "192.0.2.1" ] }, "dhcp_server": { "dhcp_pool_end": "192.0.2.1", "dhcp_pool_start": "192.0.2.1", "dns_server": "192.0.2.1", "dns_servers": [ "192.0.2.1" ], "reservations": { "00:11:22:33:44:55": "192.0.2.100", "AA:BB:CC:DD:EE:FF": "192.168.1.101" } }, "secondary_address": "192.0.2.0/24", "virtual_address": "192.0.2.0/24" }, "vlan_tag": 42 } ], "success": true } ``` ## Update Site LAN `magic_transit.sites.lans.update(strlan_id, LANUpdateParams**kwargs) -> LAN` **put** `/accounts/{account_id}/magic/sites/{site_id}/lans/{lan_id}` Update a specific Site LAN. ### Parameters - `account_id: str` Identifier - `site_id: str` Identifier - `lan_id: str` Identifier - `bond_id: Optional[int]` - `is_breakout: Optional[bool]` mark true to use this LAN for source-based breakout traffic - `is_prioritized: Optional[bool]` mark true to use this LAN for source-based prioritized traffic - `name: Optional[str]` - `nat: Optional[NatParam]` - `static_prefix: Optional[str]` A valid CIDR notation representing an IP range. - `physport: Optional[int]` - `routed_subnets: Optional[Iterable[RoutedSubnetParam]]` - `next_hop: str` A valid IPv4 address. - `prefix: str` A valid CIDR notation representing an IP range. - `nat: Optional[Nat]` - `static_addressing: Optional[LANStaticAddressingParam]` If the site is not configured in high availability mode, this configuration is optional (if omitted, use DHCP). However, if in high availability mode, static_address is required along with secondary and virtual address. - `address: str` A valid CIDR notation representing an IP range. - `dhcp_relay: Optional[DHCPRelay]` - `server_addresses: Optional[List[str]]` List of DHCP server IPs. - `dhcp_server: Optional[DHCPServer]` - `dhcp_pool_end: Optional[str]` A valid IPv4 address. - `dhcp_pool_start: Optional[str]` A valid IPv4 address. - `dns_server: Optional[str]` A valid IPv4 address. - `dns_servers: Optional[List[str]]` - `reservations: Optional[Dict[str, str]]` Mapping of MAC addresses to IP addresses - `secondary_address: Optional[str]` A valid CIDR notation representing an IP range. - `virtual_address: Optional[str]` A valid CIDR notation representing an IP range. - `vlan_tag: Optional[int]` VLAN ID. Use zero for untagged. ### Returns - `class LAN: …` - `id: Optional[str]` Identifier - `bond_id: Optional[int]` - `ha_link: Optional[bool]` mark true to use this LAN for HA probing. only works for site with HA turned on. only one LAN can be set as the ha_link. - `is_breakout: Optional[bool]` mark true to use this LAN for source-based breakout traffic - `is_prioritized: Optional[bool]` mark true to use this LAN for source-based prioritized traffic - `name: Optional[str]` - `nat: Optional[Nat]` - `static_prefix: Optional[str]` A valid CIDR notation representing an IP range. - `physport: Optional[int]` - `routed_subnets: Optional[List[RoutedSubnet]]` - `next_hop: str` A valid IPv4 address. - `prefix: str` A valid CIDR notation representing an IP range. - `nat: Optional[Nat]` - `site_id: Optional[str]` Identifier - `static_addressing: Optional[LANStaticAddressing]` If the site is not configured in high availability mode, this configuration is optional (if omitted, use DHCP). However, if in high availability mode, static_address is required along with secondary and virtual address. - `address: str` A valid CIDR notation representing an IP range. - `dhcp_relay: Optional[DHCPRelay]` - `server_addresses: Optional[List[str]]` List of DHCP server IPs. - `dhcp_server: Optional[DHCPServer]` - `dhcp_pool_end: Optional[str]` A valid IPv4 address. - `dhcp_pool_start: Optional[str]` A valid IPv4 address. - `dns_server: Optional[str]` A valid IPv4 address. - `dns_servers: Optional[List[str]]` - `reservations: Optional[Dict[str, str]]` Mapping of MAC addresses to IP addresses - `secondary_address: Optional[str]` A valid CIDR notation representing an IP range. - `virtual_address: Optional[str]` A valid CIDR notation representing an IP range. - `vlan_tag: Optional[int]` VLAN ID. Use zero for untagged. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) lan = client.magic_transit.sites.lans.update( lan_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", site_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(lan.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "bond_id": 2, "ha_link": true, "is_breakout": true, "is_prioritized": true, "name": "name", "nat": { "static_prefix": "192.0.2.0/24" }, "physport": 1, "routed_subnets": [ { "next_hop": "192.0.2.1", "prefix": "192.0.2.0/24", "nat": { "static_prefix": "192.0.2.0/24" } } ], "site_id": "023e105f4ecef8ad9ca31a8372d0c353", "static_addressing": { "address": "192.0.2.0/24", "dhcp_relay": { "server_addresses": [ "192.0.2.1" ] }, "dhcp_server": { "dhcp_pool_end": "192.0.2.1", "dhcp_pool_start": "192.0.2.1", "dns_server": "192.0.2.1", "dns_servers": [ "192.0.2.1" ], "reservations": { "00:11:22:33:44:55": "192.0.2.100", "AA:BB:CC:DD:EE:FF": "192.168.1.101" } }, "secondary_address": "192.0.2.0/24", "virtual_address": "192.0.2.0/24" }, "vlan_tag": 42 }, "success": true } ``` ## Patch Site LAN `magic_transit.sites.lans.edit(strlan_id, LANEditParams**kwargs) -> LAN` **patch** `/accounts/{account_id}/magic/sites/{site_id}/lans/{lan_id}` Patch a specific Site LAN. ### Parameters - `account_id: str` Identifier - `site_id: str` Identifier - `lan_id: str` Identifier - `bond_id: Optional[int]` - `is_breakout: Optional[bool]` mark true to use this LAN for source-based breakout traffic - `is_prioritized: Optional[bool]` mark true to use this LAN for source-based prioritized traffic - `name: Optional[str]` - `nat: Optional[NatParam]` - `static_prefix: Optional[str]` A valid CIDR notation representing an IP range. - `physport: Optional[int]` - `routed_subnets: Optional[Iterable[RoutedSubnetParam]]` - `next_hop: str` A valid IPv4 address. - `prefix: str` A valid CIDR notation representing an IP range. - `nat: Optional[Nat]` - `static_addressing: Optional[LANStaticAddressingParam]` If the site is not configured in high availability mode, this configuration is optional (if omitted, use DHCP). However, if in high availability mode, static_address is required along with secondary and virtual address. - `address: str` A valid CIDR notation representing an IP range. - `dhcp_relay: Optional[DHCPRelay]` - `server_addresses: Optional[List[str]]` List of DHCP server IPs. - `dhcp_server: Optional[DHCPServer]` - `dhcp_pool_end: Optional[str]` A valid IPv4 address. - `dhcp_pool_start: Optional[str]` A valid IPv4 address. - `dns_server: Optional[str]` A valid IPv4 address. - `dns_servers: Optional[List[str]]` - `reservations: Optional[Dict[str, str]]` Mapping of MAC addresses to IP addresses - `secondary_address: Optional[str]` A valid CIDR notation representing an IP range. - `virtual_address: Optional[str]` A valid CIDR notation representing an IP range. - `vlan_tag: Optional[int]` VLAN ID. Use zero for untagged. ### Returns - `class LAN: …` - `id: Optional[str]` Identifier - `bond_id: Optional[int]` - `ha_link: Optional[bool]` mark true to use this LAN for HA probing. only works for site with HA turned on. only one LAN can be set as the ha_link. - `is_breakout: Optional[bool]` mark true to use this LAN for source-based breakout traffic - `is_prioritized: Optional[bool]` mark true to use this LAN for source-based prioritized traffic - `name: Optional[str]` - `nat: Optional[Nat]` - `static_prefix: Optional[str]` A valid CIDR notation representing an IP range. - `physport: Optional[int]` - `routed_subnets: Optional[List[RoutedSubnet]]` - `next_hop: str` A valid IPv4 address. - `prefix: str` A valid CIDR notation representing an IP range. - `nat: Optional[Nat]` - `site_id: Optional[str]` Identifier - `static_addressing: Optional[LANStaticAddressing]` If the site is not configured in high availability mode, this configuration is optional (if omitted, use DHCP). However, if in high availability mode, static_address is required along with secondary and virtual address. - `address: str` A valid CIDR notation representing an IP range. - `dhcp_relay: Optional[DHCPRelay]` - `server_addresses: Optional[List[str]]` List of DHCP server IPs. - `dhcp_server: Optional[DHCPServer]` - `dhcp_pool_end: Optional[str]` A valid IPv4 address. - `dhcp_pool_start: Optional[str]` A valid IPv4 address. - `dns_server: Optional[str]` A valid IPv4 address. - `dns_servers: Optional[List[str]]` - `reservations: Optional[Dict[str, str]]` Mapping of MAC addresses to IP addresses - `secondary_address: Optional[str]` A valid CIDR notation representing an IP range. - `virtual_address: Optional[str]` A valid CIDR notation representing an IP range. - `vlan_tag: Optional[int]` VLAN ID. Use zero for untagged. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) lan = client.magic_transit.sites.lans.edit( lan_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", site_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(lan.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "bond_id": 2, "ha_link": true, "is_breakout": true, "is_prioritized": true, "name": "name", "nat": { "static_prefix": "192.0.2.0/24" }, "physport": 1, "routed_subnets": [ { "next_hop": "192.0.2.1", "prefix": "192.0.2.0/24", "nat": { "static_prefix": "192.0.2.0/24" } } ], "site_id": "023e105f4ecef8ad9ca31a8372d0c353", "static_addressing": { "address": "192.0.2.0/24", "dhcp_relay": { "server_addresses": [ "192.0.2.1" ] }, "dhcp_server": { "dhcp_pool_end": "192.0.2.1", "dhcp_pool_start": "192.0.2.1", "dns_server": "192.0.2.1", "dns_servers": [ "192.0.2.1" ], "reservations": { "00:11:22:33:44:55": "192.0.2.100", "AA:BB:CC:DD:EE:FF": "192.168.1.101" } }, "secondary_address": "192.0.2.0/24", "virtual_address": "192.0.2.0/24" }, "vlan_tag": 42 }, "success": true } ``` ## Delete Site LAN `magic_transit.sites.lans.delete(strlan_id, LANDeleteParams**kwargs) -> LAN` **delete** `/accounts/{account_id}/magic/sites/{site_id}/lans/{lan_id}` Remove a specific Site LAN. ### Parameters - `account_id: str` Identifier - `site_id: str` Identifier - `lan_id: str` Identifier ### Returns - `class LAN: …` - `id: Optional[str]` Identifier - `bond_id: Optional[int]` - `ha_link: Optional[bool]` mark true to use this LAN for HA probing. only works for site with HA turned on. only one LAN can be set as the ha_link. - `is_breakout: Optional[bool]` mark true to use this LAN for source-based breakout traffic - `is_prioritized: Optional[bool]` mark true to use this LAN for source-based prioritized traffic - `name: Optional[str]` - `nat: Optional[Nat]` - `static_prefix: Optional[str]` A valid CIDR notation representing an IP range. - `physport: Optional[int]` - `routed_subnets: Optional[List[RoutedSubnet]]` - `next_hop: str` A valid IPv4 address. - `prefix: str` A valid CIDR notation representing an IP range. - `nat: Optional[Nat]` - `site_id: Optional[str]` Identifier - `static_addressing: Optional[LANStaticAddressing]` If the site is not configured in high availability mode, this configuration is optional (if omitted, use DHCP). However, if in high availability mode, static_address is required along with secondary and virtual address. - `address: str` A valid CIDR notation representing an IP range. - `dhcp_relay: Optional[DHCPRelay]` - `server_addresses: Optional[List[str]]` List of DHCP server IPs. - `dhcp_server: Optional[DHCPServer]` - `dhcp_pool_end: Optional[str]` A valid IPv4 address. - `dhcp_pool_start: Optional[str]` A valid IPv4 address. - `dns_server: Optional[str]` A valid IPv4 address. - `dns_servers: Optional[List[str]]` - `reservations: Optional[Dict[str, str]]` Mapping of MAC addresses to IP addresses - `secondary_address: Optional[str]` A valid CIDR notation representing an IP range. - `virtual_address: Optional[str]` A valid CIDR notation representing an IP range. - `vlan_tag: Optional[int]` VLAN ID. Use zero for untagged. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) lan = client.magic_transit.sites.lans.delete( lan_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", site_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(lan.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "bond_id": 2, "ha_link": true, "is_breakout": true, "is_prioritized": true, "name": "name", "nat": { "static_prefix": "192.0.2.0/24" }, "physport": 1, "routed_subnets": [ { "next_hop": "192.0.2.1", "prefix": "192.0.2.0/24", "nat": { "static_prefix": "192.0.2.0/24" } } ], "site_id": "023e105f4ecef8ad9ca31a8372d0c353", "static_addressing": { "address": "192.0.2.0/24", "dhcp_relay": { "server_addresses": [ "192.0.2.1" ] }, "dhcp_server": { "dhcp_pool_end": "192.0.2.1", "dhcp_pool_start": "192.0.2.1", "dns_server": "192.0.2.1", "dns_servers": [ "192.0.2.1" ], "reservations": { "00:11:22:33:44:55": "192.0.2.100", "AA:BB:CC:DD:EE:FF": "192.168.1.101" } }, "secondary_address": "192.0.2.0/24", "virtual_address": "192.0.2.0/24" }, "vlan_tag": 42 }, "success": true } ``` ## Domain Types ### DHCP Relay - `class DHCPRelay: …` - `server_addresses: Optional[List[str]]` List of DHCP server IPs. ### DHCP Server - `class DHCPServer: …` - `dhcp_pool_end: Optional[str]` A valid IPv4 address. - `dhcp_pool_start: Optional[str]` A valid IPv4 address. - `dns_server: Optional[str]` A valid IPv4 address. - `dns_servers: Optional[List[str]]` - `reservations: Optional[Dict[str, str]]` Mapping of MAC addresses to IP addresses ### LAN - `class LAN: …` - `id: Optional[str]` Identifier - `bond_id: Optional[int]` - `ha_link: Optional[bool]` mark true to use this LAN for HA probing. only works for site with HA turned on. only one LAN can be set as the ha_link. - `is_breakout: Optional[bool]` mark true to use this LAN for source-based breakout traffic - `is_prioritized: Optional[bool]` mark true to use this LAN for source-based prioritized traffic - `name: Optional[str]` - `nat: Optional[Nat]` - `static_prefix: Optional[str]` A valid CIDR notation representing an IP range. - `physport: Optional[int]` - `routed_subnets: Optional[List[RoutedSubnet]]` - `next_hop: str` A valid IPv4 address. - `prefix: str` A valid CIDR notation representing an IP range. - `nat: Optional[Nat]` - `site_id: Optional[str]` Identifier - `static_addressing: Optional[LANStaticAddressing]` If the site is not configured in high availability mode, this configuration is optional (if omitted, use DHCP). However, if in high availability mode, static_address is required along with secondary and virtual address. - `address: str` A valid CIDR notation representing an IP range. - `dhcp_relay: Optional[DHCPRelay]` - `server_addresses: Optional[List[str]]` List of DHCP server IPs. - `dhcp_server: Optional[DHCPServer]` - `dhcp_pool_end: Optional[str]` A valid IPv4 address. - `dhcp_pool_start: Optional[str]` A valid IPv4 address. - `dns_server: Optional[str]` A valid IPv4 address. - `dns_servers: Optional[List[str]]` - `reservations: Optional[Dict[str, str]]` Mapping of MAC addresses to IP addresses - `secondary_address: Optional[str]` A valid CIDR notation representing an IP range. - `virtual_address: Optional[str]` A valid CIDR notation representing an IP range. - `vlan_tag: Optional[int]` VLAN ID. Use zero for untagged. ### LAN Static Addressing - `class LANStaticAddressing: …` If the site is not configured in high availability mode, this configuration is optional (if omitted, use DHCP). However, if in high availability mode, static_address is required along with secondary and virtual address. - `address: str` A valid CIDR notation representing an IP range. - `dhcp_relay: Optional[DHCPRelay]` - `server_addresses: Optional[List[str]]` List of DHCP server IPs. - `dhcp_server: Optional[DHCPServer]` - `dhcp_pool_end: Optional[str]` A valid IPv4 address. - `dhcp_pool_start: Optional[str]` A valid IPv4 address. - `dns_server: Optional[str]` A valid IPv4 address. - `dns_servers: Optional[List[str]]` - `reservations: Optional[Dict[str, str]]` Mapping of MAC addresses to IP addresses - `secondary_address: Optional[str]` A valid CIDR notation representing an IP range. - `virtual_address: Optional[str]` A valid CIDR notation representing an IP range. ### Nat - `class Nat: …` - `static_prefix: Optional[str]` A valid CIDR notation representing an IP range. ### Routed Subnet - `class RoutedSubnet: …` - `next_hop: str` A valid IPv4 address. - `prefix: str` A valid CIDR notation representing an IP range. - `nat: Optional[Nat]` - `static_prefix: Optional[str]` A valid CIDR notation representing an IP range. # WANs ## List Site WANs `magic_transit.sites.wans.list(strsite_id, WANListParams**kwargs) -> SyncSinglePage[WAN]` **get** `/accounts/{account_id}/magic/sites/{site_id}/wans` Lists Site WANs associated with an account. ### Parameters - `account_id: str` Identifier - `site_id: str` Identifier ### Returns - `class WAN: …` - `id: Optional[str]` Identifier - `health_check_rate: Optional[Literal["low", "mid", "high"]]` Magic WAN health check rate for tunnels created on this link. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `name: Optional[str]` - `physport: Optional[int]` - `priority: Optional[int]` Priority of WAN for traffic loadbalancing. - `site_id: Optional[str]` Identifier - `static_addressing: Optional[WANStaticAddressing]` (optional) if omitted, use DHCP. Submit secondary_address when site is in high availability mode. - `address: str` A valid CIDR notation representing an IP range. - `gateway_address: str` A valid IPv4 address. - `secondary_address: Optional[str]` A valid CIDR notation representing an IP range. - `vlan_tag: Optional[int]` VLAN ID. Use zero for untagged. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.magic_transit.sites.wans.list( site_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) page = page.result[0] print(page.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "023e105f4ecef8ad9ca31a8372d0c353", "health_check_rate": "low", "name": "name", "physport": 1, "priority": 0, "site_id": "023e105f4ecef8ad9ca31a8372d0c353", "static_addressing": { "address": "192.0.2.0/24", "gateway_address": "192.0.2.1", "secondary_address": "192.0.2.0/24" }, "vlan_tag": 42 } ], "success": true } ``` ## Site WAN Details `magic_transit.sites.wans.get(strwan_id, WANGetParams**kwargs) -> WAN` **get** `/accounts/{account_id}/magic/sites/{site_id}/wans/{wan_id}` Get a specific Site WAN. ### Parameters - `account_id: str` Identifier - `site_id: str` Identifier - `wan_id: str` Identifier ### Returns - `class WAN: …` - `id: Optional[str]` Identifier - `health_check_rate: Optional[Literal["low", "mid", "high"]]` Magic WAN health check rate for tunnels created on this link. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `name: Optional[str]` - `physport: Optional[int]` - `priority: Optional[int]` Priority of WAN for traffic loadbalancing. - `site_id: Optional[str]` Identifier - `static_addressing: Optional[WANStaticAddressing]` (optional) if omitted, use DHCP. Submit secondary_address when site is in high availability mode. - `address: str` A valid CIDR notation representing an IP range. - `gateway_address: str` A valid IPv4 address. - `secondary_address: Optional[str]` A valid CIDR notation representing an IP range. - `vlan_tag: Optional[int]` VLAN ID. Use zero for untagged. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) wan = client.magic_transit.sites.wans.get( wan_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", site_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(wan.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "health_check_rate": "low", "name": "name", "physport": 1, "priority": 0, "site_id": "023e105f4ecef8ad9ca31a8372d0c353", "static_addressing": { "address": "192.0.2.0/24", "gateway_address": "192.0.2.1", "secondary_address": "192.0.2.0/24" }, "vlan_tag": 42 }, "success": true } ``` ## Create a new Site WAN `magic_transit.sites.wans.create(strsite_id, WANCreateParams**kwargs) -> SyncSinglePage[WAN]` **post** `/accounts/{account_id}/magic/sites/{site_id}/wans` Creates a new Site WAN. ### Parameters - `account_id: str` Identifier - `site_id: str` Identifier - `physport: int` - `name: Optional[str]` - `priority: Optional[int]` - `static_addressing: Optional[WANStaticAddressingParam]` (optional) if omitted, use DHCP. Submit secondary_address when site is in high availability mode. - `address: str` A valid CIDR notation representing an IP range. - `gateway_address: str` A valid IPv4 address. - `secondary_address: Optional[str]` A valid CIDR notation representing an IP range. - `vlan_tag: Optional[int]` VLAN ID. Use zero for untagged. ### Returns - `class WAN: …` - `id: Optional[str]` Identifier - `health_check_rate: Optional[Literal["low", "mid", "high"]]` Magic WAN health check rate for tunnels created on this link. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `name: Optional[str]` - `physport: Optional[int]` - `priority: Optional[int]` Priority of WAN for traffic loadbalancing. - `site_id: Optional[str]` Identifier - `static_addressing: Optional[WANStaticAddressing]` (optional) if omitted, use DHCP. Submit secondary_address when site is in high availability mode. - `address: str` A valid CIDR notation representing an IP range. - `gateway_address: str` A valid IPv4 address. - `secondary_address: Optional[str]` A valid CIDR notation representing an IP range. - `vlan_tag: Optional[int]` VLAN ID. Use zero for untagged. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.magic_transit.sites.wans.create( site_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", physport=1, ) page = page.result[0] print(page.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "023e105f4ecef8ad9ca31a8372d0c353", "health_check_rate": "low", "name": "name", "physport": 1, "priority": 0, "site_id": "023e105f4ecef8ad9ca31a8372d0c353", "static_addressing": { "address": "192.0.2.0/24", "gateway_address": "192.0.2.1", "secondary_address": "192.0.2.0/24" }, "vlan_tag": 42 } ], "success": true } ``` ## Update Site WAN `magic_transit.sites.wans.update(strwan_id, WANUpdateParams**kwargs) -> WAN` **put** `/accounts/{account_id}/magic/sites/{site_id}/wans/{wan_id}` Update a specific Site WAN. ### Parameters - `account_id: str` Identifier - `site_id: str` Identifier - `wan_id: str` Identifier - `name: Optional[str]` - `physport: Optional[int]` - `priority: Optional[int]` - `static_addressing: Optional[WANStaticAddressingParam]` (optional) if omitted, use DHCP. Submit secondary_address when site is in high availability mode. - `address: str` A valid CIDR notation representing an IP range. - `gateway_address: str` A valid IPv4 address. - `secondary_address: Optional[str]` A valid CIDR notation representing an IP range. - `vlan_tag: Optional[int]` VLAN ID. Use zero for untagged. ### Returns - `class WAN: …` - `id: Optional[str]` Identifier - `health_check_rate: Optional[Literal["low", "mid", "high"]]` Magic WAN health check rate for tunnels created on this link. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `name: Optional[str]` - `physport: Optional[int]` - `priority: Optional[int]` Priority of WAN for traffic loadbalancing. - `site_id: Optional[str]` Identifier - `static_addressing: Optional[WANStaticAddressing]` (optional) if omitted, use DHCP. Submit secondary_address when site is in high availability mode. - `address: str` A valid CIDR notation representing an IP range. - `gateway_address: str` A valid IPv4 address. - `secondary_address: Optional[str]` A valid CIDR notation representing an IP range. - `vlan_tag: Optional[int]` VLAN ID. Use zero for untagged. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) wan = client.magic_transit.sites.wans.update( wan_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", site_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(wan.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "health_check_rate": "low", "name": "name", "physport": 1, "priority": 0, "site_id": "023e105f4ecef8ad9ca31a8372d0c353", "static_addressing": { "address": "192.0.2.0/24", "gateway_address": "192.0.2.1", "secondary_address": "192.0.2.0/24" }, "vlan_tag": 42 }, "success": true } ``` ## Patch Site WAN `magic_transit.sites.wans.edit(strwan_id, WANEditParams**kwargs) -> WAN` **patch** `/accounts/{account_id}/magic/sites/{site_id}/wans/{wan_id}` Patch a specific Site WAN. ### Parameters - `account_id: str` Identifier - `site_id: str` Identifier - `wan_id: str` Identifier - `name: Optional[str]` - `physport: Optional[int]` - `priority: Optional[int]` - `static_addressing: Optional[WANStaticAddressingParam]` (optional) if omitted, use DHCP. Submit secondary_address when site is in high availability mode. - `address: str` A valid CIDR notation representing an IP range. - `gateway_address: str` A valid IPv4 address. - `secondary_address: Optional[str]` A valid CIDR notation representing an IP range. - `vlan_tag: Optional[int]` VLAN ID. Use zero for untagged. ### Returns - `class WAN: …` - `id: Optional[str]` Identifier - `health_check_rate: Optional[Literal["low", "mid", "high"]]` Magic WAN health check rate for tunnels created on this link. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `name: Optional[str]` - `physport: Optional[int]` - `priority: Optional[int]` Priority of WAN for traffic loadbalancing. - `site_id: Optional[str]` Identifier - `static_addressing: Optional[WANStaticAddressing]` (optional) if omitted, use DHCP. Submit secondary_address when site is in high availability mode. - `address: str` A valid CIDR notation representing an IP range. - `gateway_address: str` A valid IPv4 address. - `secondary_address: Optional[str]` A valid CIDR notation representing an IP range. - `vlan_tag: Optional[int]` VLAN ID. Use zero for untagged. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) wan = client.magic_transit.sites.wans.edit( wan_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", site_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(wan.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "health_check_rate": "low", "name": "name", "physport": 1, "priority": 0, "site_id": "023e105f4ecef8ad9ca31a8372d0c353", "static_addressing": { "address": "192.0.2.0/24", "gateway_address": "192.0.2.1", "secondary_address": "192.0.2.0/24" }, "vlan_tag": 42 }, "success": true } ``` ## Delete Site WAN `magic_transit.sites.wans.delete(strwan_id, WANDeleteParams**kwargs) -> WAN` **delete** `/accounts/{account_id}/magic/sites/{site_id}/wans/{wan_id}` Remove a specific Site WAN. ### Parameters - `account_id: str` Identifier - `site_id: str` Identifier - `wan_id: str` Identifier ### Returns - `class WAN: …` - `id: Optional[str]` Identifier - `health_check_rate: Optional[Literal["low", "mid", "high"]]` Magic WAN health check rate for tunnels created on this link. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `name: Optional[str]` - `physport: Optional[int]` - `priority: Optional[int]` Priority of WAN for traffic loadbalancing. - `site_id: Optional[str]` Identifier - `static_addressing: Optional[WANStaticAddressing]` (optional) if omitted, use DHCP. Submit secondary_address when site is in high availability mode. - `address: str` A valid CIDR notation representing an IP range. - `gateway_address: str` A valid IPv4 address. - `secondary_address: Optional[str]` A valid CIDR notation representing an IP range. - `vlan_tag: Optional[int]` VLAN ID. Use zero for untagged. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) wan = client.magic_transit.sites.wans.delete( wan_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", site_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(wan.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "health_check_rate": "low", "name": "name", "physport": 1, "priority": 0, "site_id": "023e105f4ecef8ad9ca31a8372d0c353", "static_addressing": { "address": "192.0.2.0/24", "gateway_address": "192.0.2.1", "secondary_address": "192.0.2.0/24" }, "vlan_tag": 42 }, "success": true } ``` ## Domain Types ### WAN - `class WAN: …` - `id: Optional[str]` Identifier - `health_check_rate: Optional[Literal["low", "mid", "high"]]` Magic WAN health check rate for tunnels created on this link. The default value is `mid`. - `"low"` - `"mid"` - `"high"` - `name: Optional[str]` - `physport: Optional[int]` - `priority: Optional[int]` Priority of WAN for traffic loadbalancing. - `site_id: Optional[str]` Identifier - `static_addressing: Optional[WANStaticAddressing]` (optional) if omitted, use DHCP. Submit secondary_address when site is in high availability mode. - `address: str` A valid CIDR notation representing an IP range. - `gateway_address: str` A valid IPv4 address. - `secondary_address: Optional[str]` A valid CIDR notation representing an IP range. - `vlan_tag: Optional[int]` VLAN ID. Use zero for untagged. ### WAN Static Addressing - `class WANStaticAddressing: …` (optional) if omitted, use DHCP. Submit secondary_address when site is in high availability mode. - `address: str` A valid CIDR notation representing an IP range. - `gateway_address: str` A valid IPv4 address. - `secondary_address: Optional[str]` A valid CIDR notation representing an IP range. # Connectors ## List Connectors `magic_transit.connectors.list(ConnectorListParams**kwargs) -> SyncSinglePage[ConnectorListResponse]` **get** `/accounts/{account_id}/magic/connectors` List Connectors ### Parameters - `account_id: str` Account identifier ### Returns - `class ConnectorListResponse: …` - `id: str` - `activated: bool` - `interrupt_window_days_of_week: List[Literal["Sunday", "Monday", "Tuesday", 4 more]]` Allowed days of the week for upgrades. Default is all days. - `"Sunday"` - `"Monday"` - `"Tuesday"` - `"Wednesday"` - `"Thursday"` - `"Friday"` - `"Saturday"` - `interrupt_window_duration_hours: float` - `interrupt_window_embargo_dates: List[str]` List of dates (YYYY-MM-DD) when upgrades are blocked. - `interrupt_window_hour_of_day: float` - `last_updated: str` - `notes: str` - `timezone: str` - `device: Optional[Device]` - `id: str` - `serial_number: Optional[str]` - `last_heartbeat: Optional[str]` - `last_seen_version: Optional[str]` - `license_key: Optional[str]` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.magic_transit.connectors.list( account_id="023e105f4ecef8ad9ca31a8372d0c353", ) page = page.result[0] print(page.id) ``` #### Response ```json { "errors": [ { "code": 0, "message": "message" } ], "messages": [ { "code": 0, "message": "message" } ], "result": [ { "id": "id", "activated": true, "interrupt_window_days_of_week": [ "Sunday" ], "interrupt_window_duration_hours": 1, "interrupt_window_embargo_dates": [ "string" ], "interrupt_window_hour_of_day": 0, "last_updated": "last_updated", "notes": "notes", "timezone": "timezone", "device": { "id": "id", "serial_number": "serial_number" }, "last_heartbeat": "last_heartbeat", "last_seen_version": "last_seen_version", "license_key": "license_key" } ], "success": true } ``` ## Fetch Connector `magic_transit.connectors.get(strconnector_id, ConnectorGetParams**kwargs) -> ConnectorGetResponse` **get** `/accounts/{account_id}/magic/connectors/{connector_id}` Fetch Connector ### Parameters - `account_id: str` Account identifier - `connector_id: str` ### Returns - `class ConnectorGetResponse: …` - `id: str` - `activated: bool` - `interrupt_window_days_of_week: List[Literal["Sunday", "Monday", "Tuesday", 4 more]]` Allowed days of the week for upgrades. Default is all days. - `"Sunday"` - `"Monday"` - `"Tuesday"` - `"Wednesday"` - `"Thursday"` - `"Friday"` - `"Saturday"` - `interrupt_window_duration_hours: float` - `interrupt_window_embargo_dates: List[str]` List of dates (YYYY-MM-DD) when upgrades are blocked. - `interrupt_window_hour_of_day: float` - `last_updated: str` - `notes: str` - `timezone: str` - `device: Optional[Device]` - `id: str` - `serial_number: Optional[str]` - `last_heartbeat: Optional[str]` - `last_seen_version: Optional[str]` - `license_key: Optional[str]` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) connector = client.magic_transit.connectors.get( connector_id="connector_id", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(connector.id) ``` #### Response ```json { "errors": [ { "code": 0, "message": "message" } ], "messages": [ { "code": 0, "message": "message" } ], "result": { "id": "id", "activated": true, "interrupt_window_days_of_week": [ "Sunday" ], "interrupt_window_duration_hours": 1, "interrupt_window_embargo_dates": [ "string" ], "interrupt_window_hour_of_day": 0, "last_updated": "last_updated", "notes": "notes", "timezone": "timezone", "device": { "id": "id", "serial_number": "serial_number" }, "last_heartbeat": "last_heartbeat", "last_seen_version": "last_seen_version", "license_key": "license_key" }, "success": true } ``` ## Add a connector to your account `magic_transit.connectors.create(ConnectorCreateParams**kwargs) -> ConnectorCreateResponse` **post** `/accounts/{account_id}/magic/connectors` Add a connector to your account ### Parameters - `account_id: str` Account identifier - `device: Device` Exactly one of id, serial_number, or provision_license must be provided. - `id: Optional[str]` - `provision_license: Optional[bool]` When true, create and provision a new licence key for the connector. - `serial_number: Optional[str]` - `activated: Optional[bool]` - `interrupt_window_days_of_week: Optional[List[Literal["Sunday", "Monday", "Tuesday", 4 more]]]` Allowed days of the week for upgrades. Default is all days. - `"Sunday"` - `"Monday"` - `"Tuesday"` - `"Wednesday"` - `"Thursday"` - `"Friday"` - `"Saturday"` - `interrupt_window_duration_hours: Optional[float]` - `interrupt_window_embargo_dates: Optional[SequenceNotStr[str]]` List of dates (YYYY-MM-DD) when upgrades are blocked. - `interrupt_window_hour_of_day: Optional[float]` - `notes: Optional[str]` - `timezone: Optional[str]` ### Returns - `class ConnectorCreateResponse: …` - `id: str` - `activated: bool` - `interrupt_window_days_of_week: List[Literal["Sunday", "Monday", "Tuesday", 4 more]]` Allowed days of the week for upgrades. Default is all days. - `"Sunday"` - `"Monday"` - `"Tuesday"` - `"Wednesday"` - `"Thursday"` - `"Friday"` - `"Saturday"` - `interrupt_window_duration_hours: float` - `interrupt_window_embargo_dates: List[str]` List of dates (YYYY-MM-DD) when upgrades are blocked. - `interrupt_window_hour_of_day: float` - `last_updated: str` - `notes: str` - `timezone: str` - `device: Optional[Device]` - `id: str` - `serial_number: Optional[str]` - `last_heartbeat: Optional[str]` - `last_seen_version: Optional[str]` - `license_key: Optional[str]` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) connector = client.magic_transit.connectors.create( account_id="023e105f4ecef8ad9ca31a8372d0c353", device={}, ) print(connector.id) ``` #### Response ```json { "errors": [ { "code": 0, "message": "message" } ], "messages": [ { "code": 0, "message": "message" } ], "result": { "id": "id", "activated": true, "interrupt_window_days_of_week": [ "Sunday" ], "interrupt_window_duration_hours": 1, "interrupt_window_embargo_dates": [ "string" ], "interrupt_window_hour_of_day": 0, "last_updated": "last_updated", "notes": "notes", "timezone": "timezone", "device": { "id": "id", "serial_number": "serial_number" }, "last_heartbeat": "last_heartbeat", "last_seen_version": "last_seen_version", "license_key": "license_key" }, "success": true } ``` ## Replace Connector or Re-provision License Key `magic_transit.connectors.update(strconnector_id, ConnectorUpdateParams**kwargs) -> ConnectorUpdateResponse` **put** `/accounts/{account_id}/magic/connectors/{connector_id}` Replace Connector or Re-provision License Key ### Parameters - `account_id: str` Account identifier - `connector_id: str` - `activated: Optional[bool]` - `interrupt_window_days_of_week: Optional[List[Literal["Sunday", "Monday", "Tuesday", 4 more]]]` Allowed days of the week for upgrades. Default is all days. - `"Sunday"` - `"Monday"` - `"Tuesday"` - `"Wednesday"` - `"Thursday"` - `"Friday"` - `"Saturday"` - `interrupt_window_duration_hours: Optional[float]` - `interrupt_window_embargo_dates: Optional[SequenceNotStr[str]]` List of dates (YYYY-MM-DD) when upgrades are blocked. - `interrupt_window_hour_of_day: Optional[float]` - `notes: Optional[str]` - `provision_license: Optional[bool]` When true, regenerate license key for the connector. - `timezone: Optional[str]` ### Returns - `class ConnectorUpdateResponse: …` - `id: str` - `activated: bool` - `interrupt_window_days_of_week: List[Literal["Sunday", "Monday", "Tuesday", 4 more]]` Allowed days of the week for upgrades. Default is all days. - `"Sunday"` - `"Monday"` - `"Tuesday"` - `"Wednesday"` - `"Thursday"` - `"Friday"` - `"Saturday"` - `interrupt_window_duration_hours: float` - `interrupt_window_embargo_dates: List[str]` List of dates (YYYY-MM-DD) when upgrades are blocked. - `interrupt_window_hour_of_day: float` - `last_updated: str` - `notes: str` - `timezone: str` - `device: Optional[Device]` - `id: str` - `serial_number: Optional[str]` - `last_heartbeat: Optional[str]` - `last_seen_version: Optional[str]` - `license_key: Optional[str]` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) connector = client.magic_transit.connectors.update( connector_id="connector_id", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(connector.id) ``` #### Response ```json { "errors": [ { "code": 0, "message": "message" } ], "messages": [ { "code": 0, "message": "message" } ], "result": { "id": "id", "activated": true, "interrupt_window_days_of_week": [ "Sunday" ], "interrupt_window_duration_hours": 1, "interrupt_window_embargo_dates": [ "string" ], "interrupt_window_hour_of_day": 0, "last_updated": "last_updated", "notes": "notes", "timezone": "timezone", "device": { "id": "id", "serial_number": "serial_number" }, "last_heartbeat": "last_heartbeat", "last_seen_version": "last_seen_version", "license_key": "license_key" }, "success": true } ``` ## Edit Connector to update specific properties or Re-provision License Key `magic_transit.connectors.edit(strconnector_id, ConnectorEditParams**kwargs) -> ConnectorEditResponse` **patch** `/accounts/{account_id}/magic/connectors/{connector_id}` Edit Connector to update specific properties or Re-provision License Key ### Parameters - `account_id: str` Account identifier - `connector_id: str` - `activated: Optional[bool]` - `interrupt_window_days_of_week: Optional[List[Literal["Sunday", "Monday", "Tuesday", 4 more]]]` Allowed days of the week for upgrades. Default is all days. - `"Sunday"` - `"Monday"` - `"Tuesday"` - `"Wednesday"` - `"Thursday"` - `"Friday"` - `"Saturday"` - `interrupt_window_duration_hours: Optional[float]` - `interrupt_window_embargo_dates: Optional[SequenceNotStr[str]]` List of dates (YYYY-MM-DD) when upgrades are blocked. - `interrupt_window_hour_of_day: Optional[float]` - `notes: Optional[str]` - `provision_license: Optional[bool]` When true, regenerate license key for the connector. - `timezone: Optional[str]` ### Returns - `class ConnectorEditResponse: …` - `id: str` - `activated: bool` - `interrupt_window_days_of_week: List[Literal["Sunday", "Monday", "Tuesday", 4 more]]` Allowed days of the week for upgrades. Default is all days. - `"Sunday"` - `"Monday"` - `"Tuesday"` - `"Wednesday"` - `"Thursday"` - `"Friday"` - `"Saturday"` - `interrupt_window_duration_hours: float` - `interrupt_window_embargo_dates: List[str]` List of dates (YYYY-MM-DD) when upgrades are blocked. - `interrupt_window_hour_of_day: float` - `last_updated: str` - `notes: str` - `timezone: str` - `device: Optional[Device]` - `id: str` - `serial_number: Optional[str]` - `last_heartbeat: Optional[str]` - `last_seen_version: Optional[str]` - `license_key: Optional[str]` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) response = client.magic_transit.connectors.edit( connector_id="connector_id", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(response.id) ``` #### Response ```json { "errors": [ { "code": 0, "message": "message" } ], "messages": [ { "code": 0, "message": "message" } ], "result": { "id": "id", "activated": true, "interrupt_window_days_of_week": [ "Sunday" ], "interrupt_window_duration_hours": 1, "interrupt_window_embargo_dates": [ "string" ], "interrupt_window_hour_of_day": 0, "last_updated": "last_updated", "notes": "notes", "timezone": "timezone", "device": { "id": "id", "serial_number": "serial_number" }, "last_heartbeat": "last_heartbeat", "last_seen_version": "last_seen_version", "license_key": "license_key" }, "success": true } ``` ## Remove a connector from your account `magic_transit.connectors.delete(strconnector_id, ConnectorDeleteParams**kwargs) -> ConnectorDeleteResponse` **delete** `/accounts/{account_id}/magic/connectors/{connector_id}` Remove a connector from your account ### Parameters - `account_id: str` Account identifier - `connector_id: str` ### Returns - `class ConnectorDeleteResponse: …` - `id: str` - `activated: bool` - `interrupt_window_days_of_week: List[Literal["Sunday", "Monday", "Tuesday", 4 more]]` Allowed days of the week for upgrades. Default is all days. - `"Sunday"` - `"Monday"` - `"Tuesday"` - `"Wednesday"` - `"Thursday"` - `"Friday"` - `"Saturday"` - `interrupt_window_duration_hours: float` - `interrupt_window_embargo_dates: List[str]` List of dates (YYYY-MM-DD) when upgrades are blocked. - `interrupt_window_hour_of_day: float` - `last_updated: str` - `notes: str` - `timezone: str` - `device: Optional[Device]` - `id: str` - `serial_number: Optional[str]` - `last_heartbeat: Optional[str]` - `last_seen_version: Optional[str]` - `license_key: Optional[str]` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) connector = client.magic_transit.connectors.delete( connector_id="connector_id", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(connector.id) ``` #### Response ```json { "errors": [ { "code": 0, "message": "message" } ], "messages": [ { "code": 0, "message": "message" } ], "result": { "id": "id", "activated": true, "interrupt_window_days_of_week": [ "Sunday" ], "interrupt_window_duration_hours": 1, "interrupt_window_embargo_dates": [ "string" ], "interrupt_window_hour_of_day": 0, "last_updated": "last_updated", "notes": "notes", "timezone": "timezone", "device": { "id": "id", "serial_number": "serial_number" }, "last_heartbeat": "last_heartbeat", "last_seen_version": "last_seen_version", "license_key": "license_key" }, "success": true } ``` ## Domain Types ### Connector List Response - `class ConnectorListResponse: …` - `id: str` - `activated: bool` - `interrupt_window_days_of_week: List[Literal["Sunday", "Monday", "Tuesday", 4 more]]` Allowed days of the week for upgrades. Default is all days. - `"Sunday"` - `"Monday"` - `"Tuesday"` - `"Wednesday"` - `"Thursday"` - `"Friday"` - `"Saturday"` - `interrupt_window_duration_hours: float` - `interrupt_window_embargo_dates: List[str]` List of dates (YYYY-MM-DD) when upgrades are blocked. - `interrupt_window_hour_of_day: float` - `last_updated: str` - `notes: str` - `timezone: str` - `device: Optional[Device]` - `id: str` - `serial_number: Optional[str]` - `last_heartbeat: Optional[str]` - `last_seen_version: Optional[str]` - `license_key: Optional[str]` ### Connector Get Response - `class ConnectorGetResponse: …` - `id: str` - `activated: bool` - `interrupt_window_days_of_week: List[Literal["Sunday", "Monday", "Tuesday", 4 more]]` Allowed days of the week for upgrades. Default is all days. - `"Sunday"` - `"Monday"` - `"Tuesday"` - `"Wednesday"` - `"Thursday"` - `"Friday"` - `"Saturday"` - `interrupt_window_duration_hours: float` - `interrupt_window_embargo_dates: List[str]` List of dates (YYYY-MM-DD) when upgrades are blocked. - `interrupt_window_hour_of_day: float` - `last_updated: str` - `notes: str` - `timezone: str` - `device: Optional[Device]` - `id: str` - `serial_number: Optional[str]` - `last_heartbeat: Optional[str]` - `last_seen_version: Optional[str]` - `license_key: Optional[str]` ### Connector Create Response - `class ConnectorCreateResponse: …` - `id: str` - `activated: bool` - `interrupt_window_days_of_week: List[Literal["Sunday", "Monday", "Tuesday", 4 more]]` Allowed days of the week for upgrades. Default is all days. - `"Sunday"` - `"Monday"` - `"Tuesday"` - `"Wednesday"` - `"Thursday"` - `"Friday"` - `"Saturday"` - `interrupt_window_duration_hours: float` - `interrupt_window_embargo_dates: List[str]` List of dates (YYYY-MM-DD) when upgrades are blocked. - `interrupt_window_hour_of_day: float` - `last_updated: str` - `notes: str` - `timezone: str` - `device: Optional[Device]` - `id: str` - `serial_number: Optional[str]` - `last_heartbeat: Optional[str]` - `last_seen_version: Optional[str]` - `license_key: Optional[str]` ### Connector Update Response - `class ConnectorUpdateResponse: …` - `id: str` - `activated: bool` - `interrupt_window_days_of_week: List[Literal["Sunday", "Monday", "Tuesday", 4 more]]` Allowed days of the week for upgrades. Default is all days. - `"Sunday"` - `"Monday"` - `"Tuesday"` - `"Wednesday"` - `"Thursday"` - `"Friday"` - `"Saturday"` - `interrupt_window_duration_hours: float` - `interrupt_window_embargo_dates: List[str]` List of dates (YYYY-MM-DD) when upgrades are blocked. - `interrupt_window_hour_of_day: float` - `last_updated: str` - `notes: str` - `timezone: str` - `device: Optional[Device]` - `id: str` - `serial_number: Optional[str]` - `last_heartbeat: Optional[str]` - `last_seen_version: Optional[str]` - `license_key: Optional[str]` ### Connector Edit Response - `class ConnectorEditResponse: …` - `id: str` - `activated: bool` - `interrupt_window_days_of_week: List[Literal["Sunday", "Monday", "Tuesday", 4 more]]` Allowed days of the week for upgrades. Default is all days. - `"Sunday"` - `"Monday"` - `"Tuesday"` - `"Wednesday"` - `"Thursday"` - `"Friday"` - `"Saturday"` - `interrupt_window_duration_hours: float` - `interrupt_window_embargo_dates: List[str]` List of dates (YYYY-MM-DD) when upgrades are blocked. - `interrupt_window_hour_of_day: float` - `last_updated: str` - `notes: str` - `timezone: str` - `device: Optional[Device]` - `id: str` - `serial_number: Optional[str]` - `last_heartbeat: Optional[str]` - `last_seen_version: Optional[str]` - `license_key: Optional[str]` ### Connector Delete Response - `class ConnectorDeleteResponse: …` - `id: str` - `activated: bool` - `interrupt_window_days_of_week: List[Literal["Sunday", "Monday", "Tuesday", 4 more]]` Allowed days of the week for upgrades. Default is all days. - `"Sunday"` - `"Monday"` - `"Tuesday"` - `"Wednesday"` - `"Thursday"` - `"Friday"` - `"Saturday"` - `interrupt_window_duration_hours: float` - `interrupt_window_embargo_dates: List[str]` List of dates (YYYY-MM-DD) when upgrades are blocked. - `interrupt_window_hour_of_day: float` - `last_updated: str` - `notes: str` - `timezone: str` - `device: Optional[Device]` - `id: str` - `serial_number: Optional[str]` - `last_heartbeat: Optional[str]` - `last_seen_version: Optional[str]` - `license_key: Optional[str]` # Events ## List Events `magic_transit.connectors.events.list(strconnector_id, EventListParams**kwargs) -> EventListResponse` **get** `/accounts/{account_id}/magic/connectors/{connector_id}/telemetry/events` List Events ### Parameters - `account_id: str` Account identifier - `connector_id: str` - `from_: float` - `to: float` - `cursor: Optional[str]` - `k: Optional[str]` Filter by event kind - `limit: Optional[float]` ### Returns - `class EventListResponse: …` - `count: float` - `items: List[Item]` - `a: float` Time the Event was collected (seconds since the Unix epoch) - `k: str` Kind - `n: float` Sequence number, used to order events with the same timestamp - `t: float` Time the Event was recorded (seconds since the Unix epoch) - `cursor: Optional[str]` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) events = client.magic_transit.connectors.events.list( connector_id="connector_id", account_id="023e105f4ecef8ad9ca31a8372d0c353", from_=0, to=0, ) print(events.count) ``` #### Response ```json { "result": { "count": 0, "items": [ { "a": 0, "k": "k", "n": 0, "t": 0 } ], "cursor": "cursor" }, "success": true, "errors": [ { "code": 0, "message": "message" } ], "messages": [ { "code": 0, "message": "message" } ] } ``` ## Get Event `magic_transit.connectors.events.get(floatevent_n, EventGetParams**kwargs) -> EventGetResponse` **get** `/accounts/{account_id}/magic/connectors/{connector_id}/telemetry/events/{event_t}.{event_n}` Get Event ### Parameters - `account_id: str` Account identifier - `connector_id: str` - `event_t: float` - `event_n: float` ### Returns - `class EventGetResponse: …` Recorded Event - `e: E` - `class EInit: …` - `k: Literal["Init"]` Initialized process - `"Init"` - `class ELeave: …` - `k: Literal["Leave"]` Stopped process - `"Leave"` - `class EStartAttestation: …` - `k: Literal["StartAttestation"]` Started attestation - `"StartAttestation"` - `class EFinishAttestationSuccess: …` - `k: Literal["FinishAttestationSuccess"]` Finished attestation - `"FinishAttestationSuccess"` - `class EFinishAttestationFailure: …` - `k: Literal["FinishAttestationFailure"]` Failed attestation - `"FinishAttestationFailure"` - `class EStartRotateCryptKey: …` - `k: Literal["StartRotateCryptKey"]` Started crypt key rotation - `"StartRotateCryptKey"` - `class EFinishRotateCryptKeySuccess: …` - `k: Literal["FinishRotateCryptKeySuccess"]` Finished crypt key rotation - `"FinishRotateCryptKeySuccess"` - `class EFinishRotateCryptKeyFailure: …` - `k: Literal["FinishRotateCryptKeyFailure"]` Failed crypt key rotation - `"FinishRotateCryptKeyFailure"` - `class EStartRotatePki: …` - `k: Literal["StartRotatePki"]` Started PKI rotation - `"StartRotatePki"` - `class EFinishRotatePkiSuccess: …` - `k: Literal["FinishRotatePkiSuccess"]` Finished PKI rotation - `"FinishRotatePkiSuccess"` - `class EFinishRotatePkiFailure: …` - `k: Literal["FinishRotatePkiFailure"]` Failed PKI rotation - `"FinishRotatePkiFailure"` - `class EStartUpgrade: …` - `k: Literal["StartUpgrade"]` Started upgrade - `"StartUpgrade"` - `url: str` Location of upgrade bundle - `class EFinishUpgradeSuccess: …` - `k: Literal["FinishUpgradeSuccess"]` Finished upgrade - `"FinishUpgradeSuccess"` - `class EFinishUpgradeFailure: …` - `k: Literal["FinishUpgradeFailure"]` Failed upgrade - `"FinishUpgradeFailure"` - `class EReconcile: …` - `k: Literal["Reconcile"]` Reconciled - `"Reconcile"` - `class EConfigureCloudflaredTunnel: …` - `k: Literal["ConfigureCloudflaredTunnel"]` Configured Cloudflared tunnel - `"ConfigureCloudflaredTunnel"` - `n: float` Sequence number, used to order events with the same timestamp - `t: float` Time the Event was recorded (seconds since the Unix epoch) - `v: Optional[str]` Version ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) event = client.magic_transit.connectors.events.get( event_n=0, account_id="023e105f4ecef8ad9ca31a8372d0c353", connector_id="connector_id", event_t=0, ) print(event.e) ``` #### Response ```json { "result": { "e": { "k": "Init" }, "n": 0, "t": 0, "v": "v" }, "success": true, "errors": [ { "code": 0, "message": "message" } ], "messages": [ { "code": 0, "message": "message" } ] } ``` ## Domain Types ### Event List Response - `class EventListResponse: …` - `count: float` - `items: List[Item]` - `a: float` Time the Event was collected (seconds since the Unix epoch) - `k: str` Kind - `n: float` Sequence number, used to order events with the same timestamp - `t: float` Time the Event was recorded (seconds since the Unix epoch) - `cursor: Optional[str]` ### Event Get Response - `class EventGetResponse: …` Recorded Event - `e: E` - `class EInit: …` - `k: Literal["Init"]` Initialized process - `"Init"` - `class ELeave: …` - `k: Literal["Leave"]` Stopped process - `"Leave"` - `class EStartAttestation: …` - `k: Literal["StartAttestation"]` Started attestation - `"StartAttestation"` - `class EFinishAttestationSuccess: …` - `k: Literal["FinishAttestationSuccess"]` Finished attestation - `"FinishAttestationSuccess"` - `class EFinishAttestationFailure: …` - `k: Literal["FinishAttestationFailure"]` Failed attestation - `"FinishAttestationFailure"` - `class EStartRotateCryptKey: …` - `k: Literal["StartRotateCryptKey"]` Started crypt key rotation - `"StartRotateCryptKey"` - `class EFinishRotateCryptKeySuccess: …` - `k: Literal["FinishRotateCryptKeySuccess"]` Finished crypt key rotation - `"FinishRotateCryptKeySuccess"` - `class EFinishRotateCryptKeyFailure: …` - `k: Literal["FinishRotateCryptKeyFailure"]` Failed crypt key rotation - `"FinishRotateCryptKeyFailure"` - `class EStartRotatePki: …` - `k: Literal["StartRotatePki"]` Started PKI rotation - `"StartRotatePki"` - `class EFinishRotatePkiSuccess: …` - `k: Literal["FinishRotatePkiSuccess"]` Finished PKI rotation - `"FinishRotatePkiSuccess"` - `class EFinishRotatePkiFailure: …` - `k: Literal["FinishRotatePkiFailure"]` Failed PKI rotation - `"FinishRotatePkiFailure"` - `class EStartUpgrade: …` - `k: Literal["StartUpgrade"]` Started upgrade - `"StartUpgrade"` - `url: str` Location of upgrade bundle - `class EFinishUpgradeSuccess: …` - `k: Literal["FinishUpgradeSuccess"]` Finished upgrade - `"FinishUpgradeSuccess"` - `class EFinishUpgradeFailure: …` - `k: Literal["FinishUpgradeFailure"]` Failed upgrade - `"FinishUpgradeFailure"` - `class EReconcile: …` - `k: Literal["Reconcile"]` Reconciled - `"Reconcile"` - `class EConfigureCloudflaredTunnel: …` - `k: Literal["ConfigureCloudflaredTunnel"]` Configured Cloudflared tunnel - `"ConfigureCloudflaredTunnel"` - `n: float` Sequence number, used to order events with the same timestamp - `t: float` Time the Event was recorded (seconds since the Unix epoch) - `v: Optional[str]` Version # Latest ## Get latest Events `magic_transit.connectors.events.latest.list(strconnector_id, LatestListParams**kwargs) -> LatestListResponse` **get** `/accounts/{account_id}/magic/connectors/{connector_id}/telemetry/events/latest` Get latest Events ### Parameters - `account_id: str` Account identifier - `connector_id: str` ### Returns - `class LatestListResponse: …` - `count: float` - `items: List[Item]` - `e: ItemE` - `class ItemEInit: …` - `k: Literal["Init"]` Initialized process - `"Init"` - `class ItemELeave: …` - `k: Literal["Leave"]` Stopped process - `"Leave"` - `class ItemEStartAttestation: …` - `k: Literal["StartAttestation"]` Started attestation - `"StartAttestation"` - `class ItemEFinishAttestationSuccess: …` - `k: Literal["FinishAttestationSuccess"]` Finished attestation - `"FinishAttestationSuccess"` - `class ItemEFinishAttestationFailure: …` - `k: Literal["FinishAttestationFailure"]` Failed attestation - `"FinishAttestationFailure"` - `class ItemEStartRotateCryptKey: …` - `k: Literal["StartRotateCryptKey"]` Started crypt key rotation - `"StartRotateCryptKey"` - `class ItemEFinishRotateCryptKeySuccess: …` - `k: Literal["FinishRotateCryptKeySuccess"]` Finished crypt key rotation - `"FinishRotateCryptKeySuccess"` - `class ItemEFinishRotateCryptKeyFailure: …` - `k: Literal["FinishRotateCryptKeyFailure"]` Failed crypt key rotation - `"FinishRotateCryptKeyFailure"` - `class ItemEStartRotatePki: …` - `k: Literal["StartRotatePki"]` Started PKI rotation - `"StartRotatePki"` - `class ItemEFinishRotatePkiSuccess: …` - `k: Literal["FinishRotatePkiSuccess"]` Finished PKI rotation - `"FinishRotatePkiSuccess"` - `class ItemEFinishRotatePkiFailure: …` - `k: Literal["FinishRotatePkiFailure"]` Failed PKI rotation - `"FinishRotatePkiFailure"` - `class ItemEStartUpgrade: …` - `k: Literal["StartUpgrade"]` Started upgrade - `"StartUpgrade"` - `url: str` Location of upgrade bundle - `class ItemEFinishUpgradeSuccess: …` - `k: Literal["FinishUpgradeSuccess"]` Finished upgrade - `"FinishUpgradeSuccess"` - `class ItemEFinishUpgradeFailure: …` - `k: Literal["FinishUpgradeFailure"]` Failed upgrade - `"FinishUpgradeFailure"` - `class ItemEReconcile: …` - `k: Literal["Reconcile"]` Reconciled - `"Reconcile"` - `class ItemEConfigureCloudflaredTunnel: …` - `k: Literal["ConfigureCloudflaredTunnel"]` Configured Cloudflared tunnel - `"ConfigureCloudflaredTunnel"` - `n: float` Sequence number, used to order events with the same timestamp - `t: float` Time the Event was recorded (seconds since the Unix epoch) - `v: Optional[str]` Version ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) latests = client.magic_transit.connectors.events.latest.list( connector_id="connector_id", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(latests.count) ``` #### Response ```json { "result": { "count": 0, "items": [ { "e": { "k": "Init" }, "n": 0, "t": 0, "v": "v" } ] }, "success": true, "errors": [ { "code": 0, "message": "message" } ], "messages": [ { "code": 0, "message": "message" } ] } ``` ## Domain Types ### Latest List Response - `class LatestListResponse: …` - `count: float` - `items: List[Item]` - `e: ItemE` - `class ItemEInit: …` - `k: Literal["Init"]` Initialized process - `"Init"` - `class ItemELeave: …` - `k: Literal["Leave"]` Stopped process - `"Leave"` - `class ItemEStartAttestation: …` - `k: Literal["StartAttestation"]` Started attestation - `"StartAttestation"` - `class ItemEFinishAttestationSuccess: …` - `k: Literal["FinishAttestationSuccess"]` Finished attestation - `"FinishAttestationSuccess"` - `class ItemEFinishAttestationFailure: …` - `k: Literal["FinishAttestationFailure"]` Failed attestation - `"FinishAttestationFailure"` - `class ItemEStartRotateCryptKey: …` - `k: Literal["StartRotateCryptKey"]` Started crypt key rotation - `"StartRotateCryptKey"` - `class ItemEFinishRotateCryptKeySuccess: …` - `k: Literal["FinishRotateCryptKeySuccess"]` Finished crypt key rotation - `"FinishRotateCryptKeySuccess"` - `class ItemEFinishRotateCryptKeyFailure: …` - `k: Literal["FinishRotateCryptKeyFailure"]` Failed crypt key rotation - `"FinishRotateCryptKeyFailure"` - `class ItemEStartRotatePki: …` - `k: Literal["StartRotatePki"]` Started PKI rotation - `"StartRotatePki"` - `class ItemEFinishRotatePkiSuccess: …` - `k: Literal["FinishRotatePkiSuccess"]` Finished PKI rotation - `"FinishRotatePkiSuccess"` - `class ItemEFinishRotatePkiFailure: …` - `k: Literal["FinishRotatePkiFailure"]` Failed PKI rotation - `"FinishRotatePkiFailure"` - `class ItemEStartUpgrade: …` - `k: Literal["StartUpgrade"]` Started upgrade - `"StartUpgrade"` - `url: str` Location of upgrade bundle - `class ItemEFinishUpgradeSuccess: …` - `k: Literal["FinishUpgradeSuccess"]` Finished upgrade - `"FinishUpgradeSuccess"` - `class ItemEFinishUpgradeFailure: …` - `k: Literal["FinishUpgradeFailure"]` Failed upgrade - `"FinishUpgradeFailure"` - `class ItemEReconcile: …` - `k: Literal["Reconcile"]` Reconciled - `"Reconcile"` - `class ItemEConfigureCloudflaredTunnel: …` - `k: Literal["ConfigureCloudflaredTunnel"]` Configured Cloudflared tunnel - `"ConfigureCloudflaredTunnel"` - `n: float` Sequence number, used to order events with the same timestamp - `t: float` Time the Event was recorded (seconds since the Unix epoch) - `v: Optional[str]` Version # Snapshots ## List Snapshots `magic_transit.connectors.snapshots.list(strconnector_id, SnapshotListParams**kwargs) -> SnapshotListResponse` **get** `/accounts/{account_id}/magic/connectors/{connector_id}/telemetry/snapshots` List Snapshots ### Parameters - `account_id: str` Account identifier - `connector_id: str` - `from_: float` - `to: float` - `cursor: Optional[str]` - `limit: Optional[float]` ### Returns - `class SnapshotListResponse: …` - `count: float` - `items: List[Item]` - `a: float` Time the Snapshot was collected (seconds since the Unix epoch) - `t: float` Time the Snapshot was recorded (seconds since the Unix epoch) - `cursor: Optional[str]` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) snapshots = client.magic_transit.connectors.snapshots.list( connector_id="connector_id", account_id="023e105f4ecef8ad9ca31a8372d0c353", from_=0, to=0, ) print(snapshots.count) ``` #### Response ```json { "result": { "count": 0, "items": [ { "a": 0, "t": 0 } ], "cursor": "cursor" }, "success": true, "errors": [ { "code": 0, "message": "message" } ], "messages": [ { "code": 0, "message": "message" } ] } ``` ## Get Snapshot `magic_transit.connectors.snapshots.get(floatsnapshot_t, SnapshotGetParams**kwargs) -> SnapshotGetResponse` **get** `/accounts/{account_id}/magic/connectors/{connector_id}/telemetry/snapshots/{snapshot_t}` Get Snapshot ### Parameters - `account_id: str` Account identifier - `connector_id: str` - `snapshot_t: float` ### Returns - `class SnapshotGetResponse: …` Snapshot - `count_reclaim_failures: float` Count of failures to reclaim space - `count_reclaimed_paths: float` Count of reclaimed paths - `count_record_failed: float` Count of failed snapshot recordings - `count_transmit_failures: float` Count of failed snapshot transmissions - `t: float` Time the Snapshot was recorded (seconds since the Unix epoch) - `v: str` Version - `bonds: Optional[List[Bond]]` - `name: str` Name of the network interface - `status: str` Current status of the network interface - `cpu_count: Optional[float]` Count of processors/cores - `cpu_pressure_10s: Optional[float]` Percentage of time over a 10 second window that tasks were stalled - `cpu_pressure_300s: Optional[float]` Percentage of time over a 5 minute window that tasks were stalled - `cpu_pressure_60s: Optional[float]` Percentage of time over a 1 minute window that tasks were stalled - `cpu_pressure_total_us: Optional[float]` Total stall time (microseconds) - `cpu_time_guest_ms: Optional[float]` Time spent running a virtual CPU or guest OS (milliseconds) - `cpu_time_guest_nice_ms: Optional[float]` Time spent running a niced guest (milliseconds) - `cpu_time_idle_ms: Optional[float]` Time spent in idle state (milliseconds) - `cpu_time_iowait_ms: Optional[float]` Time spent wait for I/O to complete (milliseconds) - `cpu_time_irq_ms: Optional[float]` Time spent servicing interrupts (milliseconds) - `cpu_time_nice_ms: Optional[float]` Time spent in low-priority user mode (milliseconds) - `cpu_time_softirq_ms: Optional[float]` Time spent servicing softirqs (milliseconds) - `cpu_time_steal_ms: Optional[float]` Time stolen (milliseconds) - `cpu_time_system_ms: Optional[float]` Time spent in system mode (milliseconds) - `cpu_time_user_ms: Optional[float]` Time spent in user mode (milliseconds) - `delta: Optional[float]` Number of network operations applied during state transition - `dhcp_leases: Optional[List[DHCPLease]]` - `client_id: str` Client ID of the device the IP Address was leased to - `expiry_time: float` Expiry time of the DHCP lease (seconds since the Unix epoch) - `hostname: str` Hostname of the device the IP Address was leased to - `interface_name: str` Name of the network interface - `ip_address: str` IP Address that was leased - `mac_address: str` MAC Address of the device the IP Address was leased to - `disks: Optional[List[Disk]]` - `in_progress: float` I/Os currently in progress - `major: float` Device major number - `merged: float` Reads merged - `minor: float` Device minor number - `name: str` Device name - `reads: float` Reads completed successfully - `sectors_read: float` Sectors read successfully - `sectors_written: float` Sectors written successfully - `time_in_progress_ms: float` Time spent doing I/Os (milliseconds) - `time_reading_ms: float` Time spent reading (milliseconds) - `time_writing_ms: float` Time spent writing (milliseconds) - `weighted_time_in_progress_ms: float` Weighted time spent doing I/Os (milliseconds) - `writes: float` Writes completed - `writes_merged: float` Writes merged - `discards: Optional[float]` Discards completed successfully - `discards_merged: Optional[float]` Discards merged - `flushes: Optional[float]` Flushes completed successfully - `sectors_discarded: Optional[float]` Sectors discarded - `time_discarding_ms: Optional[float]` Time spent discarding (milliseconds) - `time_flushing_ms: Optional[float]` Time spent flushing (milliseconds) - `epsilon: Optional[float]` Simulated number of network operations applied during state transition - `ha_state: Optional[str]` Name of high availability state - `ha_value: Optional[float]` Numeric value associated with high availability state (0 = disabled, 1 = active, 2 = standby, 3 = stopped, 4 = fault) - `interfaces: Optional[List[Interface]]` - `name: str` Name of the network interface - `operstate: str` UP/DOWN state of the network interface - `ip_addresses: Optional[List[InterfaceIPAddress]]` - `interface_name: str` Name of the network interface - `ip_address: str` IP address of the network interface - `speed: Optional[float]` Speed of the network interface (bits per second) - `io_pressure_full_10s: Optional[float]` Percentage of time over a 10 second window that all tasks were stalled - `io_pressure_full_300s: Optional[float]` Percentage of time over a 5 minute window that all tasks were stalled - `io_pressure_full_60s: Optional[float]` Percentage of time over a 1 minute window that all tasks were stalled - `io_pressure_full_total_us: Optional[float]` Total stall time (microseconds) - `io_pressure_some_10s: Optional[float]` Percentage of time over a 10 second window that some tasks were stalled - `io_pressure_some_300s: Optional[float]` Percentage of time over a 3 minute window that some tasks were stalled - `io_pressure_some_60s: Optional[float]` Percentage of time over a 1 minute window that some tasks were stalled - `io_pressure_some_total_us: Optional[float]` Total stall time (microseconds) - `kernel_btime: Optional[float]` Boot time (seconds since Unix epoch) - `kernel_ctxt: Optional[float]` Number of context switches that the system underwent - `kernel_processes: Optional[float]` Number of forks since boot - `kernel_processes_blocked: Optional[float]` Number of processes blocked waiting for I/O - `kernel_processes_running: Optional[float]` Number of processes in runnable state - `load_average_15m: Optional[float]` The fifteen-minute load average - `load_average_1m: Optional[float]` The one-minute load average - `load_average_5m: Optional[float]` The five-minute load average - `load_average_cur: Optional[float]` Number of currently runnable kernel scheduling entities - `load_average_max: Optional[float]` Number of kernel scheduling entities that currently exist on the system - `memory_active_bytes: Optional[float]` Memory that has been used more recently - `memory_anon_hugepages_bytes: Optional[float]` Non-file backed huge pages mapped into user-space page tables - `memory_anon_pages_bytes: Optional[float]` Non-file backed pages mapped into user-space page tables - `memory_available_bytes: Optional[float]` Estimate of how much memory is available for starting new applications - `memory_bounce_bytes: Optional[float]` Memory used for block device bounce buffers - `memory_buffers_bytes: Optional[float]` Relatively temporary storage for raw disk blocks - `memory_cached_bytes: Optional[float]` In-memory cache for files read from the disk - `memory_cma_free_bytes: Optional[float]` Free CMA (Contiguous Memory Allocator) pages - `memory_cma_total_bytes: Optional[float]` Total CMA (Contiguous Memory Allocator) pages - `memory_commit_limit_bytes: Optional[float]` Total amount of memory currently available to be allocated on the system - `memory_committed_as_bytes: Optional[float]` Amount of memory presently allocated on the system - `memory_dirty_bytes: Optional[float]` Memory which is waiting to get written back to the disk - `memory_free_bytes: Optional[float]` The sum of LowFree and HighFree - `memory_high_free_bytes: Optional[float]` Amount of free highmem - `memory_high_total_bytes: Optional[float]` Total amount of highmem - `memory_hugepages_free: Optional[float]` The number of huge pages in the pool that are not yet allocated - `memory_hugepages_rsvd: Optional[float]` Number of huge pages for which a commitment has been made, but no allocation has yet been made - `memory_hugepages_surp: Optional[float]` Number of huge pages in the pool above the threshold - `memory_hugepages_total: Optional[float]` The size of the pool of huge pages - `memory_hugepagesize_bytes: Optional[float]` The size of huge pages - `memory_inactive_bytes: Optional[float]` Memory which has been less recently used - `memory_k_reclaimable_bytes: Optional[float]` Kernel allocations that the kernel will attempt to reclaim under memory pressure - `memory_kernel_stack_bytes: Optional[float]` Amount of memory allocated to kernel stacks - `memory_low_free_bytes: Optional[float]` Amount of free lowmem - `memory_low_total_bytes: Optional[float]` Total amount of lowmem - `memory_mapped_bytes: Optional[float]` Files which have been mapped into memory - `memory_page_tables_bytes: Optional[float]` Amount of memory dedicated to the lowest level of page tables - `memory_per_cpu_bytes: Optional[float]` Memory allocated to the per-cpu alloctor used to back per-cpu allocations - `memory_pressure_full_10s: Optional[float]` Percentage of time over a 10 second window that all tasks were stalled - `memory_pressure_full_300s: Optional[float]` Percentage of time over a 5 minute window that all tasks were stalled - `memory_pressure_full_60s: Optional[float]` Percentage of time over a 1 minute window that all tasks were stalled - `memory_pressure_full_total_us: Optional[float]` Total stall time (microseconds) - `memory_pressure_some_10s: Optional[float]` Percentage of time over a 10 second window that some tasks were stalled - `memory_pressure_some_300s: Optional[float]` Percentage of time over a 5 minute window that some tasks were stalled - `memory_pressure_some_60s: Optional[float]` Percentage of time over a 1 minute window that some tasks were stalled - `memory_pressure_some_total_us: Optional[float]` Total stall time (microseconds) - `memory_s_reclaimable_bytes: Optional[float]` Part of slab that can be reclaimed on memory pressure - `memory_s_unreclaim_bytes: Optional[float]` Part of slab that cannot be reclaimed on memory pressure - `memory_secondary_page_tables_bytes: Optional[float]` Amount of memory dedicated to the lowest level of page tables - `memory_shmem_bytes: Optional[float]` Amount of memory consumed by tmpfs - `memory_shmem_hugepages_bytes: Optional[float]` Memory used by shmem and tmpfs, allocated with huge pages - `memory_shmem_pmd_mapped_bytes: Optional[float]` Shared memory mapped into user space with huge pages - `memory_slab_bytes: Optional[float]` In-kernel data structures cache - `memory_swap_cached_bytes: Optional[float]` Memory swapped out and back in while still in swap file - `memory_swap_free_bytes: Optional[float]` Amount of swap space that is currently unused - `memory_swap_total_bytes: Optional[float]` Total amount of swap space available - `memory_total_bytes: Optional[float]` Total usable RAM - `memory_vmalloc_chunk_bytes: Optional[float]` Largest contiguous block of vmalloc area which is free - `memory_vmalloc_total_bytes: Optional[float]` Total size of vmalloc memory area - `memory_vmalloc_used_bytes: Optional[float]` Amount of vmalloc area which is used - `memory_writeback_bytes: Optional[float]` Memory which is actively being written back to the disk - `memory_writeback_tmp_bytes: Optional[float]` Memory used by FUSE for temporary writeback buffers - `memory_z_swap_bytes: Optional[float]` Memory consumed by the zswap backend, compressed - `memory_z_swapped_bytes: Optional[float]` Amount of anonymous memory stored in zswap, uncompressed - `mounts: Optional[List[Mount]]` - `file_system: str` File system on disk (EXT4, NTFS, etc.) - `kind: str` Kind of disk (HDD, SSD, etc.) - `mount_point: str` Path where disk is mounted - `name: str` Name of the disk mount - `available_bytes: Optional[float]` Available disk size (bytes) - `is_read_only: Optional[bool]` Determines whether the disk is read-only - `is_removable: Optional[bool]` Determines whether the disk is removable - `total_bytes: Optional[float]` Total disk size (bytes) - `netdevs: Optional[List[Netdev]]` - `name: str` Name of the network device - `recv_bytes: float` Total bytes received - `recv_compressed: float` Compressed packets received - `recv_drop: float` Packets dropped - `recv_errs: float` Bad packets received - `recv_fifo: float` FIFO overruns - `recv_frame: float` Frame alignment errors - `recv_multicast: float` Multicast packets received - `recv_packets: float` Total packets received - `sent_bytes: float` Total bytes transmitted - `sent_carrier: float` Number of packets not sent due to carrier errors - `sent_colls: float` Number of collisions - `sent_compressed: float` Number of compressed packets transmitted - `sent_drop: float` Number of packets dropped during transmission - `sent_errs: float` Number of transmission errors - `sent_fifo: float` FIFO overruns - `sent_packets: float` Total packets transmitted - `snmp_icmp_in_addr_mask_reps: Optional[float]` Number of ICMP Address Mask Reply messages received - `snmp_icmp_in_addr_masks: Optional[float]` Number of ICMP Address Mask Request messages received - `snmp_icmp_in_csum_errors: Optional[float]` Number of ICMP messages received with bad checksums - `snmp_icmp_in_dest_unreachs: Optional[float]` Number of ICMP Destination Unreachable messages received - `snmp_icmp_in_echo_reps: Optional[float]` Number of ICMP Echo Reply messages received - `snmp_icmp_in_echos: Optional[float]` Number of ICMP Echo (request) messages received - `snmp_icmp_in_errors: Optional[float]` Number of ICMP messages received with ICMP-specific errors - `snmp_icmp_in_msgs: Optional[float]` Number of ICMP messages received - `snmp_icmp_in_parm_probs: Optional[float]` Number of ICMP Parameter Problem messages received - `snmp_icmp_in_redirects: Optional[float]` Number of ICMP Redirect messages received - `snmp_icmp_in_src_quenchs: Optional[float]` Number of ICMP Source Quench messages received - `snmp_icmp_in_time_excds: Optional[float]` Number of ICMP Time Exceeded messages received - `snmp_icmp_in_timestamp_reps: Optional[float]` Number of ICMP Address Mask Request messages received - `snmp_icmp_in_timestamps: Optional[float]` Number of ICMP Timestamp (request) messages received - `snmp_icmp_out_addr_mask_reps: Optional[float]` Number of ICMP Address Mask Reply messages sent - `snmp_icmp_out_addr_masks: Optional[float]` Number of ICMP Address Mask Request messages sent - `snmp_icmp_out_dest_unreachs: Optional[float]` Number of ICMP Destination Unreachable messages sent - `snmp_icmp_out_echo_reps: Optional[float]` Number of ICMP Echo Reply messages sent - `snmp_icmp_out_echos: Optional[float]` Number of ICMP Echo (request) messages sent - `snmp_icmp_out_errors: Optional[float]` Number of ICMP messages which this entity did not send due to ICMP-specific errors - `snmp_icmp_out_msgs: Optional[float]` Number of ICMP messages attempted to send - `snmp_icmp_out_parm_probs: Optional[float]` Number of ICMP Parameter Problem messages sent - `snmp_icmp_out_redirects: Optional[float]` Number of ICMP Redirect messages sent - `snmp_icmp_out_src_quenchs: Optional[float]` Number of ICMP Source Quench messages sent - `snmp_icmp_out_time_excds: Optional[float]` Number of ICMP Time Exceeded messages sent - `snmp_icmp_out_timestamp_reps: Optional[float]` Number of ICMP Timestamp Reply messages sent - `snmp_icmp_out_timestamps: Optional[float]` Number of ICMP Timestamp (request) messages sent - `snmp_ip_default_ttl: Optional[float]` Default value of the Time-To-Live field of the IP header - `snmp_ip_forw_datagrams: Optional[float]` Number of datagrams forwarded to their final destination - `snmp_ip_forwarding_enabled: Optional[bool]` Set when acting as an IP gateway - `snmp_ip_frag_creates: Optional[float]` Number of datagrams generated by fragmentation - `snmp_ip_frag_fails: Optional[float]` Number of datagrams discarded because fragmentation failed - `snmp_ip_frag_oks: Optional[float]` Number of datagrams successfully fragmented - `snmp_ip_in_addr_errors: Optional[float]` Number of input datagrams discarded due to errors in the IP address - `snmp_ip_in_delivers: Optional[float]` Number of input datagrams successfully delivered to IP user-protocols - `snmp_ip_in_discards: Optional[float]` Number of input datagrams otherwise discarded - `snmp_ip_in_hdr_errors: Optional[float]` Number of input datagrams discarded due to errors in the IP header - `snmp_ip_in_receives: Optional[float]` Number of input datagrams received from interfaces - `snmp_ip_in_unknown_protos: Optional[float]` Number of input datagrams discarded due unknown or unsupported protocol - `snmp_ip_out_discards: Optional[float]` Number of output datagrams otherwise discarded - `snmp_ip_out_no_routes: Optional[float]` Number of output datagrams discarded because no route matched - `snmp_ip_out_requests: Optional[float]` Number of datagrams supplied for transmission - `snmp_ip_reasm_fails: Optional[float]` Number of failures detected by the reassembly algorithm - `snmp_ip_reasm_oks: Optional[float]` Number of datagrams successfully reassembled - `snmp_ip_reasm_reqds: Optional[float]` Number of fragments received which needed to be reassembled - `snmp_ip_reasm_timeout: Optional[float]` Number of seconds fragments are held while awaiting reassembly - `snmp_tcp_active_opens: Optional[float]` Number of times TCP transitions to SYN-SENT from CLOSED - `snmp_tcp_attempt_fails: Optional[float]` Number of times TCP transitions to CLOSED from SYN-SENT or SYN-RCVD, plus transitions to LISTEN from SYN-RCVD - `snmp_tcp_curr_estab: Optional[float]` Number of TCP connections in ESTABLISHED or CLOSE-WAIT - `snmp_tcp_estab_resets: Optional[float]` Number of times TCP transitions to CLOSED from ESTABLISHED or CLOSE-WAIT - `snmp_tcp_in_csum_errors: Optional[float]` Number of TCP segments received with checksum errors - `snmp_tcp_in_errs: Optional[float]` Number of TCP segments received in error - `snmp_tcp_in_segs: Optional[float]` Number of TCP segments received - `snmp_tcp_max_conn: Optional[float]` Limit on the total number of TCP connections - `snmp_tcp_out_rsts: Optional[float]` Number of TCP segments sent with RST flag - `snmp_tcp_out_segs: Optional[float]` Number of TCP segments sent - `snmp_tcp_passive_opens: Optional[float]` Number of times TCP transitions to SYN-RCVD from LISTEN - `snmp_tcp_retrans_segs: Optional[float]` Number of TCP segments retransmitted - `snmp_tcp_rto_max: Optional[float]` Maximum value permitted by a TCP implementation for the retransmission timeout (milliseconds) - `snmp_tcp_rto_min: Optional[float]` Minimum value permitted by a TCP implementation for the retransmission timeout (milliseconds) - `snmp_udp_in_datagrams: Optional[float]` Number of UDP datagrams delivered to UDP applications - `snmp_udp_in_errors: Optional[float]` Number of UDP datagrams failed to be delivered for reasons other than lack of application at the destination port - `snmp_udp_no_ports: Optional[float]` Number of UDP datagrams received for which there was not application at the destination port - `snmp_udp_out_datagrams: Optional[float]` Number of UDP datagrams sent - `system_boot_time_s: Optional[float]` Boottime of the system (seconds since the Unix epoch) - `thermals: Optional[List[Thermal]]` - `label: str` Sensor identifier for the component - `critical_celcius: Optional[float]` Critical failure temperature of the component (degrees Celsius) - `current_celcius: Optional[float]` Current temperature of the component (degrees Celsius) - `max_celcius: Optional[float]` Maximum temperature of the component (degrees Celsius) - `tunnels: Optional[List[Tunnel]]` - `health_state: str` Name of tunnel health state (unknown, healthy, degraded, down) - `health_value: float` Numeric value associated with tunnel state (0 = unknown, 1 = healthy, 2 = degraded, 3 = down) - `interface_name: str` The tunnel interface name (i.e. xfrm1, xfrm3.99, etc.) - `tunnel_id: str` Tunnel identifier - `probed_mtu: Optional[float]` MTU as measured between the two ends of the tunnel - `recent_healthy_pings: Optional[float]` Number of recent healthy pings for this tunnel - `recent_unhealthy_pings: Optional[float]` Number of recent unhealthy pings for this tunnel - `uptime_idle_ms: Optional[float]` Sum of how much time each core has spent idle - `uptime_total_ms: Optional[float]` Uptime of the system, including time spent in suspend ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) snapshot = client.magic_transit.connectors.snapshots.get( snapshot_t=0, account_id="023e105f4ecef8ad9ca31a8372d0c353", connector_id="connector_id", ) print(snapshot.cpu_time_idle_ms) ``` #### Response ```json { "result": { "count_reclaim_failures": 0, "count_reclaimed_paths": 0, "count_record_failed": 0, "count_transmit_failures": 0, "t": 0, "v": "v", "bonds": [ { "name": "name", "status": "status" } ], "cpu_count": 0, "cpu_pressure_10s": 0, "cpu_pressure_300s": 0, "cpu_pressure_60s": 0, "cpu_pressure_total_us": 0, "cpu_time_guest_ms": 0, "cpu_time_guest_nice_ms": 0, "cpu_time_idle_ms": 0, "cpu_time_iowait_ms": 0, "cpu_time_irq_ms": 0, "cpu_time_nice_ms": 0, "cpu_time_softirq_ms": 0, "cpu_time_steal_ms": 0, "cpu_time_system_ms": 0, "cpu_time_user_ms": 0, "delta": 0, "dhcp_leases": [ { "client_id": "client_id", "expiry_time": 0, "hostname": "hostname", "interface_name": "interface_name", "ip_address": "ip_address", "mac_address": "mac_address" } ], "disks": [ { "in_progress": 0, "major": 0, "merged": 0, "minor": 0, "name": "name", "reads": 0, "sectors_read": 0, "sectors_written": 0, "time_in_progress_ms": 0, "time_reading_ms": 0, "time_writing_ms": 0, "weighted_time_in_progress_ms": 0, "writes": 0, "writes_merged": 0, "discards": 0, "discards_merged": 0, "flushes": 0, "sectors_discarded": 0, "time_discarding_ms": 0, "time_flushing_ms": 0 } ], "epsilon": 0, "ha_state": "ha_state", "ha_value": 0, "interfaces": [ { "name": "name", "operstate": "operstate", "ip_addresses": [ { "interface_name": "interface_name", "ip_address": "ip_address" } ], "speed": 0 } ], "io_pressure_full_10s": 0, "io_pressure_full_300s": 0, "io_pressure_full_60s": 0, "io_pressure_full_total_us": 0, "io_pressure_some_10s": 0, "io_pressure_some_300s": 0, "io_pressure_some_60s": 0, "io_pressure_some_total_us": 0, "kernel_btime": 0, "kernel_ctxt": 0, "kernel_processes": 0, "kernel_processes_blocked": 0, "kernel_processes_running": 0, "load_average_15m": 0, "load_average_1m": 0, "load_average_5m": 0, "load_average_cur": 0, "load_average_max": 0, "memory_active_bytes": 0, "memory_anon_hugepages_bytes": 0, "memory_anon_pages_bytes": 0, "memory_available_bytes": 0, "memory_bounce_bytes": 0, "memory_buffers_bytes": 0, "memory_cached_bytes": 0, "memory_cma_free_bytes": 0, "memory_cma_total_bytes": 0, "memory_commit_limit_bytes": 0, "memory_committed_as_bytes": 0, "memory_dirty_bytes": 0, "memory_free_bytes": 0, "memory_high_free_bytes": 0, "memory_high_total_bytes": 0, "memory_hugepages_free": 0, "memory_hugepages_rsvd": 0, "memory_hugepages_surp": 0, "memory_hugepages_total": 0, "memory_hugepagesize_bytes": 0, "memory_inactive_bytes": 0, "memory_k_reclaimable_bytes": 0, "memory_kernel_stack_bytes": 0, "memory_low_free_bytes": 0, "memory_low_total_bytes": 0, "memory_mapped_bytes": 0, "memory_page_tables_bytes": 0, "memory_per_cpu_bytes": 0, "memory_pressure_full_10s": 0, "memory_pressure_full_300s": 0, "memory_pressure_full_60s": 0, "memory_pressure_full_total_us": 0, "memory_pressure_some_10s": 0, "memory_pressure_some_300s": 0, "memory_pressure_some_60s": 0, "memory_pressure_some_total_us": 0, "memory_s_reclaimable_bytes": 0, "memory_s_unreclaim_bytes": 0, "memory_secondary_page_tables_bytes": 0, "memory_shmem_bytes": 0, "memory_shmem_hugepages_bytes": 0, "memory_shmem_pmd_mapped_bytes": 0, "memory_slab_bytes": 0, "memory_swap_cached_bytes": 0, "memory_swap_free_bytes": 0, "memory_swap_total_bytes": 0, "memory_total_bytes": 0, "memory_vmalloc_chunk_bytes": 0, "memory_vmalloc_total_bytes": 0, "memory_vmalloc_used_bytes": 0, "memory_writeback_bytes": 0, "memory_writeback_tmp_bytes": 0, "memory_z_swap_bytes": 0, "memory_z_swapped_bytes": 0, "mounts": [ { "file_system": "file_system", "kind": "kind", "mount_point": "mount_point", "name": "name", "available_bytes": 0, "is_read_only": true, "is_removable": true, "total_bytes": 0 } ], "netdevs": [ { "name": "name", "recv_bytes": 0, "recv_compressed": 0, "recv_drop": 0, "recv_errs": 0, "recv_fifo": 0, "recv_frame": 0, "recv_multicast": 0, "recv_packets": 0, "sent_bytes": 0, "sent_carrier": 0, "sent_colls": 0, "sent_compressed": 0, "sent_drop": 0, "sent_errs": 0, "sent_fifo": 0, "sent_packets": 0 } ], "snmp_icmp_in_addr_mask_reps": 0, "snmp_icmp_in_addr_masks": 0, "snmp_icmp_in_csum_errors": 0, "snmp_icmp_in_dest_unreachs": 0, "snmp_icmp_in_echo_reps": 0, "snmp_icmp_in_echos": 0, "snmp_icmp_in_errors": 0, "snmp_icmp_in_msgs": 0, "snmp_icmp_in_parm_probs": 0, "snmp_icmp_in_redirects": 0, "snmp_icmp_in_src_quenchs": 0, "snmp_icmp_in_time_excds": 0, "snmp_icmp_in_timestamp_reps": 0, "snmp_icmp_in_timestamps": 0, "snmp_icmp_out_addr_mask_reps": 0, "snmp_icmp_out_addr_masks": 0, "snmp_icmp_out_dest_unreachs": 0, "snmp_icmp_out_echo_reps": 0, "snmp_icmp_out_echos": 0, "snmp_icmp_out_errors": 0, "snmp_icmp_out_msgs": 0, "snmp_icmp_out_parm_probs": 0, "snmp_icmp_out_redirects": 0, "snmp_icmp_out_src_quenchs": 0, "snmp_icmp_out_time_excds": 0, "snmp_icmp_out_timestamp_reps": 0, "snmp_icmp_out_timestamps": 0, "snmp_ip_default_ttl": 0, "snmp_ip_forw_datagrams": 0, "snmp_ip_forwarding_enabled": true, "snmp_ip_frag_creates": 0, "snmp_ip_frag_fails": 0, "snmp_ip_frag_oks": 0, "snmp_ip_in_addr_errors": 0, "snmp_ip_in_delivers": 0, "snmp_ip_in_discards": 0, "snmp_ip_in_hdr_errors": 0, "snmp_ip_in_receives": 0, "snmp_ip_in_unknown_protos": 0, "snmp_ip_out_discards": 0, "snmp_ip_out_no_routes": 0, "snmp_ip_out_requests": 0, "snmp_ip_reasm_fails": 0, "snmp_ip_reasm_oks": 0, "snmp_ip_reasm_reqds": 0, "snmp_ip_reasm_timeout": 0, "snmp_tcp_active_opens": 0, "snmp_tcp_attempt_fails": 0, "snmp_tcp_curr_estab": 0, "snmp_tcp_estab_resets": 0, "snmp_tcp_in_csum_errors": 0, "snmp_tcp_in_errs": 0, "snmp_tcp_in_segs": 0, "snmp_tcp_max_conn": 0, "snmp_tcp_out_rsts": 0, "snmp_tcp_out_segs": 0, "snmp_tcp_passive_opens": 0, "snmp_tcp_retrans_segs": 0, "snmp_tcp_rto_max": 0, "snmp_tcp_rto_min": 0, "snmp_udp_in_datagrams": 0, "snmp_udp_in_errors": 0, "snmp_udp_no_ports": 0, "snmp_udp_out_datagrams": 0, "system_boot_time_s": 0, "thermals": [ { "label": "label", "critical_celcius": 0, "current_celcius": 0, "max_celcius": 0 } ], "tunnels": [ { "health_state": "health_state", "health_value": 0, "interface_name": "interface_name", "tunnel_id": "tunnel_id", "probed_mtu": 0, "recent_healthy_pings": 0, "recent_unhealthy_pings": 0 } ], "uptime_idle_ms": 0, "uptime_total_ms": 0 }, "success": true, "errors": [ { "code": 0, "message": "message" } ], "messages": [ { "code": 0, "message": "message" } ] } ``` ## Domain Types ### Snapshot List Response - `class SnapshotListResponse: …` - `count: float` - `items: List[Item]` - `a: float` Time the Snapshot was collected (seconds since the Unix epoch) - `t: float` Time the Snapshot was recorded (seconds since the Unix epoch) - `cursor: Optional[str]` ### Snapshot Get Response - `class SnapshotGetResponse: …` Snapshot - `count_reclaim_failures: float` Count of failures to reclaim space - `count_reclaimed_paths: float` Count of reclaimed paths - `count_record_failed: float` Count of failed snapshot recordings - `count_transmit_failures: float` Count of failed snapshot transmissions - `t: float` Time the Snapshot was recorded (seconds since the Unix epoch) - `v: str` Version - `bonds: Optional[List[Bond]]` - `name: str` Name of the network interface - `status: str` Current status of the network interface - `cpu_count: Optional[float]` Count of processors/cores - `cpu_pressure_10s: Optional[float]` Percentage of time over a 10 second window that tasks were stalled - `cpu_pressure_300s: Optional[float]` Percentage of time over a 5 minute window that tasks were stalled - `cpu_pressure_60s: Optional[float]` Percentage of time over a 1 minute window that tasks were stalled - `cpu_pressure_total_us: Optional[float]` Total stall time (microseconds) - `cpu_time_guest_ms: Optional[float]` Time spent running a virtual CPU or guest OS (milliseconds) - `cpu_time_guest_nice_ms: Optional[float]` Time spent running a niced guest (milliseconds) - `cpu_time_idle_ms: Optional[float]` Time spent in idle state (milliseconds) - `cpu_time_iowait_ms: Optional[float]` Time spent wait for I/O to complete (milliseconds) - `cpu_time_irq_ms: Optional[float]` Time spent servicing interrupts (milliseconds) - `cpu_time_nice_ms: Optional[float]` Time spent in low-priority user mode (milliseconds) - `cpu_time_softirq_ms: Optional[float]` Time spent servicing softirqs (milliseconds) - `cpu_time_steal_ms: Optional[float]` Time stolen (milliseconds) - `cpu_time_system_ms: Optional[float]` Time spent in system mode (milliseconds) - `cpu_time_user_ms: Optional[float]` Time spent in user mode (milliseconds) - `delta: Optional[float]` Number of network operations applied during state transition - `dhcp_leases: Optional[List[DHCPLease]]` - `client_id: str` Client ID of the device the IP Address was leased to - `expiry_time: float` Expiry time of the DHCP lease (seconds since the Unix epoch) - `hostname: str` Hostname of the device the IP Address was leased to - `interface_name: str` Name of the network interface - `ip_address: str` IP Address that was leased - `mac_address: str` MAC Address of the device the IP Address was leased to - `disks: Optional[List[Disk]]` - `in_progress: float` I/Os currently in progress - `major: float` Device major number - `merged: float` Reads merged - `minor: float` Device minor number - `name: str` Device name - `reads: float` Reads completed successfully - `sectors_read: float` Sectors read successfully - `sectors_written: float` Sectors written successfully - `time_in_progress_ms: float` Time spent doing I/Os (milliseconds) - `time_reading_ms: float` Time spent reading (milliseconds) - `time_writing_ms: float` Time spent writing (milliseconds) - `weighted_time_in_progress_ms: float` Weighted time spent doing I/Os (milliseconds) - `writes: float` Writes completed - `writes_merged: float` Writes merged - `discards: Optional[float]` Discards completed successfully - `discards_merged: Optional[float]` Discards merged - `flushes: Optional[float]` Flushes completed successfully - `sectors_discarded: Optional[float]` Sectors discarded - `time_discarding_ms: Optional[float]` Time spent discarding (milliseconds) - `time_flushing_ms: Optional[float]` Time spent flushing (milliseconds) - `epsilon: Optional[float]` Simulated number of network operations applied during state transition - `ha_state: Optional[str]` Name of high availability state - `ha_value: Optional[float]` Numeric value associated with high availability state (0 = disabled, 1 = active, 2 = standby, 3 = stopped, 4 = fault) - `interfaces: Optional[List[Interface]]` - `name: str` Name of the network interface - `operstate: str` UP/DOWN state of the network interface - `ip_addresses: Optional[List[InterfaceIPAddress]]` - `interface_name: str` Name of the network interface - `ip_address: str` IP address of the network interface - `speed: Optional[float]` Speed of the network interface (bits per second) - `io_pressure_full_10s: Optional[float]` Percentage of time over a 10 second window that all tasks were stalled - `io_pressure_full_300s: Optional[float]` Percentage of time over a 5 minute window that all tasks were stalled - `io_pressure_full_60s: Optional[float]` Percentage of time over a 1 minute window that all tasks were stalled - `io_pressure_full_total_us: Optional[float]` Total stall time (microseconds) - `io_pressure_some_10s: Optional[float]` Percentage of time over a 10 second window that some tasks were stalled - `io_pressure_some_300s: Optional[float]` Percentage of time over a 3 minute window that some tasks were stalled - `io_pressure_some_60s: Optional[float]` Percentage of time over a 1 minute window that some tasks were stalled - `io_pressure_some_total_us: Optional[float]` Total stall time (microseconds) - `kernel_btime: Optional[float]` Boot time (seconds since Unix epoch) - `kernel_ctxt: Optional[float]` Number of context switches that the system underwent - `kernel_processes: Optional[float]` Number of forks since boot - `kernel_processes_blocked: Optional[float]` Number of processes blocked waiting for I/O - `kernel_processes_running: Optional[float]` Number of processes in runnable state - `load_average_15m: Optional[float]` The fifteen-minute load average - `load_average_1m: Optional[float]` The one-minute load average - `load_average_5m: Optional[float]` The five-minute load average - `load_average_cur: Optional[float]` Number of currently runnable kernel scheduling entities - `load_average_max: Optional[float]` Number of kernel scheduling entities that currently exist on the system - `memory_active_bytes: Optional[float]` Memory that has been used more recently - `memory_anon_hugepages_bytes: Optional[float]` Non-file backed huge pages mapped into user-space page tables - `memory_anon_pages_bytes: Optional[float]` Non-file backed pages mapped into user-space page tables - `memory_available_bytes: Optional[float]` Estimate of how much memory is available for starting new applications - `memory_bounce_bytes: Optional[float]` Memory used for block device bounce buffers - `memory_buffers_bytes: Optional[float]` Relatively temporary storage for raw disk blocks - `memory_cached_bytes: Optional[float]` In-memory cache for files read from the disk - `memory_cma_free_bytes: Optional[float]` Free CMA (Contiguous Memory Allocator) pages - `memory_cma_total_bytes: Optional[float]` Total CMA (Contiguous Memory Allocator) pages - `memory_commit_limit_bytes: Optional[float]` Total amount of memory currently available to be allocated on the system - `memory_committed_as_bytes: Optional[float]` Amount of memory presently allocated on the system - `memory_dirty_bytes: Optional[float]` Memory which is waiting to get written back to the disk - `memory_free_bytes: Optional[float]` The sum of LowFree and HighFree - `memory_high_free_bytes: Optional[float]` Amount of free highmem - `memory_high_total_bytes: Optional[float]` Total amount of highmem - `memory_hugepages_free: Optional[float]` The number of huge pages in the pool that are not yet allocated - `memory_hugepages_rsvd: Optional[float]` Number of huge pages for which a commitment has been made, but no allocation has yet been made - `memory_hugepages_surp: Optional[float]` Number of huge pages in the pool above the threshold - `memory_hugepages_total: Optional[float]` The size of the pool of huge pages - `memory_hugepagesize_bytes: Optional[float]` The size of huge pages - `memory_inactive_bytes: Optional[float]` Memory which has been less recently used - `memory_k_reclaimable_bytes: Optional[float]` Kernel allocations that the kernel will attempt to reclaim under memory pressure - `memory_kernel_stack_bytes: Optional[float]` Amount of memory allocated to kernel stacks - `memory_low_free_bytes: Optional[float]` Amount of free lowmem - `memory_low_total_bytes: Optional[float]` Total amount of lowmem - `memory_mapped_bytes: Optional[float]` Files which have been mapped into memory - `memory_page_tables_bytes: Optional[float]` Amount of memory dedicated to the lowest level of page tables - `memory_per_cpu_bytes: Optional[float]` Memory allocated to the per-cpu alloctor used to back per-cpu allocations - `memory_pressure_full_10s: Optional[float]` Percentage of time over a 10 second window that all tasks were stalled - `memory_pressure_full_300s: Optional[float]` Percentage of time over a 5 minute window that all tasks were stalled - `memory_pressure_full_60s: Optional[float]` Percentage of time over a 1 minute window that all tasks were stalled - `memory_pressure_full_total_us: Optional[float]` Total stall time (microseconds) - `memory_pressure_some_10s: Optional[float]` Percentage of time over a 10 second window that some tasks were stalled - `memory_pressure_some_300s: Optional[float]` Percentage of time over a 5 minute window that some tasks were stalled - `memory_pressure_some_60s: Optional[float]` Percentage of time over a 1 minute window that some tasks were stalled - `memory_pressure_some_total_us: Optional[float]` Total stall time (microseconds) - `memory_s_reclaimable_bytes: Optional[float]` Part of slab that can be reclaimed on memory pressure - `memory_s_unreclaim_bytes: Optional[float]` Part of slab that cannot be reclaimed on memory pressure - `memory_secondary_page_tables_bytes: Optional[float]` Amount of memory dedicated to the lowest level of page tables - `memory_shmem_bytes: Optional[float]` Amount of memory consumed by tmpfs - `memory_shmem_hugepages_bytes: Optional[float]` Memory used by shmem and tmpfs, allocated with huge pages - `memory_shmem_pmd_mapped_bytes: Optional[float]` Shared memory mapped into user space with huge pages - `memory_slab_bytes: Optional[float]` In-kernel data structures cache - `memory_swap_cached_bytes: Optional[float]` Memory swapped out and back in while still in swap file - `memory_swap_free_bytes: Optional[float]` Amount of swap space that is currently unused - `memory_swap_total_bytes: Optional[float]` Total amount of swap space available - `memory_total_bytes: Optional[float]` Total usable RAM - `memory_vmalloc_chunk_bytes: Optional[float]` Largest contiguous block of vmalloc area which is free - `memory_vmalloc_total_bytes: Optional[float]` Total size of vmalloc memory area - `memory_vmalloc_used_bytes: Optional[float]` Amount of vmalloc area which is used - `memory_writeback_bytes: Optional[float]` Memory which is actively being written back to the disk - `memory_writeback_tmp_bytes: Optional[float]` Memory used by FUSE for temporary writeback buffers - `memory_z_swap_bytes: Optional[float]` Memory consumed by the zswap backend, compressed - `memory_z_swapped_bytes: Optional[float]` Amount of anonymous memory stored in zswap, uncompressed - `mounts: Optional[List[Mount]]` - `file_system: str` File system on disk (EXT4, NTFS, etc.) - `kind: str` Kind of disk (HDD, SSD, etc.) - `mount_point: str` Path where disk is mounted - `name: str` Name of the disk mount - `available_bytes: Optional[float]` Available disk size (bytes) - `is_read_only: Optional[bool]` Determines whether the disk is read-only - `is_removable: Optional[bool]` Determines whether the disk is removable - `total_bytes: Optional[float]` Total disk size (bytes) - `netdevs: Optional[List[Netdev]]` - `name: str` Name of the network device - `recv_bytes: float` Total bytes received - `recv_compressed: float` Compressed packets received - `recv_drop: float` Packets dropped - `recv_errs: float` Bad packets received - `recv_fifo: float` FIFO overruns - `recv_frame: float` Frame alignment errors - `recv_multicast: float` Multicast packets received - `recv_packets: float` Total packets received - `sent_bytes: float` Total bytes transmitted - `sent_carrier: float` Number of packets not sent due to carrier errors - `sent_colls: float` Number of collisions - `sent_compressed: float` Number of compressed packets transmitted - `sent_drop: float` Number of packets dropped during transmission - `sent_errs: float` Number of transmission errors - `sent_fifo: float` FIFO overruns - `sent_packets: float` Total packets transmitted - `snmp_icmp_in_addr_mask_reps: Optional[float]` Number of ICMP Address Mask Reply messages received - `snmp_icmp_in_addr_masks: Optional[float]` Number of ICMP Address Mask Request messages received - `snmp_icmp_in_csum_errors: Optional[float]` Number of ICMP messages received with bad checksums - `snmp_icmp_in_dest_unreachs: Optional[float]` Number of ICMP Destination Unreachable messages received - `snmp_icmp_in_echo_reps: Optional[float]` Number of ICMP Echo Reply messages received - `snmp_icmp_in_echos: Optional[float]` Number of ICMP Echo (request) messages received - `snmp_icmp_in_errors: Optional[float]` Number of ICMP messages received with ICMP-specific errors - `snmp_icmp_in_msgs: Optional[float]` Number of ICMP messages received - `snmp_icmp_in_parm_probs: Optional[float]` Number of ICMP Parameter Problem messages received - `snmp_icmp_in_redirects: Optional[float]` Number of ICMP Redirect messages received - `snmp_icmp_in_src_quenchs: Optional[float]` Number of ICMP Source Quench messages received - `snmp_icmp_in_time_excds: Optional[float]` Number of ICMP Time Exceeded messages received - `snmp_icmp_in_timestamp_reps: Optional[float]` Number of ICMP Address Mask Request messages received - `snmp_icmp_in_timestamps: Optional[float]` Number of ICMP Timestamp (request) messages received - `snmp_icmp_out_addr_mask_reps: Optional[float]` Number of ICMP Address Mask Reply messages sent - `snmp_icmp_out_addr_masks: Optional[float]` Number of ICMP Address Mask Request messages sent - `snmp_icmp_out_dest_unreachs: Optional[float]` Number of ICMP Destination Unreachable messages sent - `snmp_icmp_out_echo_reps: Optional[float]` Number of ICMP Echo Reply messages sent - `snmp_icmp_out_echos: Optional[float]` Number of ICMP Echo (request) messages sent - `snmp_icmp_out_errors: Optional[float]` Number of ICMP messages which this entity did not send due to ICMP-specific errors - `snmp_icmp_out_msgs: Optional[float]` Number of ICMP messages attempted to send - `snmp_icmp_out_parm_probs: Optional[float]` Number of ICMP Parameter Problem messages sent - `snmp_icmp_out_redirects: Optional[float]` Number of ICMP Redirect messages sent - `snmp_icmp_out_src_quenchs: Optional[float]` Number of ICMP Source Quench messages sent - `snmp_icmp_out_time_excds: Optional[float]` Number of ICMP Time Exceeded messages sent - `snmp_icmp_out_timestamp_reps: Optional[float]` Number of ICMP Timestamp Reply messages sent - `snmp_icmp_out_timestamps: Optional[float]` Number of ICMP Timestamp (request) messages sent - `snmp_ip_default_ttl: Optional[float]` Default value of the Time-To-Live field of the IP header - `snmp_ip_forw_datagrams: Optional[float]` Number of datagrams forwarded to their final destination - `snmp_ip_forwarding_enabled: Optional[bool]` Set when acting as an IP gateway - `snmp_ip_frag_creates: Optional[float]` Number of datagrams generated by fragmentation - `snmp_ip_frag_fails: Optional[float]` Number of datagrams discarded because fragmentation failed - `snmp_ip_frag_oks: Optional[float]` Number of datagrams successfully fragmented - `snmp_ip_in_addr_errors: Optional[float]` Number of input datagrams discarded due to errors in the IP address - `snmp_ip_in_delivers: Optional[float]` Number of input datagrams successfully delivered to IP user-protocols - `snmp_ip_in_discards: Optional[float]` Number of input datagrams otherwise discarded - `snmp_ip_in_hdr_errors: Optional[float]` Number of input datagrams discarded due to errors in the IP header - `snmp_ip_in_receives: Optional[float]` Number of input datagrams received from interfaces - `snmp_ip_in_unknown_protos: Optional[float]` Number of input datagrams discarded due unknown or unsupported protocol - `snmp_ip_out_discards: Optional[float]` Number of output datagrams otherwise discarded - `snmp_ip_out_no_routes: Optional[float]` Number of output datagrams discarded because no route matched - `snmp_ip_out_requests: Optional[float]` Number of datagrams supplied for transmission - `snmp_ip_reasm_fails: Optional[float]` Number of failures detected by the reassembly algorithm - `snmp_ip_reasm_oks: Optional[float]` Number of datagrams successfully reassembled - `snmp_ip_reasm_reqds: Optional[float]` Number of fragments received which needed to be reassembled - `snmp_ip_reasm_timeout: Optional[float]` Number of seconds fragments are held while awaiting reassembly - `snmp_tcp_active_opens: Optional[float]` Number of times TCP transitions to SYN-SENT from CLOSED - `snmp_tcp_attempt_fails: Optional[float]` Number of times TCP transitions to CLOSED from SYN-SENT or SYN-RCVD, plus transitions to LISTEN from SYN-RCVD - `snmp_tcp_curr_estab: Optional[float]` Number of TCP connections in ESTABLISHED or CLOSE-WAIT - `snmp_tcp_estab_resets: Optional[float]` Number of times TCP transitions to CLOSED from ESTABLISHED or CLOSE-WAIT - `snmp_tcp_in_csum_errors: Optional[float]` Number of TCP segments received with checksum errors - `snmp_tcp_in_errs: Optional[float]` Number of TCP segments received in error - `snmp_tcp_in_segs: Optional[float]` Number of TCP segments received - `snmp_tcp_max_conn: Optional[float]` Limit on the total number of TCP connections - `snmp_tcp_out_rsts: Optional[float]` Number of TCP segments sent with RST flag - `snmp_tcp_out_segs: Optional[float]` Number of TCP segments sent - `snmp_tcp_passive_opens: Optional[float]` Number of times TCP transitions to SYN-RCVD from LISTEN - `snmp_tcp_retrans_segs: Optional[float]` Number of TCP segments retransmitted - `snmp_tcp_rto_max: Optional[float]` Maximum value permitted by a TCP implementation for the retransmission timeout (milliseconds) - `snmp_tcp_rto_min: Optional[float]` Minimum value permitted by a TCP implementation for the retransmission timeout (milliseconds) - `snmp_udp_in_datagrams: Optional[float]` Number of UDP datagrams delivered to UDP applications - `snmp_udp_in_errors: Optional[float]` Number of UDP datagrams failed to be delivered for reasons other than lack of application at the destination port - `snmp_udp_no_ports: Optional[float]` Number of UDP datagrams received for which there was not application at the destination port - `snmp_udp_out_datagrams: Optional[float]` Number of UDP datagrams sent - `system_boot_time_s: Optional[float]` Boottime of the system (seconds since the Unix epoch) - `thermals: Optional[List[Thermal]]` - `label: str` Sensor identifier for the component - `critical_celcius: Optional[float]` Critical failure temperature of the component (degrees Celsius) - `current_celcius: Optional[float]` Current temperature of the component (degrees Celsius) - `max_celcius: Optional[float]` Maximum temperature of the component (degrees Celsius) - `tunnels: Optional[List[Tunnel]]` - `health_state: str` Name of tunnel health state (unknown, healthy, degraded, down) - `health_value: float` Numeric value associated with tunnel state (0 = unknown, 1 = healthy, 2 = degraded, 3 = down) - `interface_name: str` The tunnel interface name (i.e. xfrm1, xfrm3.99, etc.) - `tunnel_id: str` Tunnel identifier - `probed_mtu: Optional[float]` MTU as measured between the two ends of the tunnel - `recent_healthy_pings: Optional[float]` Number of recent healthy pings for this tunnel - `recent_unhealthy_pings: Optional[float]` Number of recent unhealthy pings for this tunnel - `uptime_idle_ms: Optional[float]` Sum of how much time each core has spent idle - `uptime_total_ms: Optional[float]` Uptime of the system, including time spent in suspend # Latest ## Get latest Snapshots `magic_transit.connectors.snapshots.latest.list(strconnector_id, LatestListParams**kwargs) -> LatestListResponse` **get** `/accounts/{account_id}/magic/connectors/{connector_id}/telemetry/snapshots/latest` Get latest Snapshots ### Parameters - `account_id: str` Account identifier - `connector_id: str` ### Returns - `class LatestListResponse: …` - `count: float` - `items: List[Item]` - `count_reclaim_failures: float` Count of failures to reclaim space - `count_reclaimed_paths: float` Count of reclaimed paths - `count_record_failed: float` Count of failed snapshot recordings - `count_transmit_failures: float` Count of failed snapshot transmissions - `t: float` Time the Snapshot was recorded (seconds since the Unix epoch) - `v: str` Version - `bonds: Optional[List[ItemBond]]` - `name: str` Name of the network interface - `status: str` Current status of the network interface - `cpu_count: Optional[float]` Count of processors/cores - `cpu_pressure_10s: Optional[float]` Percentage of time over a 10 second window that tasks were stalled - `cpu_pressure_300s: Optional[float]` Percentage of time over a 5 minute window that tasks were stalled - `cpu_pressure_60s: Optional[float]` Percentage of time over a 1 minute window that tasks were stalled - `cpu_pressure_total_us: Optional[float]` Total stall time (microseconds) - `cpu_time_guest_ms: Optional[float]` Time spent running a virtual CPU or guest OS (milliseconds) - `cpu_time_guest_nice_ms: Optional[float]` Time spent running a niced guest (milliseconds) - `cpu_time_idle_ms: Optional[float]` Time spent in idle state (milliseconds) - `cpu_time_iowait_ms: Optional[float]` Time spent wait for I/O to complete (milliseconds) - `cpu_time_irq_ms: Optional[float]` Time spent servicing interrupts (milliseconds) - `cpu_time_nice_ms: Optional[float]` Time spent in low-priority user mode (milliseconds) - `cpu_time_softirq_ms: Optional[float]` Time spent servicing softirqs (milliseconds) - `cpu_time_steal_ms: Optional[float]` Time stolen (milliseconds) - `cpu_time_system_ms: Optional[float]` Time spent in system mode (milliseconds) - `cpu_time_user_ms: Optional[float]` Time spent in user mode (milliseconds) - `delta: Optional[float]` Number of network operations applied during state transition - `dhcp_leases: Optional[List[ItemDHCPLease]]` - `client_id: str` Client ID of the device the IP Address was leased to - `expiry_time: float` Expiry time of the DHCP lease (seconds since the Unix epoch) - `hostname: str` Hostname of the device the IP Address was leased to - `interface_name: str` Name of the network interface - `ip_address: str` IP Address that was leased - `mac_address: str` MAC Address of the device the IP Address was leased to - `disks: Optional[List[ItemDisk]]` - `in_progress: float` I/Os currently in progress - `major: float` Device major number - `merged: float` Reads merged - `minor: float` Device minor number - `name: str` Device name - `reads: float` Reads completed successfully - `sectors_read: float` Sectors read successfully - `sectors_written: float` Sectors written successfully - `time_in_progress_ms: float` Time spent doing I/Os (milliseconds) - `time_reading_ms: float` Time spent reading (milliseconds) - `time_writing_ms: float` Time spent writing (milliseconds) - `weighted_time_in_progress_ms: float` Weighted time spent doing I/Os (milliseconds) - `writes: float` Writes completed - `writes_merged: float` Writes merged - `discards: Optional[float]` Discards completed successfully - `discards_merged: Optional[float]` Discards merged - `flushes: Optional[float]` Flushes completed successfully - `sectors_discarded: Optional[float]` Sectors discarded - `time_discarding_ms: Optional[float]` Time spent discarding (milliseconds) - `time_flushing_ms: Optional[float]` Time spent flushing (milliseconds) - `epsilon: Optional[float]` Simulated number of network operations applied during state transition - `ha_state: Optional[str]` Name of high availability state - `ha_value: Optional[float]` Numeric value associated with high availability state (0 = disabled, 1 = active, 2 = standby, 3 = stopped, 4 = fault) - `interfaces: Optional[List[ItemInterface]]` - `name: str` Name of the network interface - `operstate: str` UP/DOWN state of the network interface - `ip_addresses: Optional[List[ItemInterfaceIPAddress]]` - `interface_name: str` Name of the network interface - `ip_address: str` IP address of the network interface - `speed: Optional[float]` Speed of the network interface (bits per second) - `io_pressure_full_10s: Optional[float]` Percentage of time over a 10 second window that all tasks were stalled - `io_pressure_full_300s: Optional[float]` Percentage of time over a 5 minute window that all tasks were stalled - `io_pressure_full_60s: Optional[float]` Percentage of time over a 1 minute window that all tasks were stalled - `io_pressure_full_total_us: Optional[float]` Total stall time (microseconds) - `io_pressure_some_10s: Optional[float]` Percentage of time over a 10 second window that some tasks were stalled - `io_pressure_some_300s: Optional[float]` Percentage of time over a 3 minute window that some tasks were stalled - `io_pressure_some_60s: Optional[float]` Percentage of time over a 1 minute window that some tasks were stalled - `io_pressure_some_total_us: Optional[float]` Total stall time (microseconds) - `kernel_btime: Optional[float]` Boot time (seconds since Unix epoch) - `kernel_ctxt: Optional[float]` Number of context switches that the system underwent - `kernel_processes: Optional[float]` Number of forks since boot - `kernel_processes_blocked: Optional[float]` Number of processes blocked waiting for I/O - `kernel_processes_running: Optional[float]` Number of processes in runnable state - `load_average_15m: Optional[float]` The fifteen-minute load average - `load_average_1m: Optional[float]` The one-minute load average - `load_average_5m: Optional[float]` The five-minute load average - `load_average_cur: Optional[float]` Number of currently runnable kernel scheduling entities - `load_average_max: Optional[float]` Number of kernel scheduling entities that currently exist on the system - `memory_active_bytes: Optional[float]` Memory that has been used more recently - `memory_anon_hugepages_bytes: Optional[float]` Non-file backed huge pages mapped into user-space page tables - `memory_anon_pages_bytes: Optional[float]` Non-file backed pages mapped into user-space page tables - `memory_available_bytes: Optional[float]` Estimate of how much memory is available for starting new applications - `memory_bounce_bytes: Optional[float]` Memory used for block device bounce buffers - `memory_buffers_bytes: Optional[float]` Relatively temporary storage for raw disk blocks - `memory_cached_bytes: Optional[float]` In-memory cache for files read from the disk - `memory_cma_free_bytes: Optional[float]` Free CMA (Contiguous Memory Allocator) pages - `memory_cma_total_bytes: Optional[float]` Total CMA (Contiguous Memory Allocator) pages - `memory_commit_limit_bytes: Optional[float]` Total amount of memory currently available to be allocated on the system - `memory_committed_as_bytes: Optional[float]` Amount of memory presently allocated on the system - `memory_dirty_bytes: Optional[float]` Memory which is waiting to get written back to the disk - `memory_free_bytes: Optional[float]` The sum of LowFree and HighFree - `memory_high_free_bytes: Optional[float]` Amount of free highmem - `memory_high_total_bytes: Optional[float]` Total amount of highmem - `memory_hugepages_free: Optional[float]` The number of huge pages in the pool that are not yet allocated - `memory_hugepages_rsvd: Optional[float]` Number of huge pages for which a commitment has been made, but no allocation has yet been made - `memory_hugepages_surp: Optional[float]` Number of huge pages in the pool above the threshold - `memory_hugepages_total: Optional[float]` The size of the pool of huge pages - `memory_hugepagesize_bytes: Optional[float]` The size of huge pages - `memory_inactive_bytes: Optional[float]` Memory which has been less recently used - `memory_k_reclaimable_bytes: Optional[float]` Kernel allocations that the kernel will attempt to reclaim under memory pressure - `memory_kernel_stack_bytes: Optional[float]` Amount of memory allocated to kernel stacks - `memory_low_free_bytes: Optional[float]` Amount of free lowmem - `memory_low_total_bytes: Optional[float]` Total amount of lowmem - `memory_mapped_bytes: Optional[float]` Files which have been mapped into memory - `memory_page_tables_bytes: Optional[float]` Amount of memory dedicated to the lowest level of page tables - `memory_per_cpu_bytes: Optional[float]` Memory allocated to the per-cpu alloctor used to back per-cpu allocations - `memory_pressure_full_10s: Optional[float]` Percentage of time over a 10 second window that all tasks were stalled - `memory_pressure_full_300s: Optional[float]` Percentage of time over a 5 minute window that all tasks were stalled - `memory_pressure_full_60s: Optional[float]` Percentage of time over a 1 minute window that all tasks were stalled - `memory_pressure_full_total_us: Optional[float]` Total stall time (microseconds) - `memory_pressure_some_10s: Optional[float]` Percentage of time over a 10 second window that some tasks were stalled - `memory_pressure_some_300s: Optional[float]` Percentage of time over a 5 minute window that some tasks were stalled - `memory_pressure_some_60s: Optional[float]` Percentage of time over a 1 minute window that some tasks were stalled - `memory_pressure_some_total_us: Optional[float]` Total stall time (microseconds) - `memory_s_reclaimable_bytes: Optional[float]` Part of slab that can be reclaimed on memory pressure - `memory_s_unreclaim_bytes: Optional[float]` Part of slab that cannot be reclaimed on memory pressure - `memory_secondary_page_tables_bytes: Optional[float]` Amount of memory dedicated to the lowest level of page tables - `memory_shmem_bytes: Optional[float]` Amount of memory consumed by tmpfs - `memory_shmem_hugepages_bytes: Optional[float]` Memory used by shmem and tmpfs, allocated with huge pages - `memory_shmem_pmd_mapped_bytes: Optional[float]` Shared memory mapped into user space with huge pages - `memory_slab_bytes: Optional[float]` In-kernel data structures cache - `memory_swap_cached_bytes: Optional[float]` Memory swapped out and back in while still in swap file - `memory_swap_free_bytes: Optional[float]` Amount of swap space that is currently unused - `memory_swap_total_bytes: Optional[float]` Total amount of swap space available - `memory_total_bytes: Optional[float]` Total usable RAM - `memory_vmalloc_chunk_bytes: Optional[float]` Largest contiguous block of vmalloc area which is free - `memory_vmalloc_total_bytes: Optional[float]` Total size of vmalloc memory area - `memory_vmalloc_used_bytes: Optional[float]` Amount of vmalloc area which is used - `memory_writeback_bytes: Optional[float]` Memory which is actively being written back to the disk - `memory_writeback_tmp_bytes: Optional[float]` Memory used by FUSE for temporary writeback buffers - `memory_z_swap_bytes: Optional[float]` Memory consumed by the zswap backend, compressed - `memory_z_swapped_bytes: Optional[float]` Amount of anonymous memory stored in zswap, uncompressed - `mounts: Optional[List[ItemMount]]` - `file_system: str` File system on disk (EXT4, NTFS, etc.) - `kind: str` Kind of disk (HDD, SSD, etc.) - `mount_point: str` Path where disk is mounted - `name: str` Name of the disk mount - `available_bytes: Optional[float]` Available disk size (bytes) - `is_read_only: Optional[bool]` Determines whether the disk is read-only - `is_removable: Optional[bool]` Determines whether the disk is removable - `total_bytes: Optional[float]` Total disk size (bytes) - `netdevs: Optional[List[ItemNetdev]]` - `name: str` Name of the network device - `recv_bytes: float` Total bytes received - `recv_compressed: float` Compressed packets received - `recv_drop: float` Packets dropped - `recv_errs: float` Bad packets received - `recv_fifo: float` FIFO overruns - `recv_frame: float` Frame alignment errors - `recv_multicast: float` Multicast packets received - `recv_packets: float` Total packets received - `sent_bytes: float` Total bytes transmitted - `sent_carrier: float` Number of packets not sent due to carrier errors - `sent_colls: float` Number of collisions - `sent_compressed: float` Number of compressed packets transmitted - `sent_drop: float` Number of packets dropped during transmission - `sent_errs: float` Number of transmission errors - `sent_fifo: float` FIFO overruns - `sent_packets: float` Total packets transmitted - `snmp_icmp_in_addr_mask_reps: Optional[float]` Number of ICMP Address Mask Reply messages received - `snmp_icmp_in_addr_masks: Optional[float]` Number of ICMP Address Mask Request messages received - `snmp_icmp_in_csum_errors: Optional[float]` Number of ICMP messages received with bad checksums - `snmp_icmp_in_dest_unreachs: Optional[float]` Number of ICMP Destination Unreachable messages received - `snmp_icmp_in_echo_reps: Optional[float]` Number of ICMP Echo Reply messages received - `snmp_icmp_in_echos: Optional[float]` Number of ICMP Echo (request) messages received - `snmp_icmp_in_errors: Optional[float]` Number of ICMP messages received with ICMP-specific errors - `snmp_icmp_in_msgs: Optional[float]` Number of ICMP messages received - `snmp_icmp_in_parm_probs: Optional[float]` Number of ICMP Parameter Problem messages received - `snmp_icmp_in_redirects: Optional[float]` Number of ICMP Redirect messages received - `snmp_icmp_in_src_quenchs: Optional[float]` Number of ICMP Source Quench messages received - `snmp_icmp_in_time_excds: Optional[float]` Number of ICMP Time Exceeded messages received - `snmp_icmp_in_timestamp_reps: Optional[float]` Number of ICMP Address Mask Request messages received - `snmp_icmp_in_timestamps: Optional[float]` Number of ICMP Timestamp (request) messages received - `snmp_icmp_out_addr_mask_reps: Optional[float]` Number of ICMP Address Mask Reply messages sent - `snmp_icmp_out_addr_masks: Optional[float]` Number of ICMP Address Mask Request messages sent - `snmp_icmp_out_dest_unreachs: Optional[float]` Number of ICMP Destination Unreachable messages sent - `snmp_icmp_out_echo_reps: Optional[float]` Number of ICMP Echo Reply messages sent - `snmp_icmp_out_echos: Optional[float]` Number of ICMP Echo (request) messages sent - `snmp_icmp_out_errors: Optional[float]` Number of ICMP messages which this entity did not send due to ICMP-specific errors - `snmp_icmp_out_msgs: Optional[float]` Number of ICMP messages attempted to send - `snmp_icmp_out_parm_probs: Optional[float]` Number of ICMP Parameter Problem messages sent - `snmp_icmp_out_redirects: Optional[float]` Number of ICMP Redirect messages sent - `snmp_icmp_out_src_quenchs: Optional[float]` Number of ICMP Source Quench messages sent - `snmp_icmp_out_time_excds: Optional[float]` Number of ICMP Time Exceeded messages sent - `snmp_icmp_out_timestamp_reps: Optional[float]` Number of ICMP Timestamp Reply messages sent - `snmp_icmp_out_timestamps: Optional[float]` Number of ICMP Timestamp (request) messages sent - `snmp_ip_default_ttl: Optional[float]` Default value of the Time-To-Live field of the IP header - `snmp_ip_forw_datagrams: Optional[float]` Number of datagrams forwarded to their final destination - `snmp_ip_forwarding_enabled: Optional[bool]` Set when acting as an IP gateway - `snmp_ip_frag_creates: Optional[float]` Number of datagrams generated by fragmentation - `snmp_ip_frag_fails: Optional[float]` Number of datagrams discarded because fragmentation failed - `snmp_ip_frag_oks: Optional[float]` Number of datagrams successfully fragmented - `snmp_ip_in_addr_errors: Optional[float]` Number of input datagrams discarded due to errors in the IP address - `snmp_ip_in_delivers: Optional[float]` Number of input datagrams successfully delivered to IP user-protocols - `snmp_ip_in_discards: Optional[float]` Number of input datagrams otherwise discarded - `snmp_ip_in_hdr_errors: Optional[float]` Number of input datagrams discarded due to errors in the IP header - `snmp_ip_in_receives: Optional[float]` Number of input datagrams received from interfaces - `snmp_ip_in_unknown_protos: Optional[float]` Number of input datagrams discarded due unknown or unsupported protocol - `snmp_ip_out_discards: Optional[float]` Number of output datagrams otherwise discarded - `snmp_ip_out_no_routes: Optional[float]` Number of output datagrams discarded because no route matched - `snmp_ip_out_requests: Optional[float]` Number of datagrams supplied for transmission - `snmp_ip_reasm_fails: Optional[float]` Number of failures detected by the reassembly algorithm - `snmp_ip_reasm_oks: Optional[float]` Number of datagrams successfully reassembled - `snmp_ip_reasm_reqds: Optional[float]` Number of fragments received which needed to be reassembled - `snmp_ip_reasm_timeout: Optional[float]` Number of seconds fragments are held while awaiting reassembly - `snmp_tcp_active_opens: Optional[float]` Number of times TCP transitions to SYN-SENT from CLOSED - `snmp_tcp_attempt_fails: Optional[float]` Number of times TCP transitions to CLOSED from SYN-SENT or SYN-RCVD, plus transitions to LISTEN from SYN-RCVD - `snmp_tcp_curr_estab: Optional[float]` Number of TCP connections in ESTABLISHED or CLOSE-WAIT - `snmp_tcp_estab_resets: Optional[float]` Number of times TCP transitions to CLOSED from ESTABLISHED or CLOSE-WAIT - `snmp_tcp_in_csum_errors: Optional[float]` Number of TCP segments received with checksum errors - `snmp_tcp_in_errs: Optional[float]` Number of TCP segments received in error - `snmp_tcp_in_segs: Optional[float]` Number of TCP segments received - `snmp_tcp_max_conn: Optional[float]` Limit on the total number of TCP connections - `snmp_tcp_out_rsts: Optional[float]` Number of TCP segments sent with RST flag - `snmp_tcp_out_segs: Optional[float]` Number of TCP segments sent - `snmp_tcp_passive_opens: Optional[float]` Number of times TCP transitions to SYN-RCVD from LISTEN - `snmp_tcp_retrans_segs: Optional[float]` Number of TCP segments retransmitted - `snmp_tcp_rto_max: Optional[float]` Maximum value permitted by a TCP implementation for the retransmission timeout (milliseconds) - `snmp_tcp_rto_min: Optional[float]` Minimum value permitted by a TCP implementation for the retransmission timeout (milliseconds) - `snmp_udp_in_datagrams: Optional[float]` Number of UDP datagrams delivered to UDP applications - `snmp_udp_in_errors: Optional[float]` Number of UDP datagrams failed to be delivered for reasons other than lack of application at the destination port - `snmp_udp_no_ports: Optional[float]` Number of UDP datagrams received for which there was not application at the destination port - `snmp_udp_out_datagrams: Optional[float]` Number of UDP datagrams sent - `system_boot_time_s: Optional[float]` Boottime of the system (seconds since the Unix epoch) - `thermals: Optional[List[ItemThermal]]` - `label: str` Sensor identifier for the component - `critical_celcius: Optional[float]` Critical failure temperature of the component (degrees Celsius) - `current_celcius: Optional[float]` Current temperature of the component (degrees Celsius) - `max_celcius: Optional[float]` Maximum temperature of the component (degrees Celsius) - `tunnels: Optional[List[ItemTunnel]]` - `health_state: str` Name of tunnel health state (unknown, healthy, degraded, down) - `health_value: float` Numeric value associated with tunnel state (0 = unknown, 1 = healthy, 2 = degraded, 3 = down) - `interface_name: str` The tunnel interface name (i.e. xfrm1, xfrm3.99, etc.) - `tunnel_id: str` Tunnel identifier - `probed_mtu: Optional[float]` MTU as measured between the two ends of the tunnel - `recent_healthy_pings: Optional[float]` Number of recent healthy pings for this tunnel - `recent_unhealthy_pings: Optional[float]` Number of recent unhealthy pings for this tunnel - `uptime_idle_ms: Optional[float]` Sum of how much time each core has spent idle - `uptime_total_ms: Optional[float]` Uptime of the system, including time spent in suspend ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) latests = client.magic_transit.connectors.snapshots.latest.list( connector_id="connector_id", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(latests.count) ``` #### Response ```json { "result": { "count": 0, "items": [ { "count_reclaim_failures": 0, "count_reclaimed_paths": 0, "count_record_failed": 0, "count_transmit_failures": 0, "t": 0, "v": "v", "bonds": [ { "name": "name", "status": "status" } ], "cpu_count": 0, "cpu_pressure_10s": 0, "cpu_pressure_300s": 0, "cpu_pressure_60s": 0, "cpu_pressure_total_us": 0, "cpu_time_guest_ms": 0, "cpu_time_guest_nice_ms": 0, "cpu_time_idle_ms": 0, "cpu_time_iowait_ms": 0, "cpu_time_irq_ms": 0, "cpu_time_nice_ms": 0, "cpu_time_softirq_ms": 0, "cpu_time_steal_ms": 0, "cpu_time_system_ms": 0, "cpu_time_user_ms": 0, "delta": 0, "dhcp_leases": [ { "client_id": "client_id", "expiry_time": 0, "hostname": "hostname", "interface_name": "interface_name", "ip_address": "ip_address", "mac_address": "mac_address" } ], "disks": [ { "in_progress": 0, "major": 0, "merged": 0, "minor": 0, "name": "name", "reads": 0, "sectors_read": 0, "sectors_written": 0, "time_in_progress_ms": 0, "time_reading_ms": 0, "time_writing_ms": 0, "weighted_time_in_progress_ms": 0, "writes": 0, "writes_merged": 0, "discards": 0, "discards_merged": 0, "flushes": 0, "sectors_discarded": 0, "time_discarding_ms": 0, "time_flushing_ms": 0 } ], "epsilon": 0, "ha_state": "ha_state", "ha_value": 0, "interfaces": [ { "name": "name", "operstate": "operstate", "ip_addresses": [ { "interface_name": "interface_name", "ip_address": "ip_address" } ], "speed": 0 } ], "io_pressure_full_10s": 0, "io_pressure_full_300s": 0, "io_pressure_full_60s": 0, "io_pressure_full_total_us": 0, "io_pressure_some_10s": 0, "io_pressure_some_300s": 0, "io_pressure_some_60s": 0, "io_pressure_some_total_us": 0, "kernel_btime": 0, "kernel_ctxt": 0, "kernel_processes": 0, "kernel_processes_blocked": 0, "kernel_processes_running": 0, "load_average_15m": 0, "load_average_1m": 0, "load_average_5m": 0, "load_average_cur": 0, "load_average_max": 0, "memory_active_bytes": 0, "memory_anon_hugepages_bytes": 0, "memory_anon_pages_bytes": 0, "memory_available_bytes": 0, "memory_bounce_bytes": 0, "memory_buffers_bytes": 0, "memory_cached_bytes": 0, "memory_cma_free_bytes": 0, "memory_cma_total_bytes": 0, "memory_commit_limit_bytes": 0, "memory_committed_as_bytes": 0, "memory_dirty_bytes": 0, "memory_free_bytes": 0, "memory_high_free_bytes": 0, "memory_high_total_bytes": 0, "memory_hugepages_free": 0, "memory_hugepages_rsvd": 0, "memory_hugepages_surp": 0, "memory_hugepages_total": 0, "memory_hugepagesize_bytes": 0, "memory_inactive_bytes": 0, "memory_k_reclaimable_bytes": 0, "memory_kernel_stack_bytes": 0, "memory_low_free_bytes": 0, "memory_low_total_bytes": 0, "memory_mapped_bytes": 0, "memory_page_tables_bytes": 0, "memory_per_cpu_bytes": 0, "memory_pressure_full_10s": 0, "memory_pressure_full_300s": 0, "memory_pressure_full_60s": 0, "memory_pressure_full_total_us": 0, "memory_pressure_some_10s": 0, "memory_pressure_some_300s": 0, "memory_pressure_some_60s": 0, "memory_pressure_some_total_us": 0, "memory_s_reclaimable_bytes": 0, "memory_s_unreclaim_bytes": 0, "memory_secondary_page_tables_bytes": 0, "memory_shmem_bytes": 0, "memory_shmem_hugepages_bytes": 0, "memory_shmem_pmd_mapped_bytes": 0, "memory_slab_bytes": 0, "memory_swap_cached_bytes": 0, "memory_swap_free_bytes": 0, "memory_swap_total_bytes": 0, "memory_total_bytes": 0, "memory_vmalloc_chunk_bytes": 0, "memory_vmalloc_total_bytes": 0, "memory_vmalloc_used_bytes": 0, "memory_writeback_bytes": 0, "memory_writeback_tmp_bytes": 0, "memory_z_swap_bytes": 0, "memory_z_swapped_bytes": 0, "mounts": [ { "file_system": "file_system", "kind": "kind", "mount_point": "mount_point", "name": "name", "available_bytes": 0, "is_read_only": true, "is_removable": true, "total_bytes": 0 } ], "netdevs": [ { "name": "name", "recv_bytes": 0, "recv_compressed": 0, "recv_drop": 0, "recv_errs": 0, "recv_fifo": 0, "recv_frame": 0, "recv_multicast": 0, "recv_packets": 0, "sent_bytes": 0, "sent_carrier": 0, "sent_colls": 0, "sent_compressed": 0, "sent_drop": 0, "sent_errs": 0, "sent_fifo": 0, "sent_packets": 0 } ], "snmp_icmp_in_addr_mask_reps": 0, "snmp_icmp_in_addr_masks": 0, "snmp_icmp_in_csum_errors": 0, "snmp_icmp_in_dest_unreachs": 0, "snmp_icmp_in_echo_reps": 0, "snmp_icmp_in_echos": 0, "snmp_icmp_in_errors": 0, "snmp_icmp_in_msgs": 0, "snmp_icmp_in_parm_probs": 0, "snmp_icmp_in_redirects": 0, "snmp_icmp_in_src_quenchs": 0, "snmp_icmp_in_time_excds": 0, "snmp_icmp_in_timestamp_reps": 0, "snmp_icmp_in_timestamps": 0, "snmp_icmp_out_addr_mask_reps": 0, "snmp_icmp_out_addr_masks": 0, "snmp_icmp_out_dest_unreachs": 0, "snmp_icmp_out_echo_reps": 0, "snmp_icmp_out_echos": 0, "snmp_icmp_out_errors": 0, "snmp_icmp_out_msgs": 0, "snmp_icmp_out_parm_probs": 0, "snmp_icmp_out_redirects": 0, "snmp_icmp_out_src_quenchs": 0, "snmp_icmp_out_time_excds": 0, "snmp_icmp_out_timestamp_reps": 0, "snmp_icmp_out_timestamps": 0, "snmp_ip_default_ttl": 0, "snmp_ip_forw_datagrams": 0, "snmp_ip_forwarding_enabled": true, "snmp_ip_frag_creates": 0, "snmp_ip_frag_fails": 0, "snmp_ip_frag_oks": 0, "snmp_ip_in_addr_errors": 0, "snmp_ip_in_delivers": 0, "snmp_ip_in_discards": 0, "snmp_ip_in_hdr_errors": 0, "snmp_ip_in_receives": 0, "snmp_ip_in_unknown_protos": 0, "snmp_ip_out_discards": 0, "snmp_ip_out_no_routes": 0, "snmp_ip_out_requests": 0, "snmp_ip_reasm_fails": 0, "snmp_ip_reasm_oks": 0, "snmp_ip_reasm_reqds": 0, "snmp_ip_reasm_timeout": 0, "snmp_tcp_active_opens": 0, "snmp_tcp_attempt_fails": 0, "snmp_tcp_curr_estab": 0, "snmp_tcp_estab_resets": 0, "snmp_tcp_in_csum_errors": 0, "snmp_tcp_in_errs": 0, "snmp_tcp_in_segs": 0, "snmp_tcp_max_conn": 0, "snmp_tcp_out_rsts": 0, "snmp_tcp_out_segs": 0, "snmp_tcp_passive_opens": 0, "snmp_tcp_retrans_segs": 0, "snmp_tcp_rto_max": 0, "snmp_tcp_rto_min": 0, "snmp_udp_in_datagrams": 0, "snmp_udp_in_errors": 0, "snmp_udp_no_ports": 0, "snmp_udp_out_datagrams": 0, "system_boot_time_s": 0, "thermals": [ { "label": "label", "critical_celcius": 0, "current_celcius": 0, "max_celcius": 0 } ], "tunnels": [ { "health_state": "health_state", "health_value": 0, "interface_name": "interface_name", "tunnel_id": "tunnel_id", "probed_mtu": 0, "recent_healthy_pings": 0, "recent_unhealthy_pings": 0 } ], "uptime_idle_ms": 0, "uptime_total_ms": 0 } ] }, "success": true, "errors": [ { "code": 0, "message": "message" } ], "messages": [ { "code": 0, "message": "message" } ] } ``` ## Domain Types ### Latest List Response - `class LatestListResponse: …` - `count: float` - `items: List[Item]` - `count_reclaim_failures: float` Count of failures to reclaim space - `count_reclaimed_paths: float` Count of reclaimed paths - `count_record_failed: float` Count of failed snapshot recordings - `count_transmit_failures: float` Count of failed snapshot transmissions - `t: float` Time the Snapshot was recorded (seconds since the Unix epoch) - `v: str` Version - `bonds: Optional[List[ItemBond]]` - `name: str` Name of the network interface - `status: str` Current status of the network interface - `cpu_count: Optional[float]` Count of processors/cores - `cpu_pressure_10s: Optional[float]` Percentage of time over a 10 second window that tasks were stalled - `cpu_pressure_300s: Optional[float]` Percentage of time over a 5 minute window that tasks were stalled - `cpu_pressure_60s: Optional[float]` Percentage of time over a 1 minute window that tasks were stalled - `cpu_pressure_total_us: Optional[float]` Total stall time (microseconds) - `cpu_time_guest_ms: Optional[float]` Time spent running a virtual CPU or guest OS (milliseconds) - `cpu_time_guest_nice_ms: Optional[float]` Time spent running a niced guest (milliseconds) - `cpu_time_idle_ms: Optional[float]` Time spent in idle state (milliseconds) - `cpu_time_iowait_ms: Optional[float]` Time spent wait for I/O to complete (milliseconds) - `cpu_time_irq_ms: Optional[float]` Time spent servicing interrupts (milliseconds) - `cpu_time_nice_ms: Optional[float]` Time spent in low-priority user mode (milliseconds) - `cpu_time_softirq_ms: Optional[float]` Time spent servicing softirqs (milliseconds) - `cpu_time_steal_ms: Optional[float]` Time stolen (milliseconds) - `cpu_time_system_ms: Optional[float]` Time spent in system mode (milliseconds) - `cpu_time_user_ms: Optional[float]` Time spent in user mode (milliseconds) - `delta: Optional[float]` Number of network operations applied during state transition - `dhcp_leases: Optional[List[ItemDHCPLease]]` - `client_id: str` Client ID of the device the IP Address was leased to - `expiry_time: float` Expiry time of the DHCP lease (seconds since the Unix epoch) - `hostname: str` Hostname of the device the IP Address was leased to - `interface_name: str` Name of the network interface - `ip_address: str` IP Address that was leased - `mac_address: str` MAC Address of the device the IP Address was leased to - `disks: Optional[List[ItemDisk]]` - `in_progress: float` I/Os currently in progress - `major: float` Device major number - `merged: float` Reads merged - `minor: float` Device minor number - `name: str` Device name - `reads: float` Reads completed successfully - `sectors_read: float` Sectors read successfully - `sectors_written: float` Sectors written successfully - `time_in_progress_ms: float` Time spent doing I/Os (milliseconds) - `time_reading_ms: float` Time spent reading (milliseconds) - `time_writing_ms: float` Time spent writing (milliseconds) - `weighted_time_in_progress_ms: float` Weighted time spent doing I/Os (milliseconds) - `writes: float` Writes completed - `writes_merged: float` Writes merged - `discards: Optional[float]` Discards completed successfully - `discards_merged: Optional[float]` Discards merged - `flushes: Optional[float]` Flushes completed successfully - `sectors_discarded: Optional[float]` Sectors discarded - `time_discarding_ms: Optional[float]` Time spent discarding (milliseconds) - `time_flushing_ms: Optional[float]` Time spent flushing (milliseconds) - `epsilon: Optional[float]` Simulated number of network operations applied during state transition - `ha_state: Optional[str]` Name of high availability state - `ha_value: Optional[float]` Numeric value associated with high availability state (0 = disabled, 1 = active, 2 = standby, 3 = stopped, 4 = fault) - `interfaces: Optional[List[ItemInterface]]` - `name: str` Name of the network interface - `operstate: str` UP/DOWN state of the network interface - `ip_addresses: Optional[List[ItemInterfaceIPAddress]]` - `interface_name: str` Name of the network interface - `ip_address: str` IP address of the network interface - `speed: Optional[float]` Speed of the network interface (bits per second) - `io_pressure_full_10s: Optional[float]` Percentage of time over a 10 second window that all tasks were stalled - `io_pressure_full_300s: Optional[float]` Percentage of time over a 5 minute window that all tasks were stalled - `io_pressure_full_60s: Optional[float]` Percentage of time over a 1 minute window that all tasks were stalled - `io_pressure_full_total_us: Optional[float]` Total stall time (microseconds) - `io_pressure_some_10s: Optional[float]` Percentage of time over a 10 second window that some tasks were stalled - `io_pressure_some_300s: Optional[float]` Percentage of time over a 3 minute window that some tasks were stalled - `io_pressure_some_60s: Optional[float]` Percentage of time over a 1 minute window that some tasks were stalled - `io_pressure_some_total_us: Optional[float]` Total stall time (microseconds) - `kernel_btime: Optional[float]` Boot time (seconds since Unix epoch) - `kernel_ctxt: Optional[float]` Number of context switches that the system underwent - `kernel_processes: Optional[float]` Number of forks since boot - `kernel_processes_blocked: Optional[float]` Number of processes blocked waiting for I/O - `kernel_processes_running: Optional[float]` Number of processes in runnable state - `load_average_15m: Optional[float]` The fifteen-minute load average - `load_average_1m: Optional[float]` The one-minute load average - `load_average_5m: Optional[float]` The five-minute load average - `load_average_cur: Optional[float]` Number of currently runnable kernel scheduling entities - `load_average_max: Optional[float]` Number of kernel scheduling entities that currently exist on the system - `memory_active_bytes: Optional[float]` Memory that has been used more recently - `memory_anon_hugepages_bytes: Optional[float]` Non-file backed huge pages mapped into user-space page tables - `memory_anon_pages_bytes: Optional[float]` Non-file backed pages mapped into user-space page tables - `memory_available_bytes: Optional[float]` Estimate of how much memory is available for starting new applications - `memory_bounce_bytes: Optional[float]` Memory used for block device bounce buffers - `memory_buffers_bytes: Optional[float]` Relatively temporary storage for raw disk blocks - `memory_cached_bytes: Optional[float]` In-memory cache for files read from the disk - `memory_cma_free_bytes: Optional[float]` Free CMA (Contiguous Memory Allocator) pages - `memory_cma_total_bytes: Optional[float]` Total CMA (Contiguous Memory Allocator) pages - `memory_commit_limit_bytes: Optional[float]` Total amount of memory currently available to be allocated on the system - `memory_committed_as_bytes: Optional[float]` Amount of memory presently allocated on the system - `memory_dirty_bytes: Optional[float]` Memory which is waiting to get written back to the disk - `memory_free_bytes: Optional[float]` The sum of LowFree and HighFree - `memory_high_free_bytes: Optional[float]` Amount of free highmem - `memory_high_total_bytes: Optional[float]` Total amount of highmem - `memory_hugepages_free: Optional[float]` The number of huge pages in the pool that are not yet allocated - `memory_hugepages_rsvd: Optional[float]` Number of huge pages for which a commitment has been made, but no allocation has yet been made - `memory_hugepages_surp: Optional[float]` Number of huge pages in the pool above the threshold - `memory_hugepages_total: Optional[float]` The size of the pool of huge pages - `memory_hugepagesize_bytes: Optional[float]` The size of huge pages - `memory_inactive_bytes: Optional[float]` Memory which has been less recently used - `memory_k_reclaimable_bytes: Optional[float]` Kernel allocations that the kernel will attempt to reclaim under memory pressure - `memory_kernel_stack_bytes: Optional[float]` Amount of memory allocated to kernel stacks - `memory_low_free_bytes: Optional[float]` Amount of free lowmem - `memory_low_total_bytes: Optional[float]` Total amount of lowmem - `memory_mapped_bytes: Optional[float]` Files which have been mapped into memory - `memory_page_tables_bytes: Optional[float]` Amount of memory dedicated to the lowest level of page tables - `memory_per_cpu_bytes: Optional[float]` Memory allocated to the per-cpu alloctor used to back per-cpu allocations - `memory_pressure_full_10s: Optional[float]` Percentage of time over a 10 second window that all tasks were stalled - `memory_pressure_full_300s: Optional[float]` Percentage of time over a 5 minute window that all tasks were stalled - `memory_pressure_full_60s: Optional[float]` Percentage of time over a 1 minute window that all tasks were stalled - `memory_pressure_full_total_us: Optional[float]` Total stall time (microseconds) - `memory_pressure_some_10s: Optional[float]` Percentage of time over a 10 second window that some tasks were stalled - `memory_pressure_some_300s: Optional[float]` Percentage of time over a 5 minute window that some tasks were stalled - `memory_pressure_some_60s: Optional[float]` Percentage of time over a 1 minute window that some tasks were stalled - `memory_pressure_some_total_us: Optional[float]` Total stall time (microseconds) - `memory_s_reclaimable_bytes: Optional[float]` Part of slab that can be reclaimed on memory pressure - `memory_s_unreclaim_bytes: Optional[float]` Part of slab that cannot be reclaimed on memory pressure - `memory_secondary_page_tables_bytes: Optional[float]` Amount of memory dedicated to the lowest level of page tables - `memory_shmem_bytes: Optional[float]` Amount of memory consumed by tmpfs - `memory_shmem_hugepages_bytes: Optional[float]` Memory used by shmem and tmpfs, allocated with huge pages - `memory_shmem_pmd_mapped_bytes: Optional[float]` Shared memory mapped into user space with huge pages - `memory_slab_bytes: Optional[float]` In-kernel data structures cache - `memory_swap_cached_bytes: Optional[float]` Memory swapped out and back in while still in swap file - `memory_swap_free_bytes: Optional[float]` Amount of swap space that is currently unused - `memory_swap_total_bytes: Optional[float]` Total amount of swap space available - `memory_total_bytes: Optional[float]` Total usable RAM - `memory_vmalloc_chunk_bytes: Optional[float]` Largest contiguous block of vmalloc area which is free - `memory_vmalloc_total_bytes: Optional[float]` Total size of vmalloc memory area - `memory_vmalloc_used_bytes: Optional[float]` Amount of vmalloc area which is used - `memory_writeback_bytes: Optional[float]` Memory which is actively being written back to the disk - `memory_writeback_tmp_bytes: Optional[float]` Memory used by FUSE for temporary writeback buffers - `memory_z_swap_bytes: Optional[float]` Memory consumed by the zswap backend, compressed - `memory_z_swapped_bytes: Optional[float]` Amount of anonymous memory stored in zswap, uncompressed - `mounts: Optional[List[ItemMount]]` - `file_system: str` File system on disk (EXT4, NTFS, etc.) - `kind: str` Kind of disk (HDD, SSD, etc.) - `mount_point: str` Path where disk is mounted - `name: str` Name of the disk mount - `available_bytes: Optional[float]` Available disk size (bytes) - `is_read_only: Optional[bool]` Determines whether the disk is read-only - `is_removable: Optional[bool]` Determines whether the disk is removable - `total_bytes: Optional[float]` Total disk size (bytes) - `netdevs: Optional[List[ItemNetdev]]` - `name: str` Name of the network device - `recv_bytes: float` Total bytes received - `recv_compressed: float` Compressed packets received - `recv_drop: float` Packets dropped - `recv_errs: float` Bad packets received - `recv_fifo: float` FIFO overruns - `recv_frame: float` Frame alignment errors - `recv_multicast: float` Multicast packets received - `recv_packets: float` Total packets received - `sent_bytes: float` Total bytes transmitted - `sent_carrier: float` Number of packets not sent due to carrier errors - `sent_colls: float` Number of collisions - `sent_compressed: float` Number of compressed packets transmitted - `sent_drop: float` Number of packets dropped during transmission - `sent_errs: float` Number of transmission errors - `sent_fifo: float` FIFO overruns - `sent_packets: float` Total packets transmitted - `snmp_icmp_in_addr_mask_reps: Optional[float]` Number of ICMP Address Mask Reply messages received - `snmp_icmp_in_addr_masks: Optional[float]` Number of ICMP Address Mask Request messages received - `snmp_icmp_in_csum_errors: Optional[float]` Number of ICMP messages received with bad checksums - `snmp_icmp_in_dest_unreachs: Optional[float]` Number of ICMP Destination Unreachable messages received - `snmp_icmp_in_echo_reps: Optional[float]` Number of ICMP Echo Reply messages received - `snmp_icmp_in_echos: Optional[float]` Number of ICMP Echo (request) messages received - `snmp_icmp_in_errors: Optional[float]` Number of ICMP messages received with ICMP-specific errors - `snmp_icmp_in_msgs: Optional[float]` Number of ICMP messages received - `snmp_icmp_in_parm_probs: Optional[float]` Number of ICMP Parameter Problem messages received - `snmp_icmp_in_redirects: Optional[float]` Number of ICMP Redirect messages received - `snmp_icmp_in_src_quenchs: Optional[float]` Number of ICMP Source Quench messages received - `snmp_icmp_in_time_excds: Optional[float]` Number of ICMP Time Exceeded messages received - `snmp_icmp_in_timestamp_reps: Optional[float]` Number of ICMP Address Mask Request messages received - `snmp_icmp_in_timestamps: Optional[float]` Number of ICMP Timestamp (request) messages received - `snmp_icmp_out_addr_mask_reps: Optional[float]` Number of ICMP Address Mask Reply messages sent - `snmp_icmp_out_addr_masks: Optional[float]` Number of ICMP Address Mask Request messages sent - `snmp_icmp_out_dest_unreachs: Optional[float]` Number of ICMP Destination Unreachable messages sent - `snmp_icmp_out_echo_reps: Optional[float]` Number of ICMP Echo Reply messages sent - `snmp_icmp_out_echos: Optional[float]` Number of ICMP Echo (request) messages sent - `snmp_icmp_out_errors: Optional[float]` Number of ICMP messages which this entity did not send due to ICMP-specific errors - `snmp_icmp_out_msgs: Optional[float]` Number of ICMP messages attempted to send - `snmp_icmp_out_parm_probs: Optional[float]` Number of ICMP Parameter Problem messages sent - `snmp_icmp_out_redirects: Optional[float]` Number of ICMP Redirect messages sent - `snmp_icmp_out_src_quenchs: Optional[float]` Number of ICMP Source Quench messages sent - `snmp_icmp_out_time_excds: Optional[float]` Number of ICMP Time Exceeded messages sent - `snmp_icmp_out_timestamp_reps: Optional[float]` Number of ICMP Timestamp Reply messages sent - `snmp_icmp_out_timestamps: Optional[float]` Number of ICMP Timestamp (request) messages sent - `snmp_ip_default_ttl: Optional[float]` Default value of the Time-To-Live field of the IP header - `snmp_ip_forw_datagrams: Optional[float]` Number of datagrams forwarded to their final destination - `snmp_ip_forwarding_enabled: Optional[bool]` Set when acting as an IP gateway - `snmp_ip_frag_creates: Optional[float]` Number of datagrams generated by fragmentation - `snmp_ip_frag_fails: Optional[float]` Number of datagrams discarded because fragmentation failed - `snmp_ip_frag_oks: Optional[float]` Number of datagrams successfully fragmented - `snmp_ip_in_addr_errors: Optional[float]` Number of input datagrams discarded due to errors in the IP address - `snmp_ip_in_delivers: Optional[float]` Number of input datagrams successfully delivered to IP user-protocols - `snmp_ip_in_discards: Optional[float]` Number of input datagrams otherwise discarded - `snmp_ip_in_hdr_errors: Optional[float]` Number of input datagrams discarded due to errors in the IP header - `snmp_ip_in_receives: Optional[float]` Number of input datagrams received from interfaces - `snmp_ip_in_unknown_protos: Optional[float]` Number of input datagrams discarded due unknown or unsupported protocol - `snmp_ip_out_discards: Optional[float]` Number of output datagrams otherwise discarded - `snmp_ip_out_no_routes: Optional[float]` Number of output datagrams discarded because no route matched - `snmp_ip_out_requests: Optional[float]` Number of datagrams supplied for transmission - `snmp_ip_reasm_fails: Optional[float]` Number of failures detected by the reassembly algorithm - `snmp_ip_reasm_oks: Optional[float]` Number of datagrams successfully reassembled - `snmp_ip_reasm_reqds: Optional[float]` Number of fragments received which needed to be reassembled - `snmp_ip_reasm_timeout: Optional[float]` Number of seconds fragments are held while awaiting reassembly - `snmp_tcp_active_opens: Optional[float]` Number of times TCP transitions to SYN-SENT from CLOSED - `snmp_tcp_attempt_fails: Optional[float]` Number of times TCP transitions to CLOSED from SYN-SENT or SYN-RCVD, plus transitions to LISTEN from SYN-RCVD - `snmp_tcp_curr_estab: Optional[float]` Number of TCP connections in ESTABLISHED or CLOSE-WAIT - `snmp_tcp_estab_resets: Optional[float]` Number of times TCP transitions to CLOSED from ESTABLISHED or CLOSE-WAIT - `snmp_tcp_in_csum_errors: Optional[float]` Number of TCP segments received with checksum errors - `snmp_tcp_in_errs: Optional[float]` Number of TCP segments received in error - `snmp_tcp_in_segs: Optional[float]` Number of TCP segments received - `snmp_tcp_max_conn: Optional[float]` Limit on the total number of TCP connections - `snmp_tcp_out_rsts: Optional[float]` Number of TCP segments sent with RST flag - `snmp_tcp_out_segs: Optional[float]` Number of TCP segments sent - `snmp_tcp_passive_opens: Optional[float]` Number of times TCP transitions to SYN-RCVD from LISTEN - `snmp_tcp_retrans_segs: Optional[float]` Number of TCP segments retransmitted - `snmp_tcp_rto_max: Optional[float]` Maximum value permitted by a TCP implementation for the retransmission timeout (milliseconds) - `snmp_tcp_rto_min: Optional[float]` Minimum value permitted by a TCP implementation for the retransmission timeout (milliseconds) - `snmp_udp_in_datagrams: Optional[float]` Number of UDP datagrams delivered to UDP applications - `snmp_udp_in_errors: Optional[float]` Number of UDP datagrams failed to be delivered for reasons other than lack of application at the destination port - `snmp_udp_no_ports: Optional[float]` Number of UDP datagrams received for which there was not application at the destination port - `snmp_udp_out_datagrams: Optional[float]` Number of UDP datagrams sent - `system_boot_time_s: Optional[float]` Boottime of the system (seconds since the Unix epoch) - `thermals: Optional[List[ItemThermal]]` - `label: str` Sensor identifier for the component - `critical_celcius: Optional[float]` Critical failure temperature of the component (degrees Celsius) - `current_celcius: Optional[float]` Current temperature of the component (degrees Celsius) - `max_celcius: Optional[float]` Maximum temperature of the component (degrees Celsius) - `tunnels: Optional[List[ItemTunnel]]` - `health_state: str` Name of tunnel health state (unknown, healthy, degraded, down) - `health_value: float` Numeric value associated with tunnel state (0 = unknown, 1 = healthy, 2 = degraded, 3 = down) - `interface_name: str` The tunnel interface name (i.e. xfrm1, xfrm3.99, etc.) - `tunnel_id: str` Tunnel identifier - `probed_mtu: Optional[float]` MTU as measured between the two ends of the tunnel - `recent_healthy_pings: Optional[float]` Number of recent healthy pings for this tunnel - `recent_unhealthy_pings: Optional[float]` Number of recent unhealthy pings for this tunnel - `uptime_idle_ms: Optional[float]` Sum of how much time each core has spent idle - `uptime_total_ms: Optional[float]` Uptime of the system, including time spent in suspend # PCAPs ## List packet capture requests `magic_transit.pcaps.list(PCAPListParams**kwargs) -> SyncSinglePage[PCAPListResponse]` **get** `/accounts/{account_id}/pcaps` Lists all packet capture requests for an account. ### Parameters - `account_id: str` Identifier. ### Returns - `PCAPListResponse` - `class PCAP: …` - `id: Optional[str]` The ID for the packet capture. - `filter_v1: Optional[PCAPFilter]` The packet capture filter. When this field is empty, all packets are captured. - `destination_address: Optional[str]` The destination IP address of the packet. - `destination_port: Optional[float]` The destination port of the packet. - `protocol: Optional[float]` The protocol number of the packet. - `source_address: Optional[str]` The source IP address of the packet. - `source_port: Optional[float]` The source port of the packet. - `offset_time: Optional[datetime]` The RFC 3339 offset timestamp from which to query backwards for packets. Must be within the last 24h. When this field is empty, defaults to time of request. - `status: Optional[Literal["unknown", "success", "pending", 5 more]]` The status of the packet capture request. - `"unknown"` - `"success"` - `"pending"` - `"running"` - `"conversion_pending"` - `"conversion_running"` - `"complete"` - `"failed"` - `submitted: Optional[str]` The RFC 3339 timestamp when the packet capture was created. - `system: Optional[Literal["magic-transit"]]` The system used to collect packet captures. - `"magic-transit"` - `time_limit: Optional[float]` The packet capture duration in seconds. - `type: Optional[Literal["simple", "full"]]` The type of packet capture. `Simple` captures sampled packets, and `full` captures entire payloads and non-sampled packets. - `"simple"` - `"full"` - `class MagicVisibilityPCAPsPCAPsResponseFull: …` - `id: Optional[str]` The ID for the packet capture. - `byte_limit: Optional[float]` The maximum number of bytes to capture. This field only applies to `full` packet captures. - `colo_name: Optional[str]` The name of the data center used for the packet capture. This can be a specific colo (ord02) or a multi-colo name (ORD). This field only applies to `full` packet captures. - `destination_conf: Optional[str]` The full URI for the bucket. This field only applies to `full` packet captures. - `error_message: Optional[str]` An error message that describes why the packet capture failed. This field only applies to `full` packet captures. - `filter_v1: Optional[PCAPFilter]` The packet capture filter. When this field is empty, all packets are captured. - `packets_captured: Optional[int]` The number of packets captured. - `status: Optional[Literal["unknown", "success", "pending", 5 more]]` The status of the packet capture request. - `"unknown"` - `"success"` - `"pending"` - `"running"` - `"conversion_pending"` - `"conversion_running"` - `"complete"` - `"failed"` - `stop_requested: Optional[datetime]` The RFC 3339 timestamp when stopping the packet capture was requested. This field only applies to `full` packet captures. - `submitted: Optional[str]` The RFC 3339 timestamp when the packet capture was created. - `system: Optional[Literal["magic-transit"]]` The system used to collect packet captures. - `"magic-transit"` - `time_limit: Optional[float]` The packet capture duration in seconds. - `type: Optional[Literal["simple", "full"]]` The type of packet capture. `Simple` captures sampled packets, and `full` captures entire payloads and non-sampled packets. - `"simple"` - `"full"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.magic_transit.pcaps.list( account_id="023e105f4ecef8ad9ca31a8372d0c353", ) page = page.result[0] print(page) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "66802ca5668e47a2b82c2e6746e45037", "filter_v1": { "destination_address": "1.2.3.4", "destination_port": 80, "protocol": 6, "source_address": "1.2.3.4", "source_port": 123 }, "offset_time": "2020-01-01T08:00:00Z", "status": "success", "submitted": "2020-01-01T08:00:00Z", "system": "magic-transit", "time_limit": 300, "type": "simple" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Get PCAP request `magic_transit.pcaps.get(strpcap_id, PCAPGetParams**kwargs) -> PCAPGetResponse` **get** `/accounts/{account_id}/pcaps/{pcap_id}` Get information for a PCAP request by id. ### Parameters - `account_id: str` Identifier. - `pcap_id: str` Identifier. ### Returns - `PCAPGetResponse` - `class PCAP: …` - `id: Optional[str]` The ID for the packet capture. - `filter_v1: Optional[PCAPFilter]` The packet capture filter. When this field is empty, all packets are captured. - `destination_address: Optional[str]` The destination IP address of the packet. - `destination_port: Optional[float]` The destination port of the packet. - `protocol: Optional[float]` The protocol number of the packet. - `source_address: Optional[str]` The source IP address of the packet. - `source_port: Optional[float]` The source port of the packet. - `offset_time: Optional[datetime]` The RFC 3339 offset timestamp from which to query backwards for packets. Must be within the last 24h. When this field is empty, defaults to time of request. - `status: Optional[Literal["unknown", "success", "pending", 5 more]]` The status of the packet capture request. - `"unknown"` - `"success"` - `"pending"` - `"running"` - `"conversion_pending"` - `"conversion_running"` - `"complete"` - `"failed"` - `submitted: Optional[str]` The RFC 3339 timestamp when the packet capture was created. - `system: Optional[Literal["magic-transit"]]` The system used to collect packet captures. - `"magic-transit"` - `time_limit: Optional[float]` The packet capture duration in seconds. - `type: Optional[Literal["simple", "full"]]` The type of packet capture. `Simple` captures sampled packets, and `full` captures entire payloads and non-sampled packets. - `"simple"` - `"full"` - `class MagicVisibilityPCAPsPCAPsResponseFull: …` - `id: Optional[str]` The ID for the packet capture. - `byte_limit: Optional[float]` The maximum number of bytes to capture. This field only applies to `full` packet captures. - `colo_name: Optional[str]` The name of the data center used for the packet capture. This can be a specific colo (ord02) or a multi-colo name (ORD). This field only applies to `full` packet captures. - `destination_conf: Optional[str]` The full URI for the bucket. This field only applies to `full` packet captures. - `error_message: Optional[str]` An error message that describes why the packet capture failed. This field only applies to `full` packet captures. - `filter_v1: Optional[PCAPFilter]` The packet capture filter. When this field is empty, all packets are captured. - `packets_captured: Optional[int]` The number of packets captured. - `status: Optional[Literal["unknown", "success", "pending", 5 more]]` The status of the packet capture request. - `"unknown"` - `"success"` - `"pending"` - `"running"` - `"conversion_pending"` - `"conversion_running"` - `"complete"` - `"failed"` - `stop_requested: Optional[datetime]` The RFC 3339 timestamp when stopping the packet capture was requested. This field only applies to `full` packet captures. - `submitted: Optional[str]` The RFC 3339 timestamp when the packet capture was created. - `system: Optional[Literal["magic-transit"]]` The system used to collect packet captures. - `"magic-transit"` - `time_limit: Optional[float]` The packet capture duration in seconds. - `type: Optional[Literal["simple", "full"]]` The type of packet capture. `Simple` captures sampled packets, and `full` captures entire payloads and non-sampled packets. - `"simple"` - `"full"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) pcap = client.magic_transit.pcaps.get( pcap_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(pcap) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "66802ca5668e47a2b82c2e6746e45037", "filter_v1": { "destination_address": "1.2.3.4", "destination_port": 80, "protocol": 6, "source_address": "1.2.3.4", "source_port": 123 }, "offset_time": "2020-01-01T08:00:00Z", "status": "success", "submitted": "2020-01-01T08:00:00Z", "system": "magic-transit", "time_limit": 300, "type": "simple" }, "success": true } ``` ## Create PCAP request `magic_transit.pcaps.create(PCAPCreateParams**kwargs) -> PCAPCreateResponse` **post** `/accounts/{account_id}/pcaps` Create new PCAP request for account. ### Parameters - `account_id: str` Identifier. - `packet_limit: float` The limit of packets contained in a packet capture. - `system: Literal["magic-transit"]` The system used to collect packet captures. - `"magic-transit"` - `time_limit: float` The packet capture duration in seconds. - `type: Literal["simple", "full"]` The type of packet capture. `Simple` captures sampled packets, and `full` captures entire payloads and non-sampled packets. - `"simple"` - `"full"` - `filter_v1: Optional[PCAPFilterParam]` The packet capture filter. When this field is empty, all packets are captured. - `destination_address: Optional[str]` The destination IP address of the packet. - `destination_port: Optional[float]` The destination port of the packet. - `protocol: Optional[float]` The protocol number of the packet. - `source_address: Optional[str]` The source IP address of the packet. - `source_port: Optional[float]` The source port of the packet. - `offset_time: Optional[Union[str, datetime]]` The RFC 3339 offset timestamp from which to query backwards for packets. Must be within the last 24h. When this field is empty, defaults to time of request. ### Returns - `PCAPCreateResponse` - `class PCAP: …` - `id: Optional[str]` The ID for the packet capture. - `filter_v1: Optional[PCAPFilter]` The packet capture filter. When this field is empty, all packets are captured. - `destination_address: Optional[str]` The destination IP address of the packet. - `destination_port: Optional[float]` The destination port of the packet. - `protocol: Optional[float]` The protocol number of the packet. - `source_address: Optional[str]` The source IP address of the packet. - `source_port: Optional[float]` The source port of the packet. - `offset_time: Optional[datetime]` The RFC 3339 offset timestamp from which to query backwards for packets. Must be within the last 24h. When this field is empty, defaults to time of request. - `status: Optional[Literal["unknown", "success", "pending", 5 more]]` The status of the packet capture request. - `"unknown"` - `"success"` - `"pending"` - `"running"` - `"conversion_pending"` - `"conversion_running"` - `"complete"` - `"failed"` - `submitted: Optional[str]` The RFC 3339 timestamp when the packet capture was created. - `system: Optional[Literal["magic-transit"]]` The system used to collect packet captures. - `"magic-transit"` - `time_limit: Optional[float]` The packet capture duration in seconds. - `type: Optional[Literal["simple", "full"]]` The type of packet capture. `Simple` captures sampled packets, and `full` captures entire payloads and non-sampled packets. - `"simple"` - `"full"` - `class MagicVisibilityPCAPsPCAPsResponseFull: …` - `id: Optional[str]` The ID for the packet capture. - `byte_limit: Optional[float]` The maximum number of bytes to capture. This field only applies to `full` packet captures. - `colo_name: Optional[str]` The name of the data center used for the packet capture. This can be a specific colo (ord02) or a multi-colo name (ORD). This field only applies to `full` packet captures. - `destination_conf: Optional[str]` The full URI for the bucket. This field only applies to `full` packet captures. - `error_message: Optional[str]` An error message that describes why the packet capture failed. This field only applies to `full` packet captures. - `filter_v1: Optional[PCAPFilter]` The packet capture filter. When this field is empty, all packets are captured. - `packets_captured: Optional[int]` The number of packets captured. - `status: Optional[Literal["unknown", "success", "pending", 5 more]]` The status of the packet capture request. - `"unknown"` - `"success"` - `"pending"` - `"running"` - `"conversion_pending"` - `"conversion_running"` - `"complete"` - `"failed"` - `stop_requested: Optional[datetime]` The RFC 3339 timestamp when stopping the packet capture was requested. This field only applies to `full` packet captures. - `submitted: Optional[str]` The RFC 3339 timestamp when the packet capture was created. - `system: Optional[Literal["magic-transit"]]` The system used to collect packet captures. - `"magic-transit"` - `time_limit: Optional[float]` The packet capture duration in seconds. - `type: Optional[Literal["simple", "full"]]` The type of packet capture. `Simple` captures sampled packets, and `full` captures entire payloads and non-sampled packets. - `"simple"` - `"full"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) pcap = client.magic_transit.pcaps.create( account_id="023e105f4ecef8ad9ca31a8372d0c353", packet_limit=10000, system="magic-transit", time_limit=300, type="simple", ) print(pcap) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "66802ca5668e47a2b82c2e6746e45037", "filter_v1": { "destination_address": "1.2.3.4", "destination_port": 80, "protocol": 6, "source_address": "1.2.3.4", "source_port": 123 }, "offset_time": "2020-01-01T08:00:00Z", "status": "success", "submitted": "2020-01-01T08:00:00Z", "system": "magic-transit", "time_limit": 300, "type": "simple" }, "success": true } ``` ## Stop full PCAP `magic_transit.pcaps.stop(strpcap_id, PCAPStopParams**kwargs)` **put** `/accounts/{account_id}/pcaps/{pcap_id}/stop` Stop full PCAP. ### Parameters - `account_id: str` Identifier. - `pcap_id: str` Identifier. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) client.magic_transit.pcaps.stop( pcap_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) ``` ## Domain Types ### PCAP - `class PCAP: …` - `id: Optional[str]` The ID for the packet capture. - `filter_v1: Optional[PCAPFilter]` The packet capture filter. When this field is empty, all packets are captured. - `destination_address: Optional[str]` The destination IP address of the packet. - `destination_port: Optional[float]` The destination port of the packet. - `protocol: Optional[float]` The protocol number of the packet. - `source_address: Optional[str]` The source IP address of the packet. - `source_port: Optional[float]` The source port of the packet. - `offset_time: Optional[datetime]` The RFC 3339 offset timestamp from which to query backwards for packets. Must be within the last 24h. When this field is empty, defaults to time of request. - `status: Optional[Literal["unknown", "success", "pending", 5 more]]` The status of the packet capture request. - `"unknown"` - `"success"` - `"pending"` - `"running"` - `"conversion_pending"` - `"conversion_running"` - `"complete"` - `"failed"` - `submitted: Optional[str]` The RFC 3339 timestamp when the packet capture was created. - `system: Optional[Literal["magic-transit"]]` The system used to collect packet captures. - `"magic-transit"` - `time_limit: Optional[float]` The packet capture duration in seconds. - `type: Optional[Literal["simple", "full"]]` The type of packet capture. `Simple` captures sampled packets, and `full` captures entire payloads and non-sampled packets. - `"simple"` - `"full"` ### PCAP Filter - `class PCAPFilter: …` The packet capture filter. When this field is empty, all packets are captured. - `destination_address: Optional[str]` The destination IP address of the packet. - `destination_port: Optional[float]` The destination port of the packet. - `protocol: Optional[float]` The protocol number of the packet. - `source_address: Optional[str]` The source IP address of the packet. - `source_port: Optional[float]` The source port of the packet. ### PCAP List Response - `PCAPListResponse` - `class PCAP: …` - `id: Optional[str]` The ID for the packet capture. - `filter_v1: Optional[PCAPFilter]` The packet capture filter. When this field is empty, all packets are captured. - `destination_address: Optional[str]` The destination IP address of the packet. - `destination_port: Optional[float]` The destination port of the packet. - `protocol: Optional[float]` The protocol number of the packet. - `source_address: Optional[str]` The source IP address of the packet. - `source_port: Optional[float]` The source port of the packet. - `offset_time: Optional[datetime]` The RFC 3339 offset timestamp from which to query backwards for packets. Must be within the last 24h. When this field is empty, defaults to time of request. - `status: Optional[Literal["unknown", "success", "pending", 5 more]]` The status of the packet capture request. - `"unknown"` - `"success"` - `"pending"` - `"running"` - `"conversion_pending"` - `"conversion_running"` - `"complete"` - `"failed"` - `submitted: Optional[str]` The RFC 3339 timestamp when the packet capture was created. - `system: Optional[Literal["magic-transit"]]` The system used to collect packet captures. - `"magic-transit"` - `time_limit: Optional[float]` The packet capture duration in seconds. - `type: Optional[Literal["simple", "full"]]` The type of packet capture. `Simple` captures sampled packets, and `full` captures entire payloads and non-sampled packets. - `"simple"` - `"full"` - `class MagicVisibilityPCAPsPCAPsResponseFull: …` - `id: Optional[str]` The ID for the packet capture. - `byte_limit: Optional[float]` The maximum number of bytes to capture. This field only applies to `full` packet captures. - `colo_name: Optional[str]` The name of the data center used for the packet capture. This can be a specific colo (ord02) or a multi-colo name (ORD). This field only applies to `full` packet captures. - `destination_conf: Optional[str]` The full URI for the bucket. This field only applies to `full` packet captures. - `error_message: Optional[str]` An error message that describes why the packet capture failed. This field only applies to `full` packet captures. - `filter_v1: Optional[PCAPFilter]` The packet capture filter. When this field is empty, all packets are captured. - `packets_captured: Optional[int]` The number of packets captured. - `status: Optional[Literal["unknown", "success", "pending", 5 more]]` The status of the packet capture request. - `"unknown"` - `"success"` - `"pending"` - `"running"` - `"conversion_pending"` - `"conversion_running"` - `"complete"` - `"failed"` - `stop_requested: Optional[datetime]` The RFC 3339 timestamp when stopping the packet capture was requested. This field only applies to `full` packet captures. - `submitted: Optional[str]` The RFC 3339 timestamp when the packet capture was created. - `system: Optional[Literal["magic-transit"]]` The system used to collect packet captures. - `"magic-transit"` - `time_limit: Optional[float]` The packet capture duration in seconds. - `type: Optional[Literal["simple", "full"]]` The type of packet capture. `Simple` captures sampled packets, and `full` captures entire payloads and non-sampled packets. - `"simple"` - `"full"` ### PCAP Get Response - `PCAPGetResponse` - `class PCAP: …` - `id: Optional[str]` The ID for the packet capture. - `filter_v1: Optional[PCAPFilter]` The packet capture filter. When this field is empty, all packets are captured. - `destination_address: Optional[str]` The destination IP address of the packet. - `destination_port: Optional[float]` The destination port of the packet. - `protocol: Optional[float]` The protocol number of the packet. - `source_address: Optional[str]` The source IP address of the packet. - `source_port: Optional[float]` The source port of the packet. - `offset_time: Optional[datetime]` The RFC 3339 offset timestamp from which to query backwards for packets. Must be within the last 24h. When this field is empty, defaults to time of request. - `status: Optional[Literal["unknown", "success", "pending", 5 more]]` The status of the packet capture request. - `"unknown"` - `"success"` - `"pending"` - `"running"` - `"conversion_pending"` - `"conversion_running"` - `"complete"` - `"failed"` - `submitted: Optional[str]` The RFC 3339 timestamp when the packet capture was created. - `system: Optional[Literal["magic-transit"]]` The system used to collect packet captures. - `"magic-transit"` - `time_limit: Optional[float]` The packet capture duration in seconds. - `type: Optional[Literal["simple", "full"]]` The type of packet capture. `Simple` captures sampled packets, and `full` captures entire payloads and non-sampled packets. - `"simple"` - `"full"` - `class MagicVisibilityPCAPsPCAPsResponseFull: …` - `id: Optional[str]` The ID for the packet capture. - `byte_limit: Optional[float]` The maximum number of bytes to capture. This field only applies to `full` packet captures. - `colo_name: Optional[str]` The name of the data center used for the packet capture. This can be a specific colo (ord02) or a multi-colo name (ORD). This field only applies to `full` packet captures. - `destination_conf: Optional[str]` The full URI for the bucket. This field only applies to `full` packet captures. - `error_message: Optional[str]` An error message that describes why the packet capture failed. This field only applies to `full` packet captures. - `filter_v1: Optional[PCAPFilter]` The packet capture filter. When this field is empty, all packets are captured. - `packets_captured: Optional[int]` The number of packets captured. - `status: Optional[Literal["unknown", "success", "pending", 5 more]]` The status of the packet capture request. - `"unknown"` - `"success"` - `"pending"` - `"running"` - `"conversion_pending"` - `"conversion_running"` - `"complete"` - `"failed"` - `stop_requested: Optional[datetime]` The RFC 3339 timestamp when stopping the packet capture was requested. This field only applies to `full` packet captures. - `submitted: Optional[str]` The RFC 3339 timestamp when the packet capture was created. - `system: Optional[Literal["magic-transit"]]` The system used to collect packet captures. - `"magic-transit"` - `time_limit: Optional[float]` The packet capture duration in seconds. - `type: Optional[Literal["simple", "full"]]` The type of packet capture. `Simple` captures sampled packets, and `full` captures entire payloads and non-sampled packets. - `"simple"` - `"full"` ### PCAP Create Response - `PCAPCreateResponse` - `class PCAP: …` - `id: Optional[str]` The ID for the packet capture. - `filter_v1: Optional[PCAPFilter]` The packet capture filter. When this field is empty, all packets are captured. - `destination_address: Optional[str]` The destination IP address of the packet. - `destination_port: Optional[float]` The destination port of the packet. - `protocol: Optional[float]` The protocol number of the packet. - `source_address: Optional[str]` The source IP address of the packet. - `source_port: Optional[float]` The source port of the packet. - `offset_time: Optional[datetime]` The RFC 3339 offset timestamp from which to query backwards for packets. Must be within the last 24h. When this field is empty, defaults to time of request. - `status: Optional[Literal["unknown", "success", "pending", 5 more]]` The status of the packet capture request. - `"unknown"` - `"success"` - `"pending"` - `"running"` - `"conversion_pending"` - `"conversion_running"` - `"complete"` - `"failed"` - `submitted: Optional[str]` The RFC 3339 timestamp when the packet capture was created. - `system: Optional[Literal["magic-transit"]]` The system used to collect packet captures. - `"magic-transit"` - `time_limit: Optional[float]` The packet capture duration in seconds. - `type: Optional[Literal["simple", "full"]]` The type of packet capture. `Simple` captures sampled packets, and `full` captures entire payloads and non-sampled packets. - `"simple"` - `"full"` - `class MagicVisibilityPCAPsPCAPsResponseFull: …` - `id: Optional[str]` The ID for the packet capture. - `byte_limit: Optional[float]` The maximum number of bytes to capture. This field only applies to `full` packet captures. - `colo_name: Optional[str]` The name of the data center used for the packet capture. This can be a specific colo (ord02) or a multi-colo name (ORD). This field only applies to `full` packet captures. - `destination_conf: Optional[str]` The full URI for the bucket. This field only applies to `full` packet captures. - `error_message: Optional[str]` An error message that describes why the packet capture failed. This field only applies to `full` packet captures. - `filter_v1: Optional[PCAPFilter]` The packet capture filter. When this field is empty, all packets are captured. - `packets_captured: Optional[int]` The number of packets captured. - `status: Optional[Literal["unknown", "success", "pending", 5 more]]` The status of the packet capture request. - `"unknown"` - `"success"` - `"pending"` - `"running"` - `"conversion_pending"` - `"conversion_running"` - `"complete"` - `"failed"` - `stop_requested: Optional[datetime]` The RFC 3339 timestamp when stopping the packet capture was requested. This field only applies to `full` packet captures. - `submitted: Optional[str]` The RFC 3339 timestamp when the packet capture was created. - `system: Optional[Literal["magic-transit"]]` The system used to collect packet captures. - `"magic-transit"` - `time_limit: Optional[float]` The packet capture duration in seconds. - `type: Optional[Literal["simple", "full"]]` The type of packet capture. `Simple` captures sampled packets, and `full` captures entire payloads and non-sampled packets. - `"simple"` - `"full"` # Ownership ## List PCAPs Bucket Ownership `magic_transit.pcaps.ownership.get(OwnershipGetParams**kwargs) -> SyncSinglePage[Ownership]` **get** `/accounts/{account_id}/pcaps/ownership` List all buckets configured for use with PCAPs API. ### Parameters - `account_id: str` Identifier. ### Returns - `class Ownership: …` - `id: str` The bucket ID associated with the packet captures API. - `destination_conf: str` The full URI for the bucket. This field only applies to `full` packet captures. - `filename: str` The ownership challenge filename stored in the bucket. - `status: Literal["pending", "success", "failed"]` The status of the ownership challenge. Can be pending, success or failed. - `"pending"` - `"success"` - `"failed"` - `submitted: str` The RFC 3339 timestamp when the bucket was added to packet captures API. - `validated: Optional[str]` The RFC 3339 timestamp when the bucket was validated. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.magic_transit.pcaps.ownership.get( account_id="023e105f4ecef8ad9ca31a8372d0c353", ) page = page.result[0] print(page.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "9883874ecac311ec8475433579a6bf5f", "destination_conf": "s3://pcaps-bucket?region=us-east-1", "filename": "ownership-challenge-9883874ecac311ec8475433579a6bf5f.txt", "status": "success", "submitted": "2020-01-01T08:00:00Z", "validated": "2020-01-01T08:00:00Z" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Add buckets for full packet captures `magic_transit.pcaps.ownership.create(OwnershipCreateParams**kwargs) -> Ownership` **post** `/accounts/{account_id}/pcaps/ownership` Adds an AWS or GCP bucket to use with full packet captures. ### Parameters - `account_id: str` Identifier. - `destination_conf: str` The full URI for the bucket. This field only applies to `full` packet captures. ### Returns - `class Ownership: …` - `id: str` The bucket ID associated with the packet captures API. - `destination_conf: str` The full URI for the bucket. This field only applies to `full` packet captures. - `filename: str` The ownership challenge filename stored in the bucket. - `status: Literal["pending", "success", "failed"]` The status of the ownership challenge. Can be pending, success or failed. - `"pending"` - `"success"` - `"failed"` - `submitted: str` The RFC 3339 timestamp when the bucket was added to packet captures API. - `validated: Optional[str]` The RFC 3339 timestamp when the bucket was validated. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) ownership = client.magic_transit.pcaps.ownership.create( account_id="023e105f4ecef8ad9ca31a8372d0c353", destination_conf="s3://pcaps-bucket?region=us-east-1", ) print(ownership.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "9883874ecac311ec8475433579a6bf5f", "destination_conf": "s3://pcaps-bucket?region=us-east-1", "filename": "ownership-challenge-9883874ecac311ec8475433579a6bf5f.txt", "status": "success", "submitted": "2020-01-01T08:00:00Z", "validated": "2020-01-01T08:00:00Z" }, "success": true } ``` ## Delete buckets for full packet captures `magic_transit.pcaps.ownership.delete(strownership_id, OwnershipDeleteParams**kwargs)` **delete** `/accounts/{account_id}/pcaps/ownership/{ownership_id}` Deletes buckets added to the packet captures API. ### Parameters - `account_id: str` Identifier. - `ownership_id: str` Identifier. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) client.magic_transit.pcaps.ownership.delete( ownership_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) ``` ## Validate buckets for full packet captures `magic_transit.pcaps.ownership.validate(OwnershipValidateParams**kwargs) -> Ownership` **post** `/accounts/{account_id}/pcaps/ownership/validate` Validates buckets added to the packet captures API. ### Parameters - `account_id: str` Identifier. - `destination_conf: str` The full URI for the bucket. This field only applies to `full` packet captures. - `ownership_challenge: str` The ownership challenge filename stored in the bucket. ### Returns - `class Ownership: …` - `id: str` The bucket ID associated with the packet captures API. - `destination_conf: str` The full URI for the bucket. This field only applies to `full` packet captures. - `filename: str` The ownership challenge filename stored in the bucket. - `status: Literal["pending", "success", "failed"]` The status of the ownership challenge. Can be pending, success or failed. - `"pending"` - `"success"` - `"failed"` - `submitted: str` The RFC 3339 timestamp when the bucket was added to packet captures API. - `validated: Optional[str]` The RFC 3339 timestamp when the bucket was validated. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) ownership = client.magic_transit.pcaps.ownership.validate( account_id="023e105f4ecef8ad9ca31a8372d0c353", destination_conf="s3://pcaps-bucket?region=us-east-1", ownership_challenge="ownership-challenge-9883874ecac311ec8475433579a6bf5f.txt", ) print(ownership.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "9883874ecac311ec8475433579a6bf5f", "destination_conf": "s3://pcaps-bucket?region=us-east-1", "filename": "ownership-challenge-9883874ecac311ec8475433579a6bf5f.txt", "status": "success", "submitted": "2020-01-01T08:00:00Z", "validated": "2020-01-01T08:00:00Z" }, "success": true } ``` ## Domain Types ### Ownership - `class Ownership: …` - `id: str` The bucket ID associated with the packet captures API. - `destination_conf: str` The full URI for the bucket. This field only applies to `full` packet captures. - `filename: str` The ownership challenge filename stored in the bucket. - `status: Literal["pending", "success", "failed"]` The status of the ownership challenge. Can be pending, success or failed. - `"pending"` - `"success"` - `"failed"` - `submitted: str` The RFC 3339 timestamp when the bucket was added to packet captures API. - `validated: Optional[str]` The RFC 3339 timestamp when the bucket was validated. # Download ## Download Simple PCAP `magic_transit.pcaps.download.get(strpcap_id, DownloadGetParams**kwargs) -> BinaryResponseContent` **get** `/accounts/{account_id}/pcaps/{pcap_id}/download` Download PCAP information into a file. Response is a binary PCAP file. ### Parameters - `account_id: str` Identifier. - `pcap_id: str` Identifier. ### Returns - `BinaryResponseContent` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) download = client.magic_transit.pcaps.download.get( pcap_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(download) content = download.read() print(content) ```