VMware vSphere SDKs and Tools 6.5

8.0 7.0 6.7 6.5

Create a Stand-Alone Virtual Disk with an Attached Storage Encryption Policy
Last Updated December 19, 2024

The following example shows how to format an XML string to specify an I/O filter policy for a virtual disk.
  • Verify that the name for the policy is user-friendly.
  • Verify that the ID string to identify the policy is unique. The ID must be unique among the set of policies known to SPBM.
The format is specific to the current version of the VMware Web Services API. This format might not be compatible with other API versions.
  1. Build the policy
    <capability>
     element, which specifies the filter. 
    <capability>
   <capabilityId>
      <id>vmwarevmcrypt@encryption</id>
      <namespace>IOFILTERS</namespace>
      <constraint></constraint>
   </capabilityId>
</capability>
  2. Wrap the
    <capability>
     element singly in a
    <subProfiles>
     element, adding the rule name. 
    <subProfiles>
   <capability>
      <capabilityId>
         <id>vmwarevmcrypt@encryption</id>
         <namespace>IOFILTERS</namespace>
         <constraint></constraint>
      </capabilityId>
   </capability>
   <name>Rule-Set 1: IOFILTERS</name>
</subProfiles>
  3. Wrap the
    <subProfiles>
     element singly in a
    <constraints>
     element. 
    <constraints>
  <subProfiles>
    <capability>
       <capabilityId>
          <id>vmwarevmcrypt@encryption</id>
          <namespace>IOFILTERS</namespace>
          <constraint></constraint>
       </capabilityId>
    </capability>
    <name>Rule-Set 1: IOFILTERS</name>
  </subProfiles>
</constraints>
  4. Append profile metadata, such as name and creation date. 
    <constraints>
  <subProfiles>
    <capability>
      <capabilityId>
        <id>vmwarevmcrypt@encryption</id>
        <namespace>IOFILTERS</namespace>
        <constraint></constraint>
      </capabilityId>
    </capability>
    <name>Rule-Set 1: IOFILTERS</name>
  </subProfiles>
</constraints>
<createdBy>client</createdBy>
<creationTime>1999-12-31T23:59:59Z</creationTime>
<lastUpdatedTime>1999-12-31T23:59:59Z</lastUpdatedTime>
<generationId>1</generationId>
<name>IOfilter-Encrypt</name>
  5. Wrap the
    <constraints>
     element and metadata in a
    <storageProfile>
     element, and prefix an XML header. 
    <?xml version='1.0' encoding='UTF-8'?>
<storageProfile xsi:type='StorageProfile'>
  <constraints>
    <subProfiles>
      <capability>
        <capabilityId>
          <id>vmwarevmcrypt@encryption</id>
          <namespace>IOFILTERS</namespace>
          <constraint></constraint>
        </capabilityId>
      </capability>
      <name>Rule-Set 1: IOFILTERS</name>
    </subProfiles>
  </constraints>
  <createdBy>client</createdBy>
  <creationTime>1999-12-31T23:59:59Z</creationTime>
  <lastUpdatedTime>1999-12-31T23:59:59Z</lastUpdatedTime>
  <generationId>1</generationId>
  <name>IOfilter-Encrypt</name>
  <profileId>I am Unique</profileId>
</storageProfile>
You can create a
ProfileSpec
 to contain the XML data. See the
vSphere Web Services SDK Programming Guide
.

Content feedback and comments