Remediate a Trusted Cluster
You can use
the
to remediate ServicesAppliedConfig
interface
from the
com.vmware.vcenter.trusted_infrastructure.trusted_clusters.kms
,
com.vmware.vcenter.trusted_infrastructure.trusted_clusters.attestation
,
and com.vmware.vcenter.trusted_infrastructure.trusted_clusters
packagesvSphere Trust Authority
component configurations in a Trusted Cluster or remove the
configurations.- Verify that you have access to a workingvSphere Trust Authorityenvironment.
- Verify that you have Trusted Infrastructure administrative privileges.
You can update the applied Key Provider Service or
Attestation Service configurations in a Trusted Cluster to become consistent with
the desired state or you can remove the applied Key Provider Service or Attestation
Service configurations. You can also update all applied
vSphere Trust Authority
component
configurations in a Trusted Cluster or remove the configurations. By removing the
configurations, you can move hosts from a Trusted Cluster to another cluster. - Remediate all Key Provider Service instances configured for use in a Trusted Clusterby calling the.update_Task(java.lang.String cluster)method of theServicesAppliedConfiginterface from thecom.vmware.vcenter.trusted_infrastructure.trusted_clusters.kmspackageIf the operation is successful, the Key Provider Service configuration of every host in the cluster is consistent with the desired state.
- Remove all Key Provider Service configurations from a Trusted Clusterby calling the.delete_Task(java.lang.String cluster)method of theServicesAppliedConfiginterface from thecom.vmware.vcenter.trusted_infrastructure.trusted_clusters.kmspackageIf the operation is successful, the applied Key Provider Service configurations are removed from the configuration of every host in the cluster without affecting the desired state.
- Remediate all Attestation Service instances configured for use in a Trusted Clusterby calling the.update_Task(java.lang.String cluster)method of theServicesAppliedConfiginterface from thecom.vmware.vcenter.trusted_infrastructure.trusted_clusters.attestationpackageIf the operation is successful, the Attestation Service configuration of every host in the cluster is consistent with the desired state.
- Remove all Attestation Service configurations from a Trusted Clusterby calling the.delete_Task(java.lang.String cluster)method of theServicesAppliedConfiginterface from thecom.vmware.vcenter.trusted_infrastructure.trusted_clusters.attestationpackageIf the operation is successful, the applied Attestation Service configurations are removed from the configuration of every host in the cluster without affecting the desired state.
- Remediate allvSphere Trust Authoritycomponents configured for use in a Trusted Clusterby calling the.update_Task(java.lang.String cluster)method of theServicesAppliedConfiginterface from thecom.vmware.vcenter.trusted_infrastructure.trusted_clusterspackageIf the operation is successful, thevSphere Trust Authoritycomponent configuration of every host in the cluster is consistent with the desired state.
- Remove allvSphere Trust Authoritycomponent configurations from a Trusted Clusterby calling the.delete_Task(java.lang.String cluster)method of theServicesAppliedConfiginterface from thecom.vmware.vcenter.trusted_infrastructure.trusted_clusterspackageIf the operation is successful, the appliedvSphere Trust Authoritycomponent configurations are removed from the configuration of every host in the cluster without affecting the desired state.
You can recheck the Trusted Cluster health after the remediation. See Check Trusted Cluster Health.