Configure Key Providers
You can use
HTTP requests
to perform Key Provider management operations.- Verify that you have access to a workingvSphere Trust Authorityenvironment.
- Verify that you have Trusted Infrastructure administrative privileges.
You can retrieve, add, update, remove, and retrieve
details about Key Providers.
Some operations
require you to specify parameters in the body of the HTTP request according to
your
vSphere Trust Authority
environment. For details about the syntax of each HTTP request body, see the
API Reference
documentation.- Retrieve a list of Key Providers to see which Key Providers the cluster is using.GET https://<vcenter_ip_address_or_fqdn>/api/vcenter/trusted-infrastructure/trust-authority-clusters/<cluster>/kms/providers?vmw-task=trueYou receive the task ID in the response body. You can use the task ID to check the status of the task by running the following HTTP request.GET https://<vcenter_ip_address_or_fqdn>/api/cis/tasks/<task_ID>
- Add a new Key Provider which all hosts in the cluster can use.POST https://<vcenter_ip_address_or_fqdn>/api/vcenter/trusted-infrastructure/trust-authority-clusters/<cluster>/kms/providers?vmw-task=trueYou receive the task ID in the response body. You can use the task ID to check the status of the task by running the following HTTP request.GET https://<vcenter_ip_address_or_fqdn>/api/cis/tasks/<task_ID>
- Retrieve information about a Key Provider to verify the configuration.GET https://<vcenter_ip_address_or_fqdn>/api/vcenter/trusted-infrastructure/trust-authority-clusters/<cluster>/kms/providers/<provider>?vmw-task=trueYou receive the task ID in the response body. You can use the task ID to check the status of the task by running the following HTTP request.GET https://<vcenter_ip_address_or_fqdn>/api/cis/tasks/<task_ID>
- Update an existing Key Provider to modify the connection details and primary key for it.PATCH https://<vcenter_ip_address_or_fqdn>/api/vcenter/trusted-infrastructure/trust-authority-clusters/<cluster>/kms/providers/<provider>?vmw-task=trueYou receive the task ID in the response body. You can use the task ID to check the status of the task by running the following HTTP request.GET https://<vcenter_ip_address_or_fqdn>/api/cis/tasks/<task_ID>
- Remove a Key Provider.DELETE https://<vcenter_ip_address_or_fqdn>/api/vcenter/trusted-infrastructure/trust-authority-clusters/<cluster>/kms/providers/<provider>?vmw-task=trueYou receive the task ID in the response body. You can use the task ID to check the status of the task by running the following HTTP request.GET https://<vcenter_ip_address_or_fqdn>/api/cis/tasks/<task_ID>If the operation completes successfully, the cluster can no longer use that Key Provider.