Configure Key Providers

You can use
HTTP requests
to perform Key Provider management operations.
  • Verify that you have access to a working
    vSphere Trust Authority
    environment.
  • Verify that you have Trusted Infrastructure administrative privileges.
You can retrieve, add, update, remove, and retrieve details about Key Providers.
Some operations require you to specify parameters in the body of the HTTP request according to your
vSphere Trust Authority
environment. For details about the syntax of each HTTP request body, see the
API Reference
documentation.
  1. Retrieve a list of Key Providers to see which Key Providers the cluster is using.
    GET https://<vcenter_ip_address_or_fqdn>/api/vcenter/trusted-infrastructure/trust-authority-clusters/<
    cluster
    >/kms/providers?vmw-task=true
    You receive the task ID in the response body. You can use the task ID to check the status of the task by running the following HTTP request.
    GET https://<vcenter_ip_address_or_fqdn>/api/cis/tasks/<
    task_ID
    >
  2. Add a new Key Provider which all hosts in the cluster can use.
    POST https://<vcenter_ip_address_or_fqdn>/api/vcenter/trusted-infrastructure/trust-authority-clusters/<
    cluster
    >/kms/providers?vmw-task=true
    You receive the task ID in the response body. You can use the task ID to check the status of the task by running the following HTTP request.
    GET https://<vcenter_ip_address_or_fqdn>/api/cis/tasks/<
    task_ID
    >
  3. Retrieve information about a Key Provider to verify the configuration.
    GET https://<vcenter_ip_address_or_fqdn>/api/vcenter/trusted-infrastructure/trust-authority-clusters/<
    cluster
    >/kms/providers/<
    provider
    >?vmw-task=true
    You receive the task ID in the response body. You can use the task ID to check the status of the task by running the following HTTP request.
    GET https://<vcenter_ip_address_or_fqdn>/api/cis/tasks/<
    task_ID
    >
  4. Update an existing Key Provider to modify the connection details and primary key for it.
    PATCH https://<vcenter_ip_address_or_fqdn>/api/vcenter/trusted-infrastructure/trust-authority-clusters/<
    cluster
    >/kms/providers/<
    provider
    >?vmw-task=true
    You receive the task ID in the response body. You can use the task ID to check the status of the task by running the following HTTP request.
    GET https://<vcenter_ip_address_or_fqdn>/api/cis/tasks/<
    task_ID
    >
  5. Remove a Key Provider.
    DELETE https://<vcenter_ip_address_or_fqdn>/api/vcenter/trusted-infrastructure/trust-authority-clusters/<
    cluster
    >/kms/providers/<
    provider
    >?vmw-task=true
    You receive the task ID in the response body. You can use the task ID to check the status of the task by running the following HTTP request.
    GET https://<vcenter_ip_address_or_fqdn>/api/cis/tasks/<
    task_ID
    >
    If the operation completes successfully, the cluster can no longer use that Key Provider.