Configure Trusted
ESXi
Builds on a Cluster Level

You can use
HTTP requests
to manage trusted instances of
ESXi
software on a cluster level.
  • Verify that you have access to a working
    vSphere Trust Authority
    environment.
  • Verify that you have Trusted Infrastructure administrative privileges.
You can import, list, remove, and retrieve details about
ESXi
base images.
Some operations require you to specify parameters in the body of the HTTP request according to your
vSphere Trust Authority
environment. For details about the syntax of each HTTP request body, see the
API Reference
documentation.
  1. Import
    ESXi
    metadata as a new trusted base image to each host in a
    vSphere Trust Authority
    Cluster.
    POST https://<vcenter_ip_address_or_fqdn>/api/vcenter/trusted-infrastructure/trust-authority-clusters/<
    cluster
    >/attestation/os/esx/base-images?action=import-from-imgdb&vmw-task=true "YmluYXJ5"
    You receive the task ID in the response body. You can use the task ID to check the status of the task by running the following HTTP request.
    GET https://<vcenter_ip_address_or_fqdn>/api/cis/tasks/<
    task_ID
    >
  2. Retrieve a list of trusted
    ESXi
    base images in a
    vSphere Trust Authority
    Cluster.
    GET https://<vcenter_ip_address_or_fqdn>/api/vcenter/trusted-infrastructure/trust-authority-clusters/<
    cluster
    >/attestation/os/esx/base-images?version=<
    value-1
    >&version=<
    value-2
    >&display_name=<
    value-1
    >&display_name=<
    value-2
    >&health=<
    value-1
    >&health=<
    value-2
    >&vmw-task=true
    You receive the task ID in the response body. You can use the task ID to check the status of the task by running the following HTTP request.
    GET https://<vcenter_ip_address_or_fqdn>/api/cis/tasks/<
    task_ID
    >
  3. Remove an
    ESXi
    base image that should no longer be trusted from a
    vSphere Trust Authority
    Cluster.
    DELETE https://<vcenter_ip_address_or_fqdn>/api/vcenter/trusted-infrastructure/trust-authority-clusters/<
    cluster
    >/attestation/os/esx/base-images/<
    version
    >?vmw-task=true
    You receive the task ID in the response body. You can use the task ID to check the status of the task by running the following HTTP request.
    GET https://<vcenter_ip_address_or_fqdn>/api/cis/tasks/<
    task_ID
    >
  4. Retrieve details about a trusted
    ESXi
    base image version in a
    vSphere Trust Authority
    Cluster.
    GET https://<vcenter_ip_address_or_fqdn>/api/vcenter/trusted-infrastructure/trust-authority-clusters/<
    cluster
    >/attestation/os/esx/base-images/<
    version
    >?vmw-task=true
    You receive the task ID in the response body. You can use the task ID to check the status of the task by running the following HTTP request.
    GET https://<vcenter_ip_address_or_fqdn>/api/cis/tasks/<
    task_ID
    >