List Trust Authority Hosts KMS
Returns a list of the hosts running a Key Provider Service matching the specified Kms.FilterSpec. if you do not have all of the privileges described as follows: - Operation execution requires TrustedAdmin.ReadTrustedHosts. - The resource HostSystem referenced by the attribute Kms.FilterSpec.hosts requires System.View. - The resource ClusterComputeResource referenced by the attribute Kms.FilterSpec.clusters requires System.View.
Request
URLURL
https://{api_host}/api/vcenter/trusted-infrastructure/trust-authority-hosts/kms?action=query
Query Parameters
Query Parameters
projection
Optional
The type of the returned summary - brief, normal, or full. If {@term.unset} a normal projection will be used.
Header Parameters
Header Parameters
string
vmware-api-session-id
Required
Required session ID, acquired from Create Session API under CIS product
vmware-api-session-id example
"b00db39f948d13ea1e59b4d6fce56389"
Request Body
Request Body
TrustedInfrastructureTrustAuthorityHostsKmsFilterSpec of mimetype application/json
Optional
Return details about Key Provider Services matching the filter. If {@term.unset} return all registered Key Provider Services.
{
"address": [
{
"hostname": "string",
"port": 0
}
],
"clusters": [
"string"
],
"groups": [
"string"
],
"hosts": [
"string"
]
}
array of
TrustedInfrastructureNetworkAddress
address
Optional
The service’s address. If unset, the services will not be filtered by address.
array of
string
clusters
Optional
A set of cluster IDs by which to filter the services. If unset, the services will not be filtered by the clusters on which they run. When clients pass a value of this structure as a parameter, the field must contain identifiers for the resource type: ClusterComputeResource. When operations return a value of this structure as a result, the field will contain identifiers for the resource type: ClusterComputeResource.
array of
string
groups
Optional
The group determines reports issued by which Attestation Service instances this Key Provider Service can accept. If unset, the services will not be filtered by groupId.
array of
string
hosts
Optional
A set of host IDs by which to filter the services. If unset, the services will not be filtered by the hosts on which they run. When clients pass a value of this structure as a parameter, the field must contain identifiers for the resource type: HostSystem. When operations return a value of this structure as a result, the field will contain identifiers for the resource type: HostSystem.
Authentication
This operation uses the following authentication methods.
Response
Response
Response BodyResponse Body
200 OK returns
array of
TrustedInfrastructureTrustAuthorityHostsKmsSummary
of type application/json
List of Kms.Summary of Key Provider Services.
[
{
"address": {
"hostname": "string",
"port": 0
},
"cluster": "string",
"group": "string",
"host": "string",
"summary_type": "FULL",
"trusted_CA": {
"cert_chain": [
"string"
]
}
}
]
summary_type
Required
The connection information could include the certificates or be a shorter summary.
FULL : The full connection information, including certificates.
NORMAL : A summary containing only the hostname, port, and the group which determines the Attestation Services this Key Provider Service can communicate with.
BRIEF : A brief summary, containing only the hostname for the Key Provider Service.
Possible values are: FULL , NORMAL , BRIEF
address
Optional
The service’s address. This field is optional and it is only relevant when the value of Kms.Summary.summary-type is one of BRIEF, NORMAL, or FULL.
string
cluster
Optional
The opaque string identifier of the cluster in which the Key Provider Service is part of. This field is optional and it is only relevant when the value of Kms.Summary.summary-type is one of NORMAL or FULL.
string
group
Optional
The group ID determines which Attestation Service instances this Key Provider Service can communicate with. This field is optional and it is only relevant when the value of Kms.Summary.summary-type is one of NORMAL or FULL.
string
host
Optional
The trusted ESX on which the service runs. This field is optional and it is only relevant when the value of Kms.Summary.summary-type is one of BRIEF, NORMAL, or FULL. When clients pass a value of this structure as a parameter, the field must be an identifier for the resource type: HostSystem. When operations return a value of this structure as a result, the field will be an identifier for the resource type: HostSystem.
trusted_CA
Optional
The service’s TLS certificate chain. This field is optional and it is only relevant when the value of Kms.Summary.summary-type is FULL.
Errors
400
com.vmware.vapi.std.errors.invalid_argument : if the response data will exceed the message limit.
default
‘Default’ means this response is used for all HTTP codes that are not covered individually for this operation.
Code Samples
PowerCLI Client SDK Example
$TrustedInfrastructureNetworkAddress = Initialize-TrustedInfrastructureNetworkAddress -Hostname "MyHostname" -Port 0
$TrustedInfrastructureTrustAuthorityHostsKmsFilterSpec = Initialize-TrustedInfrastructureTrustAuthorityHostsKmsFilterSpec -Hosts "MyHosts" -Clusters "MyClusters" -Address $TrustedInfrastructureNetworkAddress -Groups "MyGroups"
Invoke-QueryTrustAuthorityHostsKms -Projection "FULL" -TrustedInfrastructureTrustAuthorityHostsKmsFilterSpec $TrustedInfrastructureTrustAuthorityHostsKmsFilterSpec
cURL Command
curl -X POST -H "vmware-api-session-id: b00db39f948d13ea1e59b4d6fce56389" -H "Content-Type: application/json" -d '{"address":[{"hostname":"string","port":0}],"clusters":["string"],"groups":["string"],"hosts":["string"]}' https://{api_host}/api/vcenter/trusted-infrastructure/trust-authority-hosts/kms?action=query
Vendor Extensions
This operation contains the following vendor extensions defined in the spec:
x-vmw-doc-operation: list
Availability
Added in 7.0.0
