Create Trusted Clusters KMS Services Task
Configures the cluster to use a the given registered Key Provider Service.
Request
URLURL
https://{api_host}/api/vcenter/trusted-infrastructure/trusted-clusters/{cluster}/kms/services?vmw-task=true
Path Parameters
Path Parameters
string
cluster
Required
The ID of the cluster. The parameter must be an identifier for the resource type: ClusterComputeResource.
Header Parameters
Header Parameters
string
vmware-api-session-id
Required
Required session ID, acquired from Create Session API under CIS product
vmware-api-session-id example
"b00db39f948d13ea1e59b4d6fce56389"
Request Body
Request Body
TrustedInfrastructureTrustedClustersKmsServicesCreateSpec of mimetype application/json
Required
Describes the registered instance of the Key Provider Service
{
"type": "SERVICE"
}
type
Required
The Services.CreateSpec.SourceType enumerated type specifies source of truth the Key Provider Service will use for its configuration.
SERVICE : The Key Provider Service will be configured based on an ID of an specific Key Provider Service.
CLUSTER : The Key Provider Service will be configured based on an ID of a whole attestation cluster.
Possible values are: SERVICE , CLUSTER
string
service
Optional
The service’s unique ID. This field is optional and it is only relevant when the value of Services.CreateSpec.type is SERVICE. When clients pass a value of this structure as a parameter, the field must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.kms.Service. When operations return a value of this structure as a result, the field will be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.kms.Service.
string
trust_authority_cluster
Optional
The attestation cluster’s unique ID. This field is optional and it is only relevant when the value of Services.CreateSpec.type is CLUSTER.
Authentication
This operation uses the following authentication methods.
Response
Response
Response BodyResponse Body
202 Accepted returns
string
of type application/json
An identifier for the task created by this API invocation will be returned. If the non-async version of the operation returns a value, this id can be used with the CIS Get Task operation to fetch that value. The normal description of this operation’s return value will follow if one exists. ID of the configured Key Provider Service instance. The result will be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.kms.Service.
Errors
400
com.vmware.vapi.std.errors.already_exists : if the Key Provider Service is already configured for this cluster | com.vmware.vapi.std.errors.invalid_argument : if the CreateSpec is not valid.
500
com.vmware.vapi.std.errors.error : for any other error. | com.vmware.vapi.std.errors.unable_to_allocate_resource : if all the hosts in the cluster do not have VMware vSphere Trust Authority enabled license.
default
‘Default’ means this response is used for all HTTP codes that are not covered individually for this operation.
Code Samples
PowerCLI Client SDK Example
$TrustedInfrastructureTrustedClustersKmsServicesCreateSpec = Initialize-TrustedInfrastructureTrustedClustersKmsServicesCreateSpec -Type "SERVICE"
Invoke-CreateClusterKmsServicesAsync -Cluster "MyCluster" -TrustedInfrastructureTrustedClustersKmsServicesCreateSpec $TrustedInfrastructureTrustedClustersKmsServicesCreateSpec
PowerCLI Client SDK All Parameters Example
$TrustedInfrastructureTrustedClustersKmsServicesCreateSpec = Initialize-TrustedInfrastructureTrustedClustersKmsServicesCreateSpec -Type "SERVICE" -Service "MyService" -TrustAuthorityCluster "MyTrustAuthorityCluster"
Invoke-CreateClusterKmsServicesAsync -Cluster "MyCluster" -TrustedInfrastructureTrustedClustersKmsServicesCreateSpec $TrustedInfrastructureTrustedClustersKmsServicesCreateSpec
cURL Command
curl -X POST -H "vmware-api-session-id: b00db39f948d13ea1e59b4d6fce56389" -H "Content-Type: application/json" -d '{"service":"string","trust_authority_cluster":"string","type":"SERVICE"}' https://{api_host}/api/vcenter/trusted-infrastructure/trusted-clusters/{cluster}/kms/services?vmw-task=true
Vendor Extensions
This operation contains the following vendor extensions defined in the spec:
x-vmw-doc-operation: create_task
Availability
Added in 7.0.0
