TrustedInfrastructureTrustAuthorityClustersAttestationTpm2SettingsInfo
The Settings.Info structure contains information that describes the TPM 2.0 protocol settings.
Properties
Details regarding the health. When the Settings.Health is not OK or NONE, this member will provide an actionable description of the issues present.
The Settings.Health enumerated type is indicator for the consistency of the hosts status in the cluster.
NONE : No status available.
OK : Each host in the cluster is in consistent state with the rest hosts in the cluster.
WARNING : Attestation is functioning, however there is an issue that requires attention.
ERROR : Not all hosts in the cluster are in consistent state.
Possible values are: NONE , OK , WARNING , ERROR
Require TPM endorsement key certificate validation. During attestation, the attested host will send its endorsement key certificate if one is available. With this option set, the Attestation Service will validate the endorsement key certificate against the list of configured trusted TPM CA certificates. Only endorsement key certificates that are signed by a trusted TPM CA certificate will be able to successfully attest.
Require registered TPM endorsement keys. During attestation, the attested host will always send its endorsement key to the Attestation Service. With this option is set, the Attestation Service will only proceed with attestation if the endorsement key has been added to the list of configured trusted endorsement keys.
JSON Example
{
"details": [
{
"args": [
"string"
],
"default_message": "string",
"id": "string"
}
],
"health": "NONE",
"require_certificate_validation": false,
"require_endorsement_keys": false
}
