REST API - create-task

vcenter trusted infrastructure trust authority clusters kms providers: create-task

Add a new Key Provider. This operation was added in vSphere API 7.0.0.

Request:

HTTP request

POST https://{server}/api/vcenter/trusted-infrastructure/trust-authority-clusters/{cluster}/kms/providers

?vmw-task=true
{
    "key_server"{
        "proxy_server"{
            "hostname""string",
            "port"1
        },
        "description""string",
        "kmip_server"{
            "servers"[
                {
                    "address"{
                        "hostname""string",
                        "port"1
                    },
                    "name""string"
                },
                {
                    "address"{
                        "hostname""string",
                        "port"1
                    },
                    "name""string"
                }
            ],
            "username""string"
        },
        "type""KMIP",
        "connection_timeout"1
    },
    "provider""obj-103",
    "master_key_id""string"
}

Path Parameters

Name Type Description
Required
cluster string Identifier of the cluster.

Body Parameters:

Name Type Description
bold = required
- create_spec Provider information.
-.provider string Name of the provider.

A unique string chosen by the client.

. This attribute was added in vSphere API 7.0.0.

When clients pass a value of this structure as a parameter, the field must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.trust_authority_clusters.kms.Provider. When operations return a value of this structure as a result, the field will be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.trust_authority_clusters.kms.Provider.

-.master_key_id string Master key ID created for the provider.

A unique Key ID.

. This attribute was added in vSphere API 7.0.0.

-.key_server key_server_create_spec Key server associated with this Provider. This attribute was added in vSphere API 7.0.0.

-.key_server.type string Type of the key server. This attribute was added in vSphere API 7.0.0.

Lists the key server types. This enumeration was added in vSphere API 7.0.0. Value is one of:
KMIP: Key Management Interoperability Protocol (KMIP) based key management server. This constant was added in vSphere API 7.0.0.

-.key_server.description string Description of the key server. This attribute was added in vSphere API 7.0.0.

Optional. If unset, description will not be added.

-.key_server.proxy_server network_address Proxy server configuration. This attribute was added in vSphere API 7.0.0.

Optional. If unset, the key server will not use a proxy server.

-.key_server.proxy_server.hostname string The IP address or DNS resolvable name of the service. This attribute was added in vSphere API 7.0.0.

-.key_server.proxy_server.port long The port of the service. This attribute was added in vSphere API 7.0.0.

Optional. If unset, port 443 will be used.

-.key_server.connection_timeout long Connection timeout in seconds. This attribute was added in vSphere API 7.0.0.

Optional. If unset, connection timeout will not be set.

-.key_server.kmip_server kmip_server_create_spec Configuration information for Key Management Interoperability Protocol (KMIP) based key server. This attribute was added in vSphere API 7.0.0.

Optional. It is only relevant when type has value KMIP. This field is optional and it is only relevant when the value of type is KMIP.

-.key_server.kmip_server.servers server[] List of Key Management Interoperability Protocol (KMIP) compliant key servers.

Key servers must be configured for active-active replication. If the server port is unset, a default value for KMIP's port will be used.

. This attribute was added in vSphere API 7.0.0.

-.key_server.kmip_server.username string Username for authentication. This attribute was added in vSphere API 7.0.0.

Optional. If unset, no username will be added.

Response:

HTTP Status Code: 202

Response Body Structure:

"obj-103"

Headers:

None

Type:

Name Type Description
bold = required
- string

Errors:

HTTP Status Code Type Description
400 already_exists If the provider already exists.
400 invalid_argument If the spec is invalid or cluster id is empty.
404 not_found If the cluster is not found.
401 unauthenticated If the caller is not authenticated.
500 error For any other error.