REST API - list

vcenter trusted infrastructure trust authority hosts kms: list

Returns a list of the hosts running a Key Provider Service matching the specified vcenter.trusted_infrastructure.trust_authority_hosts.kms.filter_spec. This operation was added in vSphere API 7.0.0.

Request:

HTTP request

POST https://{server}/api/vcenter/trusted-infrastructure/trust-authority-hosts/kms

?projection={value}
&action=query
{
    "address"[
        {
            "hostname""string",
            "port"1
        },
        {
            "hostname""string",
            "port"1
        }
    ],
    "hosts"[
        "obj-103",
        "obj-103"
    ],
    "groups"[
        "string",
        "string"
    ],
    "clusters"[
        "obj-103",
        "obj-103"
    ]
}

Body Parameters:

Name Type Description
bold = required
- filter_spec Optional. Return details about Key Provider Services matching the filter.
-.hosts string[] A set of host IDs by which to filter the services. This attribute was added in vSphere API 7.0.0.

Optional. If unset, the services will not be filtered by the hosts on which they run.When clients pass a value of this structure as a parameter, the field must contain identifiers for the resource type: HostSystem. When operations return a value of this structure as a result, the field will contain identifiers for the resource type: HostSystem.

-.clusters string[] A set of cluster IDs by which to filter the services. This attribute was added in vSphere API 7.0.0.

Optional. If unset, the services will not be filtered by the clusters on which they run.When clients pass a value of this structure as a parameter, the field must contain identifiers for the resource type: ClusterComputeResource. When operations return a value of this structure as a result, the field will contain identifiers for the resource type: ClusterComputeResource.

-.address network_address[] The service's address. This attribute was added in vSphere API 7.0.0.

Optional. If unset, the services will not be filtered by address.

-.address[].hostname string The IP address or DNS resolvable name of the service. This attribute was added in vSphere API 7.0.0.

-.address[].port long The port of the service. This attribute was added in vSphere API 7.0.0.

Optional. If unset, port 443 will be used.

-.groups string[] The group determines reports issued by which Attestation Service instances this Key Provider Service can accept. This attribute was added in vSphere API 7.0.0.

Optional. If unset, the services will not be filtered by groupId.

Query Parameters:

Name Type Description
bold = required
projection string Optional. The type of the returned summary - brief, normal, or full.

Response:

HTTP Status Code: 200

Response Body Structure:

[
    {
        "cluster""string",
        "trusted_CA"{
            "cert_chain"[
                "string",
                "string"
            ]
        },
        "address"{
            "hostname""string",
            "port"1
        },
        "host""obj-103",
        "summary_type""FULL",
        "group""string"
    },
    {
        "cluster""string",
        "trusted_CA"{
            "cert_chain"[
                "string",
                "string"
            ]
        },
        "address"{
            "hostname""string",
            "port"1
        },
        "host""obj-103",
        "summary_type""FULL",
        "group""string"
    }
]

Headers:

None

Type:

Name Type Description
bold = required
- summary[] List of vcenter.trusted_infrastructure.trust_authority_hosts.kms.summary of Key Provider Services.
-[].summary_type string Defines the verbosity of the summary. This attribute was added in vSphere API 7.0.0.

The connection information could include the certificates or be a shorter summary. This enumeration was added in vSphere API 7.0.0. Value is one of:
FULL: The full connection information, including certificates. This constant was added in vSphere API 7.0.0.
NORMAL: A summary containing only the hostname, port, and the group which determines the Attestation Services this Key Provider Service can communicate with. This constant was added in vSphere API 7.0.0.
BRIEF: A brief summary, containing only the hostname for the Key Provider Service. This constant was added in vSphere API 7.0.0.

-[].host string The trusted ESX on which the service runs. This attribute was added in vSphere API 7.0.0.

Optional. It is only relevant when summary_type has value [BRIEF, NORMAL, FULL]. This field is optional and it is only relevant when the value of summary_type is one of BRIEF, NORMAL, or FULL.When clients pass a value of this structure as a parameter, the field must be an identifier for the resource type: HostSystem. When operations return a value of this structure as a result, the field will be an identifier for the resource type: HostSystem.

-[].address network_address The service's address. This attribute was added in vSphere API 7.0.0.

Optional. It is only relevant when summary_type has value [BRIEF, NORMAL, FULL]. This field is optional and it is only relevant when the value of summary_type is one of BRIEF, NORMAL, or FULL.

-[].address.hostname string The IP address or DNS resolvable name of the service. This attribute was added in vSphere API 7.0.0.

-[].address.port long The port of the service. This attribute was added in vSphere API 7.0.0.

Optional. If unset, port 443 will be used.

-[].group string The group ID determines which Attestation Service instances this Key Provider Service can communicate with. This attribute was added in vSphere API 7.0.0.

Optional. It is only relevant when summary_type has value [NORMAL, FULL]. This field is optional and it is only relevant when the value of summary_type is one of NORMAL or FULL.

-[].cluster string The opaque string identifier of the cluster in which the Key Provider Service is part of. This attribute was added in vSphere API 7.0.0.

Optional. It is only relevant when summary_type has value [NORMAL, FULL]. This field is optional and it is only relevant when the value of summary_type is one of NORMAL or FULL.

-[].trusted_CA x509_cert_chain The service's TLS certificate chain. This attribute was added in vSphere API 7.0.0.

Optional. It is only relevant when summary_type has value [FULL]. This field is optional and it is only relevant when the value of summary_type is FULL.

-[].trusted_CA.cert_chain string[] Certificate chain in base64 format. This attribute was added in vSphere API 7.0.0.

Errors:

HTTP Status Code Type Description
500 error if there is a generic error.
400 invalid_argument if the response data will exceed the message limit.
401 unauthenticated if the user can not be authenticated.