vcenter trusted infrastructure trust authority clusters kms providers: create spec

The create_spec structure contains fields that describe the desired configuration for a new Key Provider. This structure was added in vSphere API 7.0.0.

Representation:

{
    "key_server"{
        "proxy_server"{
            "hostname""string",
            "port"1
        },
        "description""string",
        "kmip_server"{
            "servers"[
                {
                    "address"{
                        "hostname""string",
                        "port"1
                    },
                    "name""string"
                },
                {
                    "address"{
                        "hostname""string",
                        "port"1
                    },
                    "name""string"
                }
            ],
            "username""string"
        },
        "type""KMIP",
        "connection_timeout"1
    },
    "provider""obj-103",
    "master_key_id""string"
}

Attributes:

Name Type Description
Required
provider string Name of the provider.

A unique string chosen by the client.

. This attribute was added in vSphere API 7.0.0.

When clients pass a value of this structure as a parameter, the field must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.trust_authority_clusters.kms.Provider. When operations return a value of this structure as a result, the field will be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.trust_authority_clusters.kms.Provider.

master_key_id string Master key ID created for the provider.

A unique Key ID.

. This attribute was added in vSphere API 7.0.0.

key_server key_server_create_spec Key server associated with this Provider. This attribute was added in vSphere API 7.0.0.

key_server.type string Type of the key server. This attribute was added in vSphere API 7.0.0.

Lists the key server types. This enumeration was added in vSphere API 7.0.0. Value is one of:
KMIP: Key Management Interoperability Protocol (KMIP) based key management server. This constant was added in vSphere API 7.0.0.

key_server.proxy_server.hostname string The IP address or DNS resolvable name of the service. This attribute was added in vSphere API 7.0.0.

key_server.kmip_server.servers server[] List of Key Management Interoperability Protocol (KMIP) compliant key servers.

Key servers must be configured for active-active replication. If the server port is unset, a default value for KMIP's port will be used.

. This attribute was added in vSphere API 7.0.0.

Optional
key_server.description string Description of the key server. This attribute was added in vSphere API 7.0.0.

Optional. If unset, description will not be added.

key_server.proxy_server network_address Proxy server configuration. This attribute was added in vSphere API 7.0.0.

Optional. If unset, the key server will not use a proxy server.

key_server.proxy_server.port long The port of the service. This attribute was added in vSphere API 7.0.0.

Optional. If unset, port 443 will be used.

key_server.connection_timeout long Connection timeout in seconds. This attribute was added in vSphere API 7.0.0.

Optional. If unset, connection timeout will not be set.

key_server.kmip_server kmip_server_create_spec Configuration information for Key Management Interoperability Protocol (KMIP) based key server. This attribute was added in vSphere API 7.0.0.

Optional. It is only relevant when type has value KMIP. This field is optional and it is only relevant when the value of type is KMIP.

key_server.kmip_server.username string Username for authentication. This attribute was added in vSphere API 7.0.0.

Optional. If unset, no username will be added.