Vcenter TrustedInfrastructure TrustAuthorityClusters Attestation Tpm2 Settings Info

Vcenter TrustedInfrastructure TrustAuthorityClusters Attestation Tpm2 Settings Info
Vcenter TrustedInfrastructure TrustAuthorityClusters Attestation Tpm2 Settings Info

This schema is deprecated as of vSphere API 8.0.3.0 and removed in vSphere API 9.0.0.0.

The Vcenter TrustedInfrastructure TrustAuthorityClusters Attestation Tpm2 Settings Info schema contains information that describes the TPM 2.0 protocol settings.

This schema was added in vSphere API 7.0.0.0.

JSON Example
{
    "require_endorsement_keys": false,
    "require_certificate_validation": false,
    "health": "string",
    "details": [
        {
            "id": "string",
            "default_message": "string",
            "args": [
                "string"
            ],
            "params": {
                "params": {
                    "s": "string",
                    "dt": "string",
                    "i": 0,
                    "d": "number",
                    "l": "Vapi Std NestedLocalizableMessage Object",
                    "format": "string",
                    "precision": 0
                }
            },
            "localized": "string"
        }
    ]
}
boolean
require_endorsement_keys
Required

This property is deprecated as of vSphere API 8.0.3.0 and removed in vSphere API 9.0.0.0.

Require registered TPM endorsement keys.

During attestation, the attested host will always send its endorsement key to the Attestation Service. With this option is set, the Attestation Service will only proceed with attestation if the endorsement key has been added to the list of configured trusted endorsement keys.

This property was added in vSphere API 7.0.0.0.

boolean
require_certificate_validation
Required

This property is deprecated as of vSphere API 8.0.3.0 and removed in vSphere API 9.0.0.0.

Require TPM endorsement key certificate validation.

During attestation, the attested host will send its endorsement key certificate if one is available. With this option set, the Attestation Service will validate the endorsement key certificate against the list of configured trusted TPM CA certificates. Only endorsement key certificates that are signed by a trusted TPM CA certificate will be able to successfully attest.

This property was added in vSphere API 7.0.0.0.

string
health
Required

This property is deprecated as of vSphere API 8.0.3.0 and removed in vSphere API 9.0.0.0.

A health indicator which indicates whether each host in the cluster has the same attestation settings.

For more information see: Vcenter TrustedInfrastructure TrustAuthorityClusters Attestation Tpm2 Settings Health.

This property was added in vSphere API 7.0.0.0.

details
Required

This property is deprecated as of vSphere API 8.0.3.0 and removed in vSphere API 9.0.0.0.

Details regarding the health.

When the Vcenter TrustedInfrastructure TrustAuthorityClusters Attestation Tpm2 Settings Health is not Vcenter TrustedInfrastructure TrustAuthorityClusters Attestation Tpm2 Settings Health.OK or Vcenter TrustedInfrastructure TrustAuthorityClusters Attestation Tpm2 Settings Health.NONE, this member will provide an actionable description of the issues present.

This property was added in vSphere API 7.0.0.0.

Deprecated