You can use the ServicesAppliedConfig interface from the com.vmware.vcenter.trusted_infrastructure.trusted_clusters.kms, com.vmware.vcenter.trusted_infrastructure.trusted_clusters.attestation, and com.vmware.vcenter.trusted_infrastructure.trusted_clusters packages to retrieve information about the health of the applied vSphere Trust Authority component configurations in a Trusted Cluster.

You can retrieve basic and detailed information about the health of Key Provider Service or Attestation Service configurations applied to a Trusted Cluster with respect to the desired state. You can also retrieve detailed information about the health of all applied vSphere Trust Authority component configurations in a Trusted Cluster.

Prerequisites

  • Verify that you have access to a working vSphere Trust Authority environment.
  • Verify that you have Trusted Infrastructure administrative privileges.

Procedure

  1. Retrieve a summary about the health status of all Key Provider Service instances configured for use in a Trusted Cluster by calling the list_Task(java.lang.String cluster, ServicesAppliedConfigTypes.FilterSpec spec) method of the ServicesAppliedConfig interface from the com.vmware.vcenter.trusted_infrastructure.trusted_clusters.kms package.

    If the operation is successful, you can verify whether all Key Provider Service configurations of the Trusted Cluster are applied successfully and every host in the cluster is consistent with the desired state.

  2. Retrieve detailed information about the health status of a specific Key Provider Service instance configured for use in a Trusted Cluster by calling the get_Task(java.lang.String cluster, NetworkAddress address) method of the ServicesAppliedConfig interface from the com.vmware.vcenter.trusted_infrastructure.trusted_clusters.kms package.

    If the operation is successful, you can verify whether the specified Key Provider Service configuration of the Trusted Cluster is applied successfully and every host in the cluster is consistent with the desired state.

  3. Retrieve a summary about the health status of all Attestation Service instances configured for use in a Trusted Cluster by calling the list_Task(java.lang.String cluster, ServicesAppliedConfigTypes.FilterSpec spec) method of the ServicesAppliedConfig interface from the com.vmware.vcenter.trusted_infrastructure.trusted_clusters.attestation package.

    If the operation is successful, you can verify whether all Attestation Service configurations of the Trusted Cluster are applied successfully and every host in the cluster is consistent with the desired state.

  4. Retrieve detailed information about the health status of a specific Attestation Service instance configured for use in a Trusted Cluster by calling the get_Task(java.lang.String cluster, NetworkAddress address) method of the ServicesAppliedConfig interface from the com.vmware.vcenter.trusted_infrastructure.trusted_clusters.attestation package.

    If the operation is successful, you can verify whether the specified Attestation Service configuration of the Trusted Cluster is applied successfully and every host in the cluster is consistent with the desired state.

  5. Retrieve detailed information about the health status of all vSphere Trust Authority components configured for use in a Trusted Cluster by calling the get_Task(java.lang.String cluster) method of the ServicesAppliedConfig interface from the com.vmware.vcenter.trusted_infrastructure.trusted_clusters package.

    If the operation is successful, you can verify whether the vSphere Trust Authority component configuration is applied successfully and every host in the cluster is consistent with the desired state.

What to do next

If there are errors, you can try to remediate the Trusted Cluster. See Remediate a Trusted Cluster.