appliance vcenter settings v1: desired state
The
desired_state
structure defines the configuration about different components in vCenter. Warning: This structure is available as Technology Preview. These are early access APIs provided to test, automate and provide feedback on the feature. Since this can change based on feedback, VMware does not guarantee backwards compatibility and recommends against using them in production environments. Some Technology Preview APIs might only be applicable to specific environments.Representation:
{
"authmgmt" : {
"global_permission_list" : [
{
"principal" : {
"name" : "string",
"group" : true
},
"propagate" : true,
"role_ids" : [
1,
1
]
},
{
"principal" : {
"name" : "string",
"group" : true
},
"propagate" : true,
"role_ids" : [
1,
1
]
}
],
"token_policy" : {
"clock_tolerance" : 1,
"token_delegation" : 1,
"token_renewal" : 1,
"bearer_refresh" : 1,
"hok_refresh" : 1
},
"lockout_policy" : {
"failed_login_attempts" : 1,
"failure_interval" : 1,
"unlock_time" : 1
},
"password_policy" : {
"uppercase_chars" : 1,
"min_length" : 1,
"alpha_chars" : 1,
"max_life" : 1,
"special_chars" : 1,
"lowercase_chars" : 1,
"numeric_chars" : 1,
"adj_identical_chars" : 1,
"password_reuse" : 1,
"max_length" : 1
},
"role_list" : [
{
"privilege_id" : [
"string",
"string"
],
"name" : "string",
"description" : "string",
"id" : 1
},
{
"privilege_id" : [
"string",
"string"
],
"name" : "string",
"description" : "string",
"id" : 1
}
],
"privileges_list" : [
{
"is_on_parent" : true,
"description" : "string",
"id" : "string",
"group" : "string"
},
{
"is_on_parent" : true,
"description" : "string",
"id" : "string",
"group" : "string"
}
]
},
"appliance" : {
"software_update_policy" : {
"password" : "secret string",
"auto_stage" : "DISABLED",
"certificate_check" : true,
"default_URL" : "string",
"check_schedule" : {
"hour" : "string",
"day" : "MONDAY",
"minute" : "string"
},
"custom_URL" : "string",
"username" : "string"
},
"time_sync" : {
"mode" : "DISABLED"
},
"smtp" : {
"relay_port" : "string",
"mail_server" : "string"
},
"ssh" : {
"enabled" : true
},
"local_accounts_policy" : {
"warn_days" : 1,
"max_days" : 1,
"min_days" : 1
},
"console_cli" : {
"enabled" : true
},
"ntp" : {
"servers" : [
"string",
"string"
]
},
"syslog" : [
{
"hostname" : "string",
"protocol" : "TLS",
"port" : 1
},
{
"hostname" : "string",
"protocol" : "TLS",
"port" : 1
}
],
"time_zone" : {
"name" : "string"
},
"network" : {
"dns_server_configuration" : {
"mode" : "DHCP",
"servers" : [
"string",
"string"
]
},
"firewall_rule_policies" : [
{
"address" : "string",
"prefix" : 1,
"interface_name" : "string",
"policy" : "IGNORE"
},
{
"address" : "string",
"prefix" : 1,
"interface_name" : "string",
"policy" : "IGNORE"
}
],
"proxy_configuration" : [
{
"server" : "string",
"protocol" : "HTTP",
"password" : "secret string",
"port" : 1,
"enabled" : true,
"username" : "string"
},
{
"server" : "string",
"protocol" : "HTTP",
"password" : "secret string",
"port" : 1,
"enabled" : true,
"username" : "string"
}
]
},
"backup_schedules" : [
{
"recurrence_info" : {
"hour" : 1,
"days" : [
"MONDAY",
"MONDAY"
],
"minute" : 1
},
"backup_password" : "secret string",
"enable" : true,
"parts" : [
"string",
"string"
],
"location" : "http://myurl.com",
"location_password" : "secret string",
"schedule_id" : "string",
"location_user" : "string",
"retention_info" : {
"max_count" : 1
}
},
{
"recurrence_info" : {
"hour" : 1,
"days" : [
"MONDAY",
"MONDAY"
],
"minute" : 1
},
"backup_password" : "secret string",
"enable" : true,
"parts" : [
"string",
"string"
],
"location" : "http://myurl.com",
"location_password" : "secret string",
"schedule_id" : "string",
"location_user" : "string",
"retention_info" : {
"max_count" : 1
}
}
],
"shell" : {
"enabled" : true,
"timeout" : 1
},
"root_local_account" : {
"warn_days_before_password_expiration" : 1,
"password" : "secret string",
"min_days_between_password_change" : 1,
"roles" : [
"string",
"string"
],
"password_expires_at" : "2015-01-01T22:13:05.651Z",
"fullname" : "string",
"last_password_change" : "2015-01-01T22:13:05.651Z",
"enabled" : true,
"email" : "string",
"has_password" : true,
"max_days_between_password_change" : 1
},
"dcui" : {
"enabled" : true
}
}
}
"authmgmt" : {
"global_permission_list" : [
{
"principal" : {
"name" : "string",
"group" : true
},
"propagate" : true,
"role_ids" : [
1,
1
]
},
{
"principal" : {
"name" : "string",
"group" : true
},
"propagate" : true,
"role_ids" : [
1,
1
]
}
],
"token_policy" : {
"clock_tolerance" : 1,
"token_delegation" : 1,
"token_renewal" : 1,
"bearer_refresh" : 1,
"hok_refresh" : 1
},
"lockout_policy" : {
"failed_login_attempts" : 1,
"failure_interval" : 1,
"unlock_time" : 1
},
"password_policy" : {
"uppercase_chars" : 1,
"min_length" : 1,
"alpha_chars" : 1,
"max_life" : 1,
"special_chars" : 1,
"lowercase_chars" : 1,
"numeric_chars" : 1,
"adj_identical_chars" : 1,
"password_reuse" : 1,
"max_length" : 1
},
"role_list" : [
{
"privilege_id" : [
"string",
"string"
],
"name" : "string",
"description" : "string",
"id" : 1
},
{
"privilege_id" : [
"string",
"string"
],
"name" : "string",
"description" : "string",
"id" : 1
}
],
"privileges_list" : [
{
"is_on_parent" : true,
"description" : "string",
"id" : "string",
"group" : "string"
},
{
"is_on_parent" : true,
"description" : "string",
"id" : "string",
"group" : "string"
}
]
},
"appliance" : {
"software_update_policy" : {
"password" : "secret string",
"auto_stage" : "DISABLED",
"certificate_check" : true,
"default_URL" : "string",
"check_schedule" : {
"hour" : "string",
"day" : "MONDAY",
"minute" : "string"
},
"custom_URL" : "string",
"username" : "string"
},
"time_sync" : {
"mode" : "DISABLED"
},
"smtp" : {
"relay_port" : "string",
"mail_server" : "string"
},
"ssh" : {
"enabled" : true
},
"local_accounts_policy" : {
"warn_days" : 1,
"max_days" : 1,
"min_days" : 1
},
"console_cli" : {
"enabled" : true
},
"ntp" : {
"servers" : [
"string",
"string"
]
},
"syslog" : [
{
"hostname" : "string",
"protocol" : "TLS",
"port" : 1
},
{
"hostname" : "string",
"protocol" : "TLS",
"port" : 1
}
],
"time_zone" : {
"name" : "string"
},
"network" : {
"dns_server_configuration" : {
"mode" : "DHCP",
"servers" : [
"string",
"string"
]
},
"firewall_rule_policies" : [
{
"address" : "string",
"prefix" : 1,
"interface_name" : "string",
"policy" : "IGNORE"
},
{
"address" : "string",
"prefix" : 1,
"interface_name" : "string",
"policy" : "IGNORE"
}
],
"proxy_configuration" : [
{
"server" : "string",
"protocol" : "HTTP",
"password" : "secret string",
"port" : 1,
"enabled" : true,
"username" : "string"
},
{
"server" : "string",
"protocol" : "HTTP",
"password" : "secret string",
"port" : 1,
"enabled" : true,
"username" : "string"
}
]
},
"backup_schedules" : [
{
"recurrence_info" : {
"hour" : 1,
"days" : [
"MONDAY",
"MONDAY"
],
"minute" : 1
},
"backup_password" : "secret string",
"enable" : true,
"parts" : [
"string",
"string"
],
"location" : "http://myurl.com",
"location_password" : "secret string",
"schedule_id" : "string",
"location_user" : "string",
"retention_info" : {
"max_count" : 1
}
},
{
"recurrence_info" : {
"hour" : 1,
"days" : [
"MONDAY",
"MONDAY"
],
"minute" : 1
},
"backup_password" : "secret string",
"enable" : true,
"parts" : [
"string",
"string"
],
"location" : "http://myurl.com",
"location_password" : "secret string",
"schedule_id" : "string",
"location_user" : "string",
"retention_info" : {
"max_count" : 1
}
}
],
"shell" : {
"enabled" : true,
"timeout" : 1
},
"root_local_account" : {
"warn_days_before_password_expiration" : 1,
"password" : "secret string",
"min_days_between_password_change" : 1,
"roles" : [
"string",
"string"
],
"password_expires_at" : "2015-01-01T22:13:05.651Z",
"fullname" : "string",
"last_password_change" : "2015-01-01T22:13:05.651Z",
"enabled" : true,
"email" : "string",
"has_password" : true,
"max_days_between_password_change" : 1
},
"dcui" : {
"enabled" : true
}
}
}
Attributes:
Name | Type | Description |
---|---|---|
Required | ||
appliance.software_update_policy.auto_stage | string | Check for update at the pre-configured repository URL. Defines state for automatic update notification. auto_update_notification enumerated type Value is one of:DISABLED: Automatic update notification is disabled. Disable periodically query the configured url for updates. ENABLED: Automatic update notification is enabled. Enable periodically query the configured url for updates.Only set if auto stage is enable. |
appliance.software_update_policy.certificate_check | boolean | Indicates whether certificates will be checked during patching. Warning: If this field is set to false, an insecure connection is made to the update repository which can potentially put the appliance security at risk. |
appliance.backup_schedules[].location | URI | URL of the backup location. Only set if URL is set in BackupSchedule. |
appliance.backup_schedules[].recurrence_info.minute | long | Minute when backup should run. Only set if minute is present in Recurrence Info of backup schedule. |
appliance.backup_schedules[].recurrence_info.hour | long | Hour when backup should run. The hour should be specified in 24-hour clock format. Only set if hour is present in Recurrence Info of backup schedule. |
appliance.backup_schedules[].retention_info.max_count | long | Number of backups which should be retained. If retention is not set, all the backups will be retained forever. |
appliance.backup_schedules[].schedule_id | string | Identifier of the schedule. |
appliance.ssh | ssh | Get/Set enabled state of SSH-based controlled CLI. ssh service provides operations |
appliance.ssh.enabled | boolean | Set enabled state of the SSH-based controlled CLI. |
appliance.dcui | dcui | Get/Set enabled of Direct Console User Interface (DCUI TTY2). dcui service provides operations |
appliance.dcui.enabled | boolean | Set enabled state of Direct Console User Interface (DCUI). |
appliance.console_cli | consolecli | Get/Set enabled state of the console-based controlled CLI. consolecli service provides operations |
appliance.console_cli.enabled | boolean | Set enabled state of the console-based controlled CLI (TTY1). |
appliance.shell | shell | Get/Set enabled state of BASH. shell service provides operations |
appliance.shell.enabled | boolean | Enabled can be set to true or false |
appliance.shell.timeout | long | The timeout (in seconds) specifies how long you enable the Shell access. The maximum timeout is 86400 seconds(1 day). |
appliance.time_sync.mode | string | Defines time synchronization modes Value is one of: DISABLED: Time synchronization is disabled. NTP: NTP-based time synchronization. HOST: VMware Tool-based time synchronization. |
appliance.ntp.servers | string[] | Set NTP servers. This variable updates old NTP servers from configuration and sets the input NTP servers in the configuration. |
appliance.root_local_account.enabled | boolean | Flag indicating if the account is enabled |
appliance.root_local_account.has_password | boolean | Is the user password set. |
appliance.network.dns_server_configuration.mode | string | Define how to determine the DNS servers. Leave the servers argument empty if the mode argument is "DHCP". Set the servers argument to a comma-separated list of DNS servers if the mode argument is "static". The DNS server are assigned from the specified list. Describes DNS Server source (DHCP,static). Value is one of: DHCP: DNS address is automatically assigned by a DHCP server. STATIC: DNS address is static. |
appliance.network.dns_server_configuration.servers | string[] | List of the currently used DNS servers. DNS server configuration. |
authmgmt.privileges_list | privileges[] | List of Privileges. |
authmgmt.global_permission_list | global_permission[] | List of Global Permission. |
authmgmt.role_list | roles[] | List of Roles. |
authmgmt.password_policy.special_chars | long | Minimum special characters. |
authmgmt.password_policy.alpha_chars | long | Minimum alphabetic characters. |
authmgmt.password_policy.uppercase_chars | long | Minimum uppercase characters. |
authmgmt.password_policy.lowercase_chars | long | Minimum lowercase characters. |
authmgmt.password_policy.numeric_chars | long | Minimum numeric characters. |
authmgmt.password_policy.adj_identical_chars | long | Maximum adjacent identical characters. |
authmgmt.password_policy.password_reuse | long | Previous password reuse restriction. |
authmgmt.password_policy.max_life | long | Maximum lifetime. |
authmgmt.password_policy.max_length | long | Maximum length. |
authmgmt.password_policy.min_length | long | Minimum length. |
authmgmt.token_policy.clock_tolerance | long | Clock tolerance ms. |
authmgmt.token_policy.token_renewal | long | Maximum token renewal count. |
authmgmt.token_policy.token_delegation | long | Maximum token delegation count. |
authmgmt.token_policy.bearer_refresh | long | Maximum Bearer RefreshToken lifetime. |
authmgmt.token_policy.hok_refresh | long | Maximum HoK RefreshToken lifetime. |
authmgmt.lockout_policy.failed_login_attempts | long | Maximum number of failed login attempts. |
authmgmt.lockout_policy.failure_interval | long | Time interval between failures. |
authmgmt.lockout_policy.unlock_time | long | Unlock time. |
Optional | ||
appliance | appliance_management | Appliance Management component desired spec. Warning: This attribute is available as Technology Preview. These are early access APIs provided to test, automate and provide feedback on the feature. Since this can change based on feedback, VMware does not guarantee backwards compatibility and recommends against using them in production environments. Some Technology Preview APIs might only be applicable to specific environments. Optional. |
appliance.software_update_policy | software_update_policy | Policy to update vCenter. Optional. Only set if the SoftwareUpdatePolicy is set inside vCenter. |
appliance.software_update_policy.custom_URL | string | Current appliance update repository URL. Enter "default" to reset the url to the default url. Optional. Only set if custom URL required. |
appliance.software_update_policy.default_URL | string | Default appliance update repository URL. Optional. Only set if default URL required. |
appliance.software_update_policy.check_schedule | time | The time structure defines day and time the automatic check for new updates will be run. Optional. Only set if Time required. |
appliance.software_update_policy.check_schedule.hour | string | Time to query for updates Format: HH:MM:SS Military (24 hour) Time Format Optional. Only set if hour is present in SoftwareUpdatePolicy. |
appliance.software_update_policy.check_schedule.minute | string | Time to query for updates Format: HH:MM:SS Military (24 hour) Time Format Optional. Only set if minute is present in SoftwareUpdatePolicy. |
appliance.software_update_policy.check_schedule.day | string | Day to query for updates Optional. Only set if minute is present in SoftwareUpdatePolicy. |
appliance.software_update_policy.username | string | Username for the url update repository Optional. Only set if SoftwareUpdatePolicy requires username. |
appliance.software_update_policy.password | secret | Password for the url update repository Optional. Only set if SoftwareUpdatePolicy requires password. |
appliance.backup_schedules | backup_schedule[] | Backup schedule of vCenter. Optional. Only set if the Backup is schedule for vCenter. |
appliance.backup_schedules[].parts | string[] | List of optional parts to be backed up. Use the list operation to get information about the supported parts. Optional. If unset all the optional parts will not be backed up. |
appliance.backup_schedules[].backup_password | secret | Password for a backup piece. The backupPassword must adhere to the following password requirements: At least 8 characters, cannot be more than 20 characters in length. At least 1 uppercase letter. At least 1 lowercase letter. At least 1 numeric digit. At least 1 special character (i.e. any character not in [0-9,a-z,A-Z]). Only visible ASCII characters (for example, no space). Optional. If unset the backup piece will not be encrypted. |
appliance.backup_schedules[].location_user | string | Username for the given location. Optional. If unset authentication will not be used for the specified location. |
appliance.backup_schedules[].location_password | secret | Password for the given location. Optional. If unset authentication will not be used for the specified location. |
appliance.backup_schedules[].enable | boolean | Enable or disable a schedule. Optional. If unset the schedule will be enabled. |
appliance.backup_schedules[].recurrence_info | recurrence_info | Recurrence information for the schedule. Optional. If unset backup job will not be scheduled. See appliance.vcenter.settings.v1.config.components.applmgmt.recurrence_info. |
appliance.backup_schedules[].recurrence_info.days | string[] | Day of week when the backup should be run. Days can be specified as list of days. Optional. If unset the backup will be run everyday. |
appliance.backup_schedules[].retention_info | retention_info | Retention information for the schedule. Optional. If unset all the completed backup jobs will be retained forever. See appliance.vcenter.settings.v1.config.components.applmgmt.retention_info. |
appliance.time_zone | timezone | The timezone service provides operations to get and set the appliance timezone. Optional. Only set if the Timezone is set in vCenter. |
appliance.time_zone.name | string | Set time zone. Optional. |
appliance.time_sync | timesync | timesync service provides operations Performs time synchronization configuration. Optional. Only set if the time sync mode is set in vCenter. |
appliance.ntp | ntp | ntp service provides operations Gets NTP configuration status and tests connection to ntp servers. Optional. Only set if the ntp server are set in vCenter. |
appliance.syslog | log_forwarding[] | The syslog service provides operations to manage forwarding of log messages to remote logging servers. Optional. Only set if log forwarding to remote server are set in vCenter. |
appliance.local_accounts_policy | local_accounts_policy | The localAccountsPolicy service provides operations to manage local user accounts. Optional. Only set if Password Policy is set to manage local user accounts. |
appliance.local_accounts_policy.max_days | long | Maximum number of days a password may be used. If the password is older than this, a password change will be forced. Optional. If unset then the restriction will be ignored. |
appliance.local_accounts_policy.min_days | long | Minimum number of days allowed between password changes. Any password changes attempted sooner than this will be rejected. Optional. If unset then the restriction will be ignored. |
appliance.local_accounts_policy.warn_days | long | Number of days warning given before a password expires. A zero means warning is given only upon the day of expiration. Optional. If unset then no warning will be provided. |
appliance.root_local_account | local_accounts | The local_accounts service provides operations to manage local user account. Optional. |
appliance.root_local_account.fullname | string | Full name of the user Optional. If unset, the value was never set. |
appliance.root_local_account.roles | string[] | User roles Optional. |
appliance.root_local_account.last_password_change | date_time | Date and time password was changed. Optional. If unset, the password was never set. |
appliance.root_local_account.password_expires_at | date_time | Date when the account's password will expire Optional. If unset, the password never expires. |
appliance.root_local_account.min_days_between_password_change | long | Minimum number of days between password change Optional. If unset, pasword can be changed any time. |
appliance.root_local_account.max_days_between_password_change | long | Maximum number of days between password change Optional. If unset, password never expires. |
appliance.root_local_account.warn_days_before_password_expiration | long | Number of days of warning before password expires Optional. If unset, a user is never warned. |
appliance.root_local_account.password | secret | Password Optional. If unset, value will not be changed. |
appliance.root_local_account.email | string | Email address of the local account Optional. If unset, value will not be changed. |
appliance.smtp | smtp | The local_accounts service provides operations to manage local user account. Optional. |
appliance.smtp.mail_server | string | Mail server IP address. Optional. If unset then the value will be ignored. |
appliance.smtp.relay_port | string | Relay port number. Optional. If unset then the value will be ignored. |
appliance.network | appliance_network | Network configurations to be applied. Optional. Only set if the network configurations are set in vCenter. |
appliance.network.firewall_rule_policies | firewall_rule_policy[] | List of Firewall Rules to be applied. Optional. Only set if the FirewallRulePolicy is set in vCenter. |
appliance.network.dns_server_configuration | dns_server_configuration | DNS configuration to be applied. Optional. Only set if the DnsServerConfiguration is set in vCenter. |
appliance.network.proxy_configuration | proxy_configuration[] | Proxy configuration to be applied. Optional. Only set if the Proxy server configuration is set in vCenter. |
authmgmt | authentication_management | Authentication Management component desired spec. Warning: This attribute is available as Technology Preview. These are early access APIs provided to test, automate and provide feedback on the feature. Since this can change based on feedback, VMware does not guarantee backwards compatibility and recommends against using them in production environments. Some Technology Preview APIs might only be applicable to specific environments. Optional. |
authmgmt.password_policy | password_policy | Password Policy. Optional. |
authmgmt.token_policy | token_policy | Token Policy. Optional. |
authmgmt.lockout_policy | lockout_policy | Lockout Policy. Optional. |