In
Automation Assembler
, create a cloud account. Add a cloud zone to the cloud account and add a flavor mapping and image mapping to the cloud zone.
In your browser or HTTP client application, verify that all general prerequisites and prerequisites for the
Automation Assembler
Infrastructure as a Service (IaaS) service have been satisfied. See Prerequisites for API Use Case Examples.
Create a project with the cloud zone that you created using the
Automation Assembler
UI. Include a sensitive custom property for the Active Directory (AD) password. In this way, when users related to the project provision resources with the project, they have the same AD password.
The following example shows the AD password enclosed with the
((sensitive:
prefix and the
))
suffix to mark it as sensitive.
curl -X POST \
  "$url/iaas/api/projects?apiVersion=$api_version"
  -H 'Content-Type: application/json' 
  -H "Authorization: Bearer $access_token" 
  -d '{    
      "name" : "example-project", 
      "customProperties": {
           "activeDirectoryPassword":((sensitive:My-password123!))"
      }
  }' | jq "."
A snippet of the response lists the project ID.
...
  "name": "example-project",
  "description": "This is an example project",
  "id": "5944aacb-91de-4541-bb9e-ef2a5403f81b",
  "organizationId": "8327d53f-91ea-420a-8613-ba8f3149db95",
...
Provision a virtual machine with sensitive data.
The following example includes the custom property
costCenterPassword
and a password for remote access, with values that are both marked as sensitive using the
((sensitive:
prefix and the
))
suffix. The request body also includes the ID of the project with the encrypted AD password.
curl -X POST \
  "$url/iaas/api/machines?apiVersion=$api_version"
  -H 'Content-Type: application/json' 
  -H "Authorization: Bearer $access_token" 
  -d '{    
      "name" : "example-vm", 
      "image" : "ubuntu", 
      "flavor" : "small", 
      "projectId" : "5944aacb-91de-4541-bb9e-ef2a5403f81b", 
      "customProperties": {
           "costCenterPassword":"((sensitive:Pass4costCtr$$$))"
      "remoteAccess": {
           "authentication":"usernamePassword",
           "username":"example-user",
           "password":"((sensitive:example-sensitive-pass!123))"
    }
  }' | jq "."
The password for remote access is marked sensitive as an example. If left unmarked, the remote access password is encrypted because it is sensitive by default.
After successfully provisioning the machine, issue a
GET /iaas/api/machines
request to obtain information about the machine.
In a snippet of the response, values for the custom property
costCenterPassword
and remote access password are encrypted and appear in their encrypted form with the
((secret:v1:
prefix as in the following example.
..."customProperties": {
    ...
    "costCenterPassword": "((secret:v1:AAHeSZhRynh8+NSdswAdsfdsgSDffhbfh))",
    ...
},
...
"bootConfig": {
   "content": "#cloud-config\nusers:\n- default\n- name: example-user\n ...\n passwd: ((secret:v1:AAFPdqFQBiJbGKdklseiHSN28ckjSghjngj))\n..."
}
...
自动化
converts the remote access information in the request into a cloud config script in the response. The encrypted password appears as a content value in the
bootConfig
.

Verify that the remote access password works

$ ssh example-user@192.168.12.1234