Add a vSphere Cloud Account
vSphere
Cloud Account To create a
vSphere
cloud account,
you make a POST request. The request body includes the parameters specific to vSphere
that are required to create the cloud
account. - Verify that all general prerequisites and prerequisites for theAutomation AssemblerInfrastructure as a Service (IaaS) service have been satisfied. See Prerequisites for API Use Case Examples.
- Verify that you have the following parameters for the new cloud account:
- vSphere host name
- vSphere user name
- vSphere password
- Verify that you have an existingvSphere,NSX-T,NSX-V, or VMC cloud account that you want to associate with the new cloud account and obtain the cloud account ID.
- List all cloud accounts.curl -X GET $url/iaas/api/cloud-accounts?apiVersion=$api_version -H 'Content-Type: application/json' -H "Authorization: Bearer $access_token" | jq "."
- Examine the response to obtain the cloud account ID such as theidvalue in this example.... "name": "vsphere-account-example", "id": "b9fa1b42c767de7558ceff3b78004", "updatedAt": "2022-04-02", "orgId": "f670fdfc-66d6-4689-9793-d524e7066d1e", ...
The following procedure shows how
to create a
vSphere
cloud account that
supports a trusted certificate. To obtain a trusted certificate, you submit a request to
validate asynchronously with the vSphere
cloud account specification. When the validation request
completes successfully, you use the certificate ID from the response to obtain the
trusted certificate that you submit when you create the vSphere
cloud account.
- List all cloud proxies.curl -X GET -H 'Content-Type: application/json' -H "Authorization: Bearer $access_token" "$url/iaas/api/data-collectors?apiVersion=$api_version" | jq "."
- To obtain the data collector ID, examine the response.
- Assign the data collector ID variable.data_collector_id='<your_datacollector_id>'
- Assign thevSphereaccount variables.vsphere_host_name='<your_vsphere_host_name>' vsphere_user='<your_vsphere_user_name>' vsphere_password='<your_vsphere_password>'
- List external region IDs from avSpherecloud account.curl -X POST \ "$url/iaas/api/cloud-accounts-vsphere/region-enumeration?apiVersion=$api_version" \ -H 'Content-Type: application/json' \ -H "Authorization: Bearer $access_token" \ -d '{ "cloudAccountType": "vsphere", "username": "'$vsphere_user'", "password": "'$vsphere_password'", "hostName": "'$vsphere_host_name'", "dcid": "'$data_collector_id'", "acceptSelfSignedCertificate": "false" }' | jq "."
- To obtain the external region ID, examine the response and assign the region ID variable.vsphere_region_id='<your_vsphere_region_id>'
- Submit a request to validate asynchronously with thevSpherecloud account specification.curl -X POST -H 'Content-Type: application/json' -H "Authorization: Bearer $access_token" "$url/iaas/api/cloud-accounts-vsphere?apiVersion=$api_version&validateOnly" | jq "."The response includes a selfLink.{ "progress": 0, "status": "INPROGRESS", "name": "Cloud account specification validation", "id": "example-selfLink-alphanumeric-string", "selfLink": "/iaas/api/request-tracker/example-selfLink-alphanumeric-string" }
- Assign the selfLink variable.selfLink_id='example-selfLink-alphanumeric-string'
- Use the selfLink variable to track the request.curl -X GET -H 'Content-Type: application/json' -H "Authorization: Bearer $access_token" "$url/iaas/api/request-tracker/$selfLink_id?apiVersion=$api_version" | jq "."When the validation request completes successfully, the response includes a resource with the certificate ID.{ "progress": 0, "message": "valid certificate found", "status": "SUCCEEDED", "resources": [ "/iaas/api/certificates/example-certificate-id-string" ], "name": "Cloud account specification validation", "id": "example-selfLink-alphanumeric-string", "selfLink": "/iaas/api/request-tracker/example-selfLink-alphanumeric-string" }
- Assign the certificate ID variable.certificate_id='example-certificate-id-string'
- Submit a request to get the certificate information.PEM_for_X509Certificate='curl -X GET -H 'Content-Type: application/json' -H "Authorization: Bearer $access_token" "$url/iaas/api/certificates/$certificate_id?apiVersion=$api_version" | jq "."'
- Assign the ID of the existing cloud account to associate with the new cloud account.existing_cloud_account_ID='<your_existing_cloud_account_ID>'
- Include the certificate in the request to create avSpherecloud account with default cloud zones.To create avSpherecloud account without default cloud zones, use"createDefaultZones":false.curl -X POST \ "$url/iaas/api/cloud-accounts-vpshere?apiVersion=$api_version" \ -H 'Content-Type: application/json' \ -H "Authorization: Bearer $access_token" \ -d '{ "name": "demo-vsphere-account", "description": "This is a demo vSphere account with default cloud zones", "username": "'$vsphere_user'", "password": "'$vsphere_password'", "hostName": "'$vsphere_host_name'", "acceptSelfSignedCertificate":false, "associatedCloudAccountIds": "'$existing_cloud_account_ID'", "createDefaultZones":true, "dcId": "'$data_collector_id'", "regions":[ { "name": "'$vsphere_region_id'", "ExternalRegionId":"'$vsphere_region_id'" } ], "tags": [ { "key": "env", "value": "dev" } ], "certificateInfo":{ "certificate": "'$PEM_for_X509Certificate'" } }' | jq "."The following example shows how to create avSpherecloud account with multiple cloud account IDs. However, the payload can only include a single NSX-P-Cloud endpoint and a single VMC endpoint."associatedCloudAccountIds": "[\"'$existing_NSXT_cloud_account_ID'\", \"'$existing_VMC_cloud_account_ID'\", \"'$existing_vSphere_cloud_account_ID'\"]",
- List all cloud accounts.curl -X GET $url/iaas/api/cloud-accounts?apiVersion=$api_version -H 'Content-Type: application/json' -H "Authorization: Bearer $access_token" | jq "."
- Examine the response and verify that the name and ID of thevSpherecloud account you created is listed.
Create a
vSphere
Cloud AccountThis example creates a cloud account with
default cloud zones.
Assign the required variables.
$ url='https://appliance.domain.com' $ api_version='2021-07-15'
List all cloud proxies.
$ curl -X GET -H 'Content-Type: application/json' -H "Authorization: Bearer $access_token" "$url/iaas/api/data-collectors?apiVersion=$api_version" | jq "."
A snippet of the response from your
request shows the data collector IDs.
... { "dcId": "60740040-f3cd-4694-96da-15e547242bf7", "ipAddress": "10.108.78.154", "name": "example-prod-corp-rdc", "hostName": "corp-v783-dhcp-79-85.eng.mycompany.com", "status": "ACTIVE" }, ...
Assign the data collector ID
variable.
$ data_collector_id='60740040-f3cd-4694-96da-15e547242bf7'
Assign the
vSphere
account variables.$ vsphere_host_name='corp-v783-dhcp-79-85.eng.mycompany.com' $ vsphere_user='admin@mycompany.com' $ vsphere_password='my_vsphere_password'
List external region IDs from your
vSphere
cloud account.$ curl -X POST \ "$url/iaas/api/cloud-accounts-vsphere/region-enumeration?apiVersion=$api_version" \ -H 'Content-Type: application/json' \ -H "Authorization: Bearer $access_token" \ -d '{ "cloudAccountType": "vsphere", "username": "'$vsphere_user'", "password": "'$vsphere_password'", "hostName": "'$vsphere_host_name'", "dcid": "'$data_collector_id'", "acceptSelfSignedCertificate": "false" }' | jq "."
A snippet of the response shows the
region ID to use.
... { "externalRegionIds": [ "Datacenter:datacenter-2" ] } ...
Assign the region ID variable.
$ vsphere_region_id='Datacenter:datacenter-2'
Submit request to validate asynchronously
with the
vSphere
cloud account
specification.$ curl -X POST -H 'Content-Type: application/json' -H "Authorization: Bearer $access_token" "$url/iaas/api/cloud-accounts-vsphere?apiVersion=$api_version&validateOnly" | jq "."
A snippet of the response shows the
selfLink.
{ "progress": 0, "status": "INPROGRESS", "name": "Cloud account specification validation", "id": "bcdee18-a77d-46f8-b068-4013e80e2b55", "selfLink": "/.../request-tracker/bbcdee18-a77d-46f8-b068-4013e80e2b55" }
Assign the selfLink variable.
$ selfLink_id='bbcdee18-a77d-46f8-b068-4013e80e2b55'
Submit a request to track the request
with the selfLink.
$ curl -X GET -H 'Content-Type: application/json' -H "Authorization: Bearer $access_token" "$url/iaas/api/request-tracker/$selfLink_id?apiVersion=$api_version | jq "."
When the request succeeds, the response
shows the resource with the certificate ID.
{ "progress": 0, "message": "valid certification path to requested target found", "status": "SUCCEEDED", "resources": [ "/iaas/api/certificates/7fe4c108-64ff-4347-92de-b0790bda1a3c?apiversion=2021-07-15" ], "name": "Cloud account specification validation", "id": "bbcdee18-a77d-46f8-b068-4013e80e2b55", "selfLink": "/iaas/api/request-tracker/bbcdee18-a77d-46f8-b068-4013e80e2b55" }
Assign the certificate ID variable.
$ certificate_id='7fe4c108-64ff-4347-92de-b0790bda1a3c'
To get certficate information, submit a
request with the certificate ID.
$ PEM_for_X509Certificate='curl -X GET -H 'Content-Type: application/json' -H "Authorization: Bearer $access_token" "$url/iaas/api/certificates/$certificate_id?apiVersion=$api_version" | jq "."'
Assign the ID of the existing cloud
account to associate with the new cloud account.
$ existing_cloud_account_id ='b9fa1b42c767de7558ceff3b78004'
Create a cloud account named
demo-vsphere-account
with default cloud zones. $ curl -X POST \ "$url/iaas/api/cloud-accounts-vpshere?apiVersion=$api_version" \ -H 'Content-Type: application/json' \ -H "Authorization: Bearer $access_token" \ -d '{ "name": "demo-vsphere-account", "description": "This is a demo vSphere account with default cloud zones", "username": "'$vsphere_user'", "password": "'$vsphere_password'", "hostName": "'$vsphere_host_name'", "acceptSelfSignedCertificate":false, "associatedCloudAccountIds": "'$existing_cloud_account_id'", "createDefaultZones":true, "dcId": "'$data_collector_id'", "regions":[ { "name": "'$vsphere_region_id'", "ExternalRegionId":"'$vsphere_region_id'" } ], "tags": [ { "key": "env", "value": "dev" } ], "certificateInfo":{ "certificate": "'$PEM_for_X509Certificate'" } }' | jq "."
A snippet of the response from your request shows the account ID.
... "tags": [], "name": "demo-vsphere-account", "id": "515684ccebafde75-7f703c5265a63d87-e78aab87e9c8d5cd4cd1da1a285403f0f4e77a5240720d093e147b830b172542-23b5c527d7083675572f5099a8da0", "updatedAt": "2022-04-02", "organizationId": "8327d53f-91ea-420a-8613-ba8f3149db95", "orgId": "8327d53f-91ea-420a-8613-ba8f3149db95", ...