As an Automation Assembler administrator, you can use the IaaS APIs to create an additional vSphere+ cloud account to support a cloud connected vCenter.

This procedure describes how you use the vSphere-specific IaaS API to create an additional vSphere+ cloud account and set up federation with a vCenter instance. An optional step shows how to update the cloud account. You can also create or update an additional vSphere+ cloud account using the cloud agnostic IaaS API such as /api/iaas/cloud-accounts.

To create an additional vSphere+ cloud account using the UI, see Create a cloud account for a cloud connected vCenter in Automation Assembler.

Prerequisites

  • Verify that you have a gateway appliance that is connected to the target organization, and that you have connected the vCenter to the gateway. For more information about gateways in vCenter, see Connect Your vCenter Server to vCenter Cloud Gateway.
  • Verify that you have a hostname for the vCenter that you want to associate with the new cloud account.
  • Verify that all general prerequisites and prerequisites for the Automation Assembler Infrastructure as a Service (IaaS) service have been satisfied. See Prerequisites for API Use Case Examples.

Procedure

  1. Assign a variable for the hostname of the vCenter. 
    hostname= '<vCenter_fqdn_host_name>'
  2. To list the external region IDs from your vSphere+ cloud account, start a region enumeration. 
    curl -X POST \
  '$url/iaas/api/cloud-accounts-vsphere/region-enumeration?apiVersion=$api_version'
  --header 'Authorization: Bearer $access_token' \
  --header 'Content-Type: application/json' \  
  --data-raw '{
    "hostName": "$hostname",
    "environment": "aap",
    "acceptSelfSignedCertificate": true
}' | jq "."
    The response includes a selfLink value that you can use to track the progress of the region enumeration.
  3. Track the region enumeration request. 
    curl -X GET \
  '$url/iaas/api/request-tracker/<request_tracker_ID>?apiVersion=$api_version'
  --header 'Authorization: Bearer $access_token' \
  --header 'Content-Type: application/json' | jq "."
    When the region enumeration completes, the response shows "status": "FINISHED" and provides a link to the region enumeration task ID in resources.
  4. To get the results of the region enumeration, use the region enumeration task ID from the tracking response. 
    curl -X GET \
  '$url/iaas/api/cloud-accounts/region-enumeration/<region_enumeration_task_ID>?apiVersion=$api_version'
  --header 'Authorization: Bearer $access_token' \
  --header 'Content-Type: application/json' | jq "."
    The response shows the external regions.
  5. Create the vSphere+ cloud account.
    • Provide a name for the vSphere+ cloud account.
    • In the regions field, specify the external regions from the region enumeration.
    • For createDefaultZones, depending on whether you want to create default cloud zones for data centers in the endpoint or not, set the value to true or false. In this example, the value is false.
    curl --location --request POST \
'$url/iaas/api/cloud-accounts-vsphere?apiVersion=$api_version' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer $access_token' \
--data-raw '{
    "hostName": "$hostname",
    "acceptSelfSignedCertificate": true,
    "associatedCloudAccountIds": [],
    "name": "<your_cloud_account_name>",
    "environment": "aap",
    "regions": [
      {
         "name": "'<external_region_name1>'", 
         "ExternalRegionId":"'<external_region_id1>'"
      },
      {
         "name": "'<external_region_name2>'", 
         "ExternalRegionId":"'<external_region_id2>'"
      }
    ],
    "createDefaultZones": false
}' | jq "."
    The response includes a selfLink value that you use to track the progress of the cloud account creation.
  6. Track the progress of the cloud account creation. 
    curl -X GET \
  '$url/iaas/api/request-tracker/<request_tracker_ID>?apiVersion=2021-07-15'
  --header 'Authorization: Bearer $access_token' \
  --header 'Content-Type: application/json' | jq "."
    When the cloud account creation completes, the response shows "status": "FINISHED" and provides a link to the cloud account in resources.
  7. After full enumeration, the cloud account is ready to use. Use the cloud account ID from the tracking response to get details about the cloud account. 
    curl -X GET \
  '$url/iaas/api/cloud-accounts-vsphere/<cloud_account_id>?apiVersion=2021-07-15'
  --header 'Authorization: Bearer $access_token' \
  --header 'Content-Type: application/json' | jq "."
    When the response shows imageEnumerationTaskState": "FINISHED" and "enumerationTaskState": "FINISHED", image synchronization and data enumeration are complete.
  8. (Optional) You can update the cloud account with a new name 
    curl --location --request PATCH \
'$url/iaas/api/cloud-accounts-vsphere?apiVersion=$api_version' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer $access_token' \
--data-raw '{
    "hostName": "$hostname",
    "acceptSelfSignedCertificate": true,
    "associatedCloudAccountIds": [],
    "name": "<updated_cloud_account_name>",
    "environment": "aap",
    "regions": [
      {
         "name": "'<external_region_name1>'", 
         "ExternalRegionId":"'<external_region_id1>'"
      },
      {
         "name": "'<external_region_name2>'", 
         "ExternalRegionId":"'<external_region_id2>'"
      }
    ],
    "createDefaultZones": false
}' | jq "."

Example: Add a vSphere+ cloud account for the Cloud Consumption Interface

This example creates a vSphere+ cloud account for a vCenter with hostname sc2-10-184-81-252.eng.vmware.com. It also shows how to update the cloud account name.

Assign the required variables.

Note: If your organization uses an API service that is hosted outside of the United States, your URL variable must include a country abbreviation. See Regional Endpoints for VMware Aria Automation APIs. 
$ url='https://api.mgmt.cloud.vmware.com'
$ api_version='2021-07-15'
$ hostname='sc2-10-184-81-252.eng.vmware.com'

Start a region enumeration.

$ curl -X POST \
  '$url/iaas/api/cloud-accounts-vsphere/region-enumeration?apiVersion=$api_version'
  --header 'Authorization: Bearer $access_token' \
  --header 'Content-Type: application/json' \  
  --data-raw '{
    "hostName": "$hostname",
    "environment": "aap",
    "acceptSelfSignedCertificate": true
}' | jq "."
The response includes a selfLink for the request, for example 96f3bc89-58a6-4ac7-b83c-8eb924307839. 
{
  "progress": 0,
  "status": "INPROGRESS",
  "name": "region-enumeration-task",
  "id": "96f3bc89-58a6-4ac7-b83c-8eb924307839",
  "selfLink": "/iaas/api/request-tracker/96f3bc89-58a6-4ac7-b83c-8eb924307839"
}

Use the selfLink to track the request.

$ curl -X GET \
  '$url/iaas/api/request-tracker/96f3bc89-58a6-4ac7-b83c-8eb924307839/?apiVersion=$api_version'
  --header 'Authorization: Bearer $access_token' \
  --header 'Content-Type: application/json' | jq "."
When finished, the response includes a task ID under resources, for example 96f3bc89-58a6-4ac7-b83c-8eb924307839. 
{
  "progress": 100,
  "status": "FINISHED",
  "resources" : [
    "/iaas/api/cloud-accounts/region-enumeration/96f3bc89-58a6-4ac7-b83c-8eb924307839"
  ],
  "name": "region-enumeration-task",
  "id": "96f3bc89-58a6-4ac7-b83c-8eb924307839",
  "selfLink": "/iaas/api/request-tracker/96f3bc89-58a6-4ac7-b83c-8eb924307839"
}

Use the task ID to get the results of the region enumeration.

$ curl -X GET \
  '$url/iaas/api/cloud-accounts/region-enumeration/96f3bc89-58a6-4ac7-b83c-8eb924307839/?apiVersion=$api_version'
  --header 'Authorization: Bearer $access_token' \
  --header 'Content-Type: application/json' | jq "."
The response lists the cloud account regions for the new vSphere+ cloud account. 
{
  "externalRegions" : [
    {
      "externalRegionId": "Datacenter:datacenter-53",
      "name": "test-dc"
    },
    {
      "externalRegionId": "Datacenter:datacenter-3",
      "name": "wcp-test-dc"
    }
  ]
}

With the cloud account regions, create the vSphere+ cloud account named Cloud account creation without default cloud zones, "createDefaultZones":false . 

$ curl -X POST \
  '$url/iaas/api/cloud-accounts-vsphere/region-enumeration?apiVersion=$api_version'
  --header 'Authorization: Bearer $access_token' \
  --header 'Content-Type: application/json' \  
  --data-raw '{
    "hostName": "$hostname",
    "acceptSelfSignedCertificate": true,
    "associatedCloudAccountIds": [],
    "name": "Cloud account creation",
    "environment": "aap",
    "regions": [
        {
            "externalRegionId": "Datacenter:datacenter-53",
            "name": "test-dc"
        },
        {
            "externalRegionId": "Datacenter:datacenter-3",
            "name": "wcp-test-dc"
        }
    ],
    "createDefaultZones": false
}' | jq "."
The response includes a selfLink for the request, for example 21740931-c76c-4f95-8a3e-8ea40cb2074e. 
{
  "progress": 0,
  "status": "INPROGRESS",
  "name": "Cloud account creation",
  "id": "21740931-c76c-4f95-8a3e-8ea40cb2074e",
  "selfLink": "/iaas/api/request-tracker/21740931-c76c-4f95-8a3e-8ea40cb2074e"
}

Track the request.

$ curl -X GET \
  '$url/iaas/api/request-tracker/21740931-c76c-4f95-8a3e-8ea40cb2074e/?apiVersion=$api_version'
  --header 'Authorization: Bearer $access_token' \
  --header 'Content-Type: application/json' | jq "."
When finished, the response includes the new cloud account ID, for example acca423d-b9fa-494c-8452-f2d9efe15f69. 
{
  "progress": 100,
  "status": "FINISHED",
  "resources": [
      "/iaas/api/cloud-accounts/acca423d-b9fa-494c-8452-f2d9efe15f69"
  ],
  "name": "Cloud account creation",
  "id": "21740931-c76c-4f95-8a3e-8ea40cb2074e",
  "selfLink": "/iaas/api/request-tracker/21740931-c76c-4f95-8a3e-8ea40cb2074e"
}
After full enumeration, the cloud account is ready to use. Use the cloud account ID to get details about the cloud account. 
$ curl -X GET \
  '$url/iaas/api/cloud-accounts-vsphere/acca423d-b9fa-494c-8452-f2d9efe15f69?apiVersion=2021-07-15'
  --header 'Authorization: Bearer $access_token' \
  --header 'Content-Type: application/json' | jq "."
When the response shows imageEnumerationTaskState": "FINISHED" and "enumerationTaskState": "FINISHED", image synchronization and data enumeration are complete. 
...,
"customProperties": {
        "hostName": "sc2-10-184-81-252.eng.vmware.com",
        "acceptSelfSignedCertificate": "true",
        "lastImageEnumerationTimestampMicro": "1650567942698000",
        "version": "8.0.0",
        "buildNumber": "55223210",
        "lastSuccessfulImageEnumerationTimestampMicro": "1650567942698000",
        "lastSuccessfulEnumerationTimestampMicro": "1650567971775000",
        "imageEnumerationTaskState": "FINISHED",
        "dcId": "1ecc0d7a-2386-68bb-97fa-cb0d690c0196",
        "lastEnumerationTimestampMicro": "1650567971775000",
        "enumerationTaskState": "FINISHED",
        "wcpEnabled": "true",
        "environment": "aap",
        "privateKeyId": "[email protected]",
        "vcUuid": "a1f546f2-c234-4ccd-98b2-de896506f884"
    },
...

If you want to update the cloud account, you use a PATCH request. This example updates the name of the cloud account to Cloud account update.

$ curl -X PATCH \
  '$url/iaas/api/cloud-accounts-vsphere/region-enumeration?apiVersion=$api_version'
  --header 'Authorization: Bearer $access_token' \
  --header 'Content-Type: application/json' \  
  --data-raw '{
    "hostName": "$hostname",
    "acceptSelfSignedCertificate": true,
    "associatedCloudAccountIds": [],
    "name": "Cloud account update",
    "environment": "aap",
    "regions": [
        {
            "externalRegionId": "Datacenter:datacenter-53",
            "name": "test-dc"
        },
        {
            "externalRegionId": "Datacenter:datacenter-3",
            "name": "wcp-test-dc"
        }
    ],
    "createDefaultZones": false
}' | jq "."