Knowing the input/output format for each of the 8 operations (4 required and 4 optional) is helpful when implementing the action scripts. The skeleton implementation in the sample IPAM .zip is meant to be a reference tool. Use it at will and modify it as needed.
- Build, upload, and test your IPAM package after implementing each operation. You can deploy the newly created IPAM .zip into Automation Assembler by selecting .
- If everything is configured correctly, you are able to see the sample IPAM in the Providers list in the user interface. Select the newly added IPAM provider. The custom form defined in endpoint-schema.json is rendered in the user interface. Complete all mandatory fields and select a running environment (Extensibility On-Prem or for a public cloud such as AWS Lambda or Azure Functions) as described in the product documentation.
- For VMware Aria Automation SaaS, see Tutorial: Configuring a provider-specific external IPAM integration .
- For VMware Aria Automation on-prem, see Tutorial: Configuring a provider-specific external IPAM integration.
- Click Validate to trigger a new ABX action run. In a new tab, click . You should be able to see the newly created action run for the Validate Endpoint operation. Click on the action run to see the inputs it was called with.
- The context.request() can be used to execute REST requests against Automation Assembler. This is used for obtaining the auth credentials.
- The Deallocate IP operation contract requires that it must finish with success when asked to deallocate a non-existing IP address. This prevents failure in case an attempt is made from Automation Assembler to deallocate the same IP twice.
- The Allocate IP operation can handle multiple IP allocations in a single request. Failure in one of the consecutive allocations results in failure for the whole operation. Because the IPAM service is not transactional, the script is responsible for rolling back already allocated IPs.
You can implement the IPAM SDK so that integration authentication is performed by using a certificate instead of by using a username and password. You configure the SDK to work with certificate-based authentication by altering the endpoint-schema.json file as follows:
- Add "state": {"visible": false} in the privateKeyId field description to hide it from the custom form.
- Change the "privateKey" field display type from "passwordField" to "textArea".
- Add a "default" value under the Schema definition for Username so that it is populated with a default value of a non-null privateKeyId.
- Change the privateKey label to "Certificate".
- Rebuild the IPAM package to update the custom form for certificate-based authentication.
Note: You can ignore the auth_credentials["privateKeyId"] field.
When using certificate-based authentication, the certificate is encrypted with the VMware Aria Automation private key and stored in the VMware Aria Automation database.