Release Versions

About VMware Aria Automation

Before you begin

VMSA-2024-0017 security advisory and patch

VMware Aria Automation 8.18.1 What's New

• Full name display in UI

  Full usernames for Resources, Deployments and Policy are now available in the VMware Aria Automation UI in addition to user IDs. Enable the visibility of this settings under the administration and user columns from the Manage Column button on the left lower corner. The same support for Catalog, Content Source, and Content is available through the API.

• Removed migration support for VMware Aria Automation 7.x to 8.x and NSX-V to NSX-T

  Following the previous announcement of deprecation, this release officially removes the migration assistant and as a result, the following capabilities are no longer supported:

  1. Migration from vRealize Automation 7.x to VMware Aria Automation 8.x

  2. Migration from NSX-V to NSX-T

• Include DGCM Exporter by default in Deep Learning VM

  Starting with the current release, the DCGM-Exporter will be included by default as part of the Deep Learning VM (DLVM) image. DCGM-Exporter is an exporter for Prometheus that monitors the company health and retrieves metrics from the GPUs. It leverages DCGM using Go bindings to collect GPU telemetry and exposes GPU metrics to Prometheus using an HTTP endpoint (/metrics).

• Support for Data Services Manager Private AI Automation Services

  Starting this release, the Catalog Setup Wizard will generate three additional items. 

  • DSM (Data Services Manager) Database: deploys a new instance of the PostgreSQL cluster which can be used as a datastore for RAG applications.

  • AI RAG Workstation with DSM: installs a GPU-enabled deep learning VM with the necessary NVIDIA software and a PostgreSQL database to run RAG workflows. 

    • Connect to a remote PostgreSQL Database instance 

    • Instantiate a new PostgreSQL database instance through DSM  

  • AI Kubernetes RAG Cluster with DSM: installs a GPU-enabled Tanzu Kubernetes Grid (TKG) Cluster with the necessary NVIDIA software and a PostgreSQL database to run RAG workflows.

  • Users of "AI RAG Workstation with DSM" and "AI Kubernetes RAG Cluster with DSM" catalog items can either connect to an existing PostgreSQL database or create a new database.

  For detailed instructions on using the Catalog Setup Wizard and deploying the three new catalog items, see the product documentation.

• Pick TKR versions in PAIF QS

  Starting this release, the Catalog Setup Wizard will allow users to pick from up to three supported versions of Tanzu Kubernetes Runtimes (TKR) to be used in Catalog items. For detailed instructions on picking the TKR runtimes, see the product documentation.

• Updates to the supervisor namespace classes and regions

  This feature introduces the ability to create, update, and delete supervisor namespace classes in the VMware Aria Automation Assembler UI. Supervisor namespace classes are used to create supervisor namespaces used for the Cloud Consumption Interface in VMware Aria Automation Service Broker. You can also use Automation Assembler to delete supervisor regions. Supervisor regions are used to group multiple supervisors. Previously, this was only possible through the K8S CLI.

• Ability to control the placement of on-demand NSX security groups by using tag constraints

  This feature provides an ability to provision on-demand NSX security groups and explicitly control placement of those groups in specific NSX managers by using tag constraints.

• NSX network and security group automation with discovered resources from NSX Projects and VPCs

  This release supports discovery of networking and security resources from NSX environments configured with multi-tenancy including networks and security groups from NSX projects and VPCs.

  Administrators can then assign these resources to network profiles and subsequently leverage them in VMware Aria Automation cloud templates to support network and multi-tier application automation use cases.

  Note: There is no change in credentials required to connect to the NSX manager.

• Onboarding of vSphere namespaces to be used in the Cloud Consumption Interface

  In VMware Aria Automation Assembler, administrators can now onboard vSphere namespaces from discovered supervisor clusters under connected vCenter cloud accounts. These are the namespaces that are not created by VMware Aria Automation.

  When vSphere namespaces are onboarded, all running services and objects (VM, TKGs cluster, Volume, images, and so on) become visible in the Cloud Consumption Interface under VMware Aria Automation Service Broker.

• Handle reconciliation for VMs that are part of a vMotion migration within and across vCenter instances

  VMware Aria Automation now automatically reconciles the changes to your virtual machines after vMotion migration. The supported scenarios include:

  • Migration within the same vCenter

  • Migration across different vCenter instances

  • Migration across NSX-T networks

  VMware Aria Automation now also includes a new event topic Compute post migration reconcile status, which is initiated after a VM is reconciled. The event topic includes the status of the VM reconciliation in VMware Aria Automation and the destination details of the migrated VM.

• Audit logging in VMware Aria Automation with CSV export

  You can now export an CSV file containing your audit log. You can search the audit log for specific events, event type, and date ranges and save events as a CSV file.

  The following are the restrictions in downloading the CSV file:

  • CSV download (0 byte file) might not work if the file size is greater than 300 MB.  However, you can still access this file from the log bundle. The location of the log bundle is /services-logs/prelude/ebs-app/file-logs/. Larger CSV files should be accessed from the VMware Aria Automation CLI log.

  • The date range for the CSV file download is kept at 12 months maximum to avoid larger file sizes.

  • Because the CSV file generation is a resource intensive task, only one file generation job can be submitted at a given time. After this job is completed, the next job can be submitted.

• Code Stream availability notice for VCF 9.0

  Code Stream is continuous integration and continuous delivery (CI/CD) tool used to build pipelines that model the software release process in DevOps lifecycle. Code Stream is part of the VMware Aria Automation suite. Starting with VCF 9.0, Code Stream will no longer be available. There is no equivalent functionality in VCF and it is recommended that customers leverage open source tools.

• Improvements to the cloud template designer

  The following enhancements are made to cloud template designer:

  • Collapse / expand – YAML code in right panel (code panel). The right panel is larger by default.

  • Search – you can now search for anything and highlight matches.

• Improvements to the cloud template designer for handling supervisor resources

  With the addition of supervisor resources, cloud templates are becoming more and more complex. Many resources are nested within each other. The cloud template designer has the following enhancements for supervisor resources:

  • Provide resource nesting view to show parent/child relations.

  • Visualize nesting parent/child layout for resources in the topology.

  • Highlight related bound inputs/variables when selecting a resource.

• Improvements to disk ordering in the storage view

  Previously, the disk ordering in the VMware Aria Automation deployment storage view were listed in a random order rather than being sorted by unit number. 

  This approach could create problematic scenarios particularly when virtual machines (VMs) have a large number of disks, as the disk with the last unit number might be shown in the list. 

  This feature provides ability to:

  • Sort the disks by unit number by default.

  • Provide sorting on each column so disks can also be sorted by name, capacity, type, encryption, and controller key unit number.

• Support 64 disks on Paravirtual SCSI (PVSCSI) controller

   VMware Aria Automation had a limitation when attempting to deploy certain application types that need a large number of disks or add disks. This is because VMware Aria Automation only supports up to 14 disks per controller, while Virtual Center supports up to 64 disks. 

  Now VMware Aria Automation supports up to 64 disks per controller at the deployment phase and for adding disks.

• Automation Orchestrator 8.18.1 What's New
• Resolved Issues
• Known Issues

VMware Aria Automation 8.18 What's New

• The VMware Remote Control Application (VMRC) console proxy is updated to support WebMKS

  Previously, you could not use VMRC day 2 actions from VMware Aria Automation on-prem to communicate with vSphere 8+ instances. This is because vSphere 8+ only supports communication over WebMKS while MKS, used by older vSphere versions, is deprecated. For more information, go to KB 93070.

  Starting with this release, VMware Aria Automation on-prem will use WebMKS as the default communication method between VMRC and vSphere 7+ and 8+ instances. The console proxy abstracts the underlying vCenter as the connections are now proxied. The workaround for on-prem instances mentioned in the above KB article is no longer needed. It is recommended that users start planning their upgrade to the current product version along with upgrading to vSphere 8+.

• Content library filtering improvements to the Catalog Setup Wizard

  Starting this release, Catalog Setup Wizard has made the following improvements that provide a better VM image browsing experience. 

  • Users can now filter the list of available Deep Learning VM images by specifying a content library name.

  • Content related to Tanzu Kubernetes Grid (TKG) is now excluded from the search results which reduces the search term clutter.

• Split catalog items for the Catalog Setup Wizard

  Starting this release, the Catalog Setup Wizard creates five catalog items for better usability.

  • AI Workstation: Installs a GPU-enabled deep learning VM. 

  • AI RAG Workstation: Installs a GPU-enabled deep learning VM with all necessary NVIDIA software to run a RAG workflow. 

  • Triton Inferencing Server: Installs a GPU-enabled deep learning VM with NVIDIA Triton Inferencing Server.

  • AI Kubernetes Cluster: Installs a GPU-enabled Tanzu Kubernetes Grid (TKG) Cluster.  

  • AI Kubernetes RAG Cluster: Installs a GPU-enabled Tanzu Kubernetes Grid (TKG) Cluster with all necessary NVIDIA software to run a RAG workflow in production. 

  For detailed instructions on using the Catalog Setup Wizard and deploying the five catalog items, see the product documentation.

• Automatic installation of the TKG RAG operator

  Starting from this release, the AI Kubernetes Cluster catalog item will automatically install the NVIDIA Retrieval Augmented Generation (RAG) Kubernetes operator in addition to the NVIDIA GPU operator. Catalog users now have access to a fully functional Tanzu Kubernetes Cluster that is capable of running RAG workloads. Users will be required to manually install any sample RAG applications.   

• Air-gapped support for Non-RAG workloads on DLVM

  Starting this release, the Catalog Setup Wizard now provides options to configure a private registry and specify HTTP/HTTPs proxy configurations. Non-RAG NVIDIA containers and vGPU drivers can now be stored in locations that are not accessible through the internet. This capability enables the deployment of the following catalog items on a deep learning VM in air-gapped environments:

  • PyTorch

  • TensorFlow

  • Triton Inference Server

  • CUDA samples

  For detailed instructions on using the Catalog Setup Wizard and using air-gapped environments, see the product documentation.

• New workflow for the Launchpad in VMware Aria Automation

  A new workflow is available to help users getting started or use as shortcuts in VMware Aria Automation. You can leverage this workflow to increase time-to-value by skipping the manual required steps to publish VM images from vCenter to catalog items for end user consumption.

  • Auto-discover images from a cloud account

  • Automatically associate cloud zone to a project

  • Automatically create cloud templates based on the discovered image

  • Automatically version and release cloud templates

  • Automatically create a content source

  • Automatically validate a project to pull catalog updates

  • Automatically create a content sharing policy based on user choice of project name

  • Assign users to a project or catalog

  • Optional step to select network and storage for the VM (if skipped, network and storage will be allocated randomly)

  For detailed instructions on using the Launchpad in VMware Aria Automation, see the product documentation.

• Set the storage priority for storage profiles and datastores

  You can now set the priority for storage profiles and datastores to specify the order of datastores to be picked among all the eligible datastores. This allows users to place VMs in a specific cluster based on the set priority. This feature modifies the current behavior where multiple datastores eligible for placement are selected based on the available capacity.

• Cloud template assignment with compliance for onboarding deployments

  A new feature in onboarding plans allows cloud administrators to assign a template to an onboarded deployment. There are three ways to associate a cloud template to an onboarded deployment:

  1. No cloud template associated.

  2. For visual only, to allow a cloud template link on the deployment but not assigned with compliance.

  3. Fully assigned by each virtual machine with compliance and can operate the update action using the assigned template.

  To assign the cloud template and make the onboarded deployment compliant, follow the steps below:

  1. Select a relevant cloud template.

  2. Map every machine resource in the template to a VM by selecting discovered VMs from the machine selection page.

  3. Validate and run the onboarding plan.

  Note: Onboarding compliance only supports Cloud.Machine and Cloud.vSphere.Machine resource types and their attached disks and networks. Onboarding no longer supports automatic generation of cloud templates. Administrators can either onboard with an existing template or without a template.

  For more information about onboarding, go to What are onboarding plans in Automation Assembler.

• Dark mode added in VMware Aria Automation

  A beta version of Dark mode is now available for VMware Aria Automation Identity and Access Management. You can switch between Light and Dark mode from the preferences under the My account page. For more information, go to How do I set my preferences for VMware Aria Automation.

• Reduced set of languages for localization

  Beginning with the next major release, we will be reducing the number of supported localization languages. The three supported languages will be:

  • Japanese

  • Spanish

  • French

  The following languages will no longer be supported:

  • Italian

  • German

  • Brazilian

  • Portuguese

  • Traditional Chinese

  • Korean

  • Simplified Chinese

  Impact:

  • Customers who were using the deprecated languages will no longer receive updates or support in these languages.

  • All user interfaces, help documentation, and customer support will be available only in English or in the three supported languages mentioned above.

• Update Provisioning Service to call Active Directory (AD) during project change

  In previous releases, users who delete a project or use the Change Project feature while having an active AD integration would receive a 403 Forbidden error. These scenarios occur because Active Directory does not listen for events coming from the Project Service. The AD integration is now updated to track these project changes.

• New location of the default runtime container image in the Terraform runtime integration

  In the Terraform runtime integration, the location of the default runtime container image is being changed. The new image location is projects.packages.broadcom.com/vra/terraform:latest. The previous location projects.registry.vmware.com/vra/terraform:latest will be inaccessible.

  Only the location is changing. The content of the image remains the same.

  If you are running any instances of VMware Aria Automation with an existing Terraform runtime integration, you must change the image location to projects.packages.broadcom.com/vra/terraform:latest or the runtime integration will fail.

• Deprecation in Storage Profiles properties

  The storage profiles properties 'Shares' and 'Limit IOPS' are being deprecated to align with deprecation strategy in vSphere. These properties will be removed in a future release.

• Automation Orchestrator 8.18 What's New
• Resolved Issues
• Known Issues

VMware Aria Automation 8.17 What's New

• New VMware Aria Automation home page

  A new user dashboard is now part of the VMware Aria Automation home page to help users navigate through complex architectures as part of Automation Assembler for administrators. Whether a user is new to VMware Aria products, or they are a seasoned VMware Aria Automation user, they can find the dashboard useful for the following scenarios:

  • Provide an overview for cloud environments by segment and VM status.

  • Visualize an inventory summary broken down by cloud zone and projects.

  • Visualize a deployment summary with upcoming lease policy changes and recently expired policies.

  • Review recent in-product notifications and respond to requests directly.

  Note: The home page is the default landing page for Automation Assembler only if the administrator does not have a cloud account in the organization. Otherwise, the default landing page is the Resources page in Automation Assembler. For more information, go to How do I get started with Automation Assembler using the VMware Aria Automation Launchpad.

• New Launchpad added to the VMware Aria Automation home page

  A new Launchpad is now available for users who are getting started with VMware Aria Automation or want shortcut access to commonly used actions. You can perform easy-to-learn use cases using the two guided workflows. The Launchpad covers the following use cases:

  • Add a cloud account: use your credentials to validate and link cloud accounts.

  • Apply lease expiration: create a lease policy to enforce resource expiration.

  For more information, go to How do I get started with Automation Assembler using the VMware Aria Automation Launchpad.

• Cloud Consumption Interface (CCI) Supervisor namespace, TKG, and other resource support in the Automation Assember design canvas

  CCI on-prem was released in VMware Aria Automation 8.16.1. The current release introduces support for defining multi-tier applications in Automation Assembler templates by leveraging Supervisor namespaces, TKG clusters, and any other CCI resources. You can now run a catalog item containing CCI resources that was prepared by an administrator. This capability brings together CCI and the rest of VMware Aria Automation capabilities around Infrastructure as Code (IaC) and governance with policies. For more information, go to Automating Kubernetes-based workloads in Automation Assembler.

• Integrating a single VMware Aria Operations on-prem instance with multiple VMware Aria Automation on-prem tenants

  A single VMware Aria Operations instance can now integrate with multiple VMware Aria Automation tenants running on the same on-premises appliance.

• Day 2 action for unregistering a cluster of VMs

  Unregister day2 action is supported for cluster of VMs. Note that the action is unavailable on a single VM within a cluster that shares disk or disk cluster with other VMs.

• Increased number of private cloud accounts in VMware Aria Automation

  With this release, we are increasing the number of supported private cloud accounts in VMware Aria Automation from 50 to 100. For more information, go to Scalability and Concurrency Maximums.

• Content sharing policy now supports scope at the organization level and also enables role-based access control

  Starting this release, the content-sharing policy supports two enhancements:

  1. The ability to share content across the entire organization by setting the scope as Organization. The organization-scoped policies only affect shared VMware cloud templates (VCT).

  2. A Role-based access entitlement. This feature allows for content sharing between users based on their set roles.  The roles can be project administrators, project members, and named custom roles.

  These enhancements significantly streamline content sharing and access control within the organization. For more information, go to How do I configure Automation Service Broker content sharing policies.

• New Active Directory (AD) error messages when changing projects

  When invoking the Change Project action on a deployment that is associated with an Active Directory integration, there are certain scenarios that will cause validation errors.

  When the source project is associated with an AD integration, but the target project is not associated with an AD integration. In such cases, you receive the following error message:

  "Target project is not associated with AD integration".

  To resolve this error, the target project must be associated with an AD integration that has the same organizational unit.

  Another possible scenario occurs when both the source project and the target project are associated with an AD integration, but the AD integration is not part of the same organizational unit. In such cases you receive the following error message:

  "The properties(OU, BaseDN) associated with the project did not match the project".

  To resolve this error, the organizational unit of the target project must be changed, or a new AD integration must be made to associate with the same organization unit.

• Announcing intent to deprecate specific Kubernetes automation capabilities

  VMware by Broadcom is announcing the planned deprecation of Kubernetes integration capabilities, including the TKG integration and TMC integration documented under How do I work with Kubernetes in Automation Assembler. The actual deprecation and removal of these capabilities from the product will happen in a future release. Customers are encouraged to adopt the Cloud Consumption interface (CCI) and vSphere TKG IaaS service. For more information on CCI, go to Getting Started with the Cloud Consumption Interface in Automation Service Broker.

• Announcing intent to remove deprecated automation capabilities

  VMware by Broadcom wants to remind customers that the following capabilities are deprecated and scheduled to be removed from VMware Aria Automation in a future release:

  • Support for NSX-V

  • Support for NSX-T Manager Mode

  • Support for NSX-V to NSX-T migration

  • Migration Assistant for vRealize Automation 7.6 to VMware Aria Automation 8.0 and later

  • Migration Assistant for NSX-V to NSX-T

  • Support for the VMware Aria Automation integration with vCloud Director

  Any customer currently leveraging these capabilities in VMware Aria Automation should make plans to stop using the relevant functionality.

• Announcing intent to remove support of vCenter 6.x

  VMware by Broadcom wants to remind customers that the support for vCenter 6.x will be removed from VMware Aria Automation in a future release. Any customer currently using vCenter 6.x cloud accounts in VMware Aria Automation should make plans to upgrade to a supported version of vCenter.

• Automation Orchestrator 8.17 What's New
• Resolved Issues
• Known Issues

API Documentation and Versioning

• VMware Aria Automation 8.18.1 | October 2024 API Changes
• VMware Aria Automation 8.18 | July 2024 API Changes

GET /codestream/api/endpoint-certificate

"creator": { 
        "id": "[email protected]", 
        "firstname": "Example", 
        "lastname": "User", 
        "email": "[email protected]", 
        "type": "USER" }

"template": { 
  "name": "cloud_template_name", 
  "link": "/blueprint/api/blueprints/template_ID_string", 
  "components": { 
    "/resources/compute/resource_ID_string_1": "Cloud_vSphere_Machine_1", 
    "/resources/compute/resource_ID_string2": "Cloud_vSphere_Machine_2"

Previous Known Issues

• Password length issue when using Kerberos authentication

  After Automation Orchestrator is upgraded, if the deployment is in FIPS mode, some plug-in endpoints configured with Kerberos authentication stop working and you receive the following error message in the logs:

  org.bouncycastle.crypto.fips.FipsUnapprovedOperationError: password must be at least 112 bits

  Workaround: Use longer and stronger passwords, with at least 14 characters, to satisfy the FIPS requirements.

• Issues with importing Automation Orchestrator workflows

  You can experience issues importing an Automation Orchestrator workflow into the VMware Aria Automation catalog content sources if the workflow inputs or fields include the "project" ID element as it is a system property. Having the ID added to the workflow inputs or fields can cause you to receive an error message similar to the following: “Error downloading catalog item ‘/workflow/<workflowId>’ (Error: Content provider error).”.

  Note: This issue is only valid for “project” ID elements manually added to workflows. It does not relate to automatically generated project fields created when a workflow or cloud template is imported into Service Broker.

  Workaround: Remove the "project" ID element from the workflow inputs or fields.

• You receive a error status code 500 when a extensibility action content source has its "shared" field value as NULL

  When your project includes extensibility actions, the number of items shown on the Content Source page includes fewer actions than the total number of actions included in the project. For example, you might see five out of ten actions shown in the Number of items field and red exclamation mark next to it. This means that not all actions are synchronized in the content source and that the problematic actions are not available for use in the Catalog.

  Workaround: See KB 93437.

• Unsupported Kerberos authentication for the PowerShell plug-in

  The PowerShell Plug-in for VMware Aria Automation Orchestrator does not support Kerberos authentication when used in FIPS mode because of security restrictions on the required security provider.

  When used with older versions of Automation Orchestrator in FIPS mode, using Kerberos authentication in the PowerShell plug-in is not recommended as it can break the FIPS compliance.

  Workaround: Use the Run Script In Guest workflow to run a PowerShell script inside the virtual machine.

• Using Python scripts with the latest version of the requests library or urllib3 v2 client causes extensibility actions to fail with a "urllib3 v2.0 only supports OpenSSL 1.1.1+" error.

  The latest version of requests library and urllib3 v2 currently cannot be used in extensibility actions, as these dependencies require an OpenSSL version later than 1.1.1.

  Workaround: In the dependencies text box of the extensibility action editor, specify a version of the request library that is earlier than 2.29.0, or if you are using urllib3, specify a version that is earlier than 2.

• Service and role names are replaced with old values when deploy.sh is ran for second time

  This important issue has been identified with the Aria Automation 8.12 release. Refer to KB 92018 for more details before upgrading or installing.

• You might receive a error if your custom form field includes regex constrains

  If your custom form includes one or more fields with a regex constraint, you can receive a error message similar to the following: "Some data cannot be retrieved. If the problem persists, contact your system administrator. Failed request: <action name>”.

  Workaround: Ensure that the regex adheres to both Java and JavaScript compliance standards. When this adjustment is made, the issue is resolved.

• Complex custom forms do not load take more than 10 minutes to load

  For complex custom forms with hundreds of fields and complicated default value rules, there might be a slow down to render the form. In most cases the longer rendering time is not noticeable, while the more complex the form is, the slow down can be significant.

  No workaround.

• After upgrading, if the deployment specifies a boot disk size that is less than the image boot disk size, the deployment will fail.

  This known issue occurs when upgrading to 8.11.1 and later.

• Some services are not accessible after associating a tenant with Aria Automation 8.12 through LCM

  After associating a tenant with VMware Aria Automation 8.12 through LCM, users may not be able to access the following services:

  • Assembler

  • Migration Assistant

  • Pipelines

  • Config 

  Workaround:

  1. Login to the tenant as a user with Organization Owner privileges.

  2. Under Identity & Access Management, click the Active Users tab.

  3. Select the affected user and click Edit Roles.

  4. To grant the user access to Assembler and Migration Assistant, click Add Service Access and select Cloud Assembly.

  5. To grant the user access to Pipelines, click Add Service Access and select Code Stream.

  6. To grant the user access to Config, click Add Service Access and select SaltStack Config.

• Delete operation for day 2 actions fails when deleting a pool from a deployment that depends on a virtual service

  If an Avi load balancer resource, such as a health monitor, is used by two pools in different deployments, deleting the health monitor from one of the deployments will fail with a "false" error.

  The failure to delete the resource is valid as the health monitor is referenced by multiple pools. However, the error displayed in VMware Aria Automation is not descriptive. The error displayed in the Avi load balancer is more detailed and shows why the delete operation failed.

  No workaround.

• You receive a validation error when an action input is bound to the Project field

  When a catalog item with custom forms has an external action that has the Project field as an input, this can cause an error. Opening the catalog item, the action run fails with the one of the following error messages: “Cannot execute external actions due to validation errors [Request info field with name: 'project' does not exist.];” or Some data cannot be retrieved. If the problem persists, contact your system administrator. Failed request: <action name>.

  Workaround: Do not explicitly pass the project field as an action input. When an Automation Orchestrator action run is started, the project ID is implicitly passed as a context parameter. Instead of having an input for the project in the action, use the “_projectId” context parameter.

  For example, if the Automation Orchestrator action receives one input called "project":

  1. Remove that input, and in the action script, create a variable called "project" and assign it with the following context parameter value: var project = System.getContext().getParameter("_projectId").

  2. Save the action.

  3. In the catalog item custom form designer, re-select the updated action.

  4. Save the modified custom form.

• The CMX agent needs to support all Spring Boot supported metrics so that alerts can be created

  Now that the CMX service has moved to Spring Boot, it needs to support all metrics, particularly "system_cpu_usage", and needs to push them to Wavefront. Without this, alerts cannot be created in Wavefront when the CPU usage crosses the threshold.

  No workaround.

• The Change Project process fails for multi-tenant environments in deployments with remote access

  This issue can occur if your deployment includes remote access with an authentication type other than publicPrivateKey. Other authentication types store their authentication credentials link and during the change project action, the remote access credentials are set with the tenant organization. The compute description is patched but with the owner context (because of reenterWithOwnerAuthContext logic) and have a provider organization. The authentication credentials are set in the tenant organization, but it is changed to the provider organization and the patch request fails with IllegalAccess exception.

  Workaround:

  A potential workaround is to update the cloud templates from which the deployments are created to use publicPrivateKey authentication type for remote access.

  remoteAccess:
    authentication: publicPrivateKey
    sshKey: ${input.sshKey}
    username: root 

• Workflows for Aria Automation user interaction times out if there is no response for a long time

  Manual user interactions cannot be answered from Aria Automation if more than 24 hours have passed, however, they can still be answered from Automation Orchestrator. On an attempt to answer the manual user interaction from Aria Automation, this error message appears:

  "Could not process request due to: Could not find information about request ID: '<request id>' for resource: '<resource id>'"

• The Automation Orchestrator debugger does not step into sub-actions

  The Automation Orchestrator action debugger does not step into inner actions called using the System.getModule(module).action() method.

  Workaround: Use the root action as the only element in a new workflow and debug the workflow using the workflow debugger.

• Intermittent behavior where servers are not added to a pool when using existing security groups

  When associating an NSX security group to an Avi load balancer pool, the reference to this security group must be the full path of the security group as seen in NSX.

  No workaround.

• Deploying an NSX Load Balancer with persistence configuration fails if values for required fields are not specified

  When deploying an NSX load balancer with a route that includes persistence configuration, the VMware Aria Automation Template displays all possible fields under properties > routes > persistenceConfig. You must specify values for all required fields as follows:

  • For PersistenceConfig.type = COOKIE, specify values for the following fields:

    • cookieMode

    • cookieGarble

  • For PersistenceConfig.type = SOURCE_IP, specify a value for ipPurge.

  • Do not use PersistenceConfig.type = NONE.

  If a value is missing for any required field, the deployment will fail.

  For more information about resource schema for the Cloud.NSX.LoadBalancer > routes > persistenceConfig, go to Aria Automation SaaS Resource Type Schema.

  No workaround.

• The "sseapi-config auth" command throws errors in VMware Aria Automation Config SaaS

  The "sseapi-config auth" command can be used to view the fingerprint IDs of the Master Key.  Currently, this command does not work for VMware Aria Automation Config SaaS.

  No workaround.

• Drop-down menu values do not get reset to the last selected value if the action is re-triggered

  In cases where the valueOptions (dropdown, multiSelect, dualList, combobox, and others) are controlled by an external source, you might encounter this situation:

  1. You select a value from the drop-down menu.

  2. An action triggers, causing the menu to have zero options.

  3. The originally selected value is cleared from the UI control but is available on request.

  Workaround: Explicitly select the empty value if available.

• Virtual Machine (VM) deployments fail with "Getting virtual machine on NSX-T policy endpoint"

  Special characters cannot be used in the name of a VM when NSX tags are used.

  No workaround.

• When creating an instance, creating disks with labels fails due to unexpected snake case transformation

  This is a bug that is a part of a very unlikely scenario. 

  On instance creation, when a user attempts to create an instance with disks, using initialize_params and assigns labels to that disk that contain snake case format (ex. "first_key": "first_value"), the key will be converted to "firstKey" which is not a valid label format. 

  It is recommended to add the labels separately using the disk resource, or use an underscore in the label key.

• Inconsistent performance tier information for Azure machine when managed disk is resized using day 2 actions

  When an Azure disk with a Premium managed disk is resized with day 2 actions in Aria Automation, the baseline performance tier is updated accordingly in the Azure portal. However, the performance tier remains the same in the template in the Aria Automation custom properties. This leads to inconsistent performance tier information.

  No workaround.

• Deleted actions appear for helpers

  Unsupported delete actions appear for helpers such as CloudZoneAllocationHelper and CustomNamingHelper.

  No workaround.

• vCenter machines are showing with an Automatic Private IP Addressing (APIPA) IP as the primary IP

  The APIPA IP is an IPv4 address that is assigned to a machine when the DHCP server in the system is not reachable. The address is within the following range: from 169.254.0.1 through 169.254.255.254. When this occurs, the VMware Aria Automation algorithm is incorrectly selecting the APIPA IP address as the primary IP address for the machine that appears in the VMware Aria Automation UI. This is true for both discovered and deployed machines. 

  VMware Aria Automation shows the APIPA IP as the primary IP address of the vCenter machine because the algorithm for determining the primary IP address failed to filter out these IPs. 

  No workaround.

• Integrate plug-in version 0.21.0 into project Flagman

  In cloud templates for idem.gcp resources, users should use type_ and not type.

  There are two different identified cases:

  In instance -> network_interfaces, the property type_ can easily be mistaken and written as type. If type is used, VMware Aria Automation does not notify the user (as expected), but the property is skipped over and the wanted value is not set.

  network_interfaces:
          - access_configs:
              - kind: compute#accessConfig
                name: External NAT
                network_tier: PREMIUM
                set_public_ptr: false
                type_: ONE_TO_ONE_NAT
            kind: compute#networkInterface
            name: nic0
            network: https://www.googleapis.com/compute/v1/projects/tango-gcp/global/networks/default
            stack_type: IPV4_ONLY
            subnetwork: https://www.googleapis.com/compute/v1/projects/tango-gcp/regions/us-central1/subnetworks/default 

  The other use case is in disk. The last property type_ can easily be mistaken and written as type. This leads to the same result as described above - the user is not notified in any way, the property is skipped over, and the value is set to the default value, not the specified value in the cloud template.

    Idem_GCP_COMPUTE_DISK_2:
      type: Idem.GCP.COMPUTE.DISK
      properties:
        name: e2e-idem-disk-2-${input.UUID}
        account: ${resource.Allocations_Compute_1.selectedCloudAccount.name}
        size_gb: 1
        project: ${resource.Allocations_Flavor_1.selectedCloudAccount.additionalProperties.gcp.project}
        zone: ${resource.Allocations_Compute_1.selectedPlacementCompute.name}
        type_: ${'/projects/' + resource.Allocations_Flavor_1.selectedCloudAccount.additionalProperties.gcp.project + '/zones/' + resource.Allocations_Compute_1.selectedPlacementCompute.id + '/diskTypes/pd-ssd'} 

   

  No workaround.

• Python packages not downloading from private registries that require setuptools

  When using a private python repository that is based on setuptools package, the dependencies cannot be downloaded.

• Creating instance with status other than RUNNING does not get applied

  When a new VM instance is created, the Google Compute Engine automatically provisions it in a RUNNING state, even when the deployment template specifies another desired runtime status (eg. TERMINATED).