To remotely access a machine that vRealize Automation Cloud Assembly has deployed, you add properties, before deployment, to the cloud template for that machine.

For remote access, you can configure one of the following authentication options.

Note: In cases where keys need to be copied, you might also create a cloudConfig section in the cloud template, to automatically copy the keys upon provisioning. The specifics aren't documented here, but Machine initialization in vRealize Automation Cloud Assembly provides general information about cloudConfig.

Generate a key pair at provisioning time

If you don't have your own public-private key pair for remote access authentication, you can have vRealize Automation Cloud Assembly generate a key pair.

Use the following code as a guideline.

  1. In vRealize Automation Cloud Assembly, before provisioning, add remoteAccess properties to the cloud template as shown in the example.

    The username is optional. If you omit it, the system generates a random ID as the username.

    Example:

    type: Cloud.Machine
    properties:
      name: our-vm2
      image: Linux18
      flavor: small
      remoteAccess:
        authentication: generatedPublicPrivatekey
        username: testuser
    
  2. In vRealize Automation Cloud Assembly, provision the machine from its cloud template, and bring it to a started-up state.

    The provisioning process generates the keys.

  3. Locate the key name in the Deployments > Deployments > Topology properties.
  4. Use the cloud provider interface, such as the vSphere client, to access the provisioned machine command line.
  5. Grant read permission to the private key.

    chmod 600 key-name

  6. Go to the vRealize Automation Cloud Assembly deployment, select the machine, and click Actions > Get Private Key.
  7. Copy the private key file to your local machine.

    A typical local file path is /home/username/.ssh/key-name.

  8. Open a remote SSH session, and connect to the provisioned machine.

    ssh -i key-name user-name@machine-ip

Supply your own public-private key pair

Many enterprises create and distribute their own public-private key pairs for authentication.

Use the following code as a guideline.

  1. In your local environment, obtain or generate your public-private key pair.

    If you need it, here's some background on generating key pairs in Linux and Windows.

    For now, just generate and save the keys locally.

  2. In vRealize Automation Cloud Assembly, before provisioning, add remoteAccess properties to the cloud template as shown in the example.

    The sshKey includes the long alphanumeric found within the public key file key-name.pub.

    The username is optional and gets created for you to log in with. If you omit it, the system generates a random ID as the username.

    Example:

    type: Cloud.Machine
    properties:
      name: our-vm1
      image: Linux18
      flavor: small
      remoteAccess:
        authentication: publicPrivateKey
        sshKey: ssh-rsa Iq+5aQgBP3ZNT4o1baP5Ii+dstIcowRRkyobbfpA1mj9tslf qGxvU66PX9IeZax5hZvNWFgjw6ag+ZlzndOLhVdVoW49f274/mIRild7UUW... 
        username: testuser
    
  3. In vRealize Automation Cloud Assembly, provision the machine from its cloud template, and bring it to a started-up state.
  4. Using the cloud vendor client, access the provisioned machine.
  5. Add the public key file to the home folder on the machine. Use the key that you specified in remoteAccess.sshKey.
  6. Verify that the private key file counterpart is present on your local machine.

    The key is typically /home/username/.ssh/key-name with no .pub extension.

  7. Open a remote SSH session, and connect to the provisioned machine.

    ssh -i key-name user-name@machine-ip

Supply an AWS key pair

By adding an AWS key pair name to the cloud template, you can remotely access a machine that vRealize Automation Cloud Assembly deploys to AWS.

Be aware that AWS key pairs are region specific. If you provision workloads into us-east-1, the key pair must exist in us-east-1.

Use the following code as a guideline. This option works for AWS cloud zones only.

type: Cloud.Machine
properties:
  image: Ubuntu
  flavor: small
  remoteAccess:
    authentication: keyPairName
    keyPair: cas-test
constraints:
  - tag: 'cloud:aws'

Supply a username and password

By adding a username and password to the cloud template, you can have simple remote access to a machine that vRealize Automation Cloud Assembly deploys.

Although it is less secure, logging in remotely with a username and password might be all that your situation requires. Be aware that some cloud vendors or configurations might not support this less secure option.

  1. In vRealize Automation Cloud Assembly, before provisioning, add remoteAccess properties to the cloud template as shown in the example.

    Set the username and password to the account that you expect to log in with.

    Example:

    type: Cloud.Machine
    properties:
      name: our-vm3
      image: Linux18
      flavor: small
      remoteAccess:
        authentication: usernamePassword
        username: testuser
        password: admin123
    
  2. In vRealize Automation Cloud Assembly, provision the machine from its cloud template, and bring it to a started-up state.
  3. Go to your cloud vendor's interface, and access the provisioned machine.
  4. On the provisioned machine, create or enable the account.
  5. From your local machine, open a remote session to the provisioned machine IP address or FQDN, and log in with the username and password as usual.