Using VMware vRealize Automation, you can create a web portal to automate the deployment and management of applications on multicloud environments, such as vSphere, vCloud Director, and Amazon Web Services. The service catalog provides items that users can request.
There are some differences between using the REST API of NSX and the REST API of vRA. The REST API of vRA uses JavaScript Object Notation (JSON) instead of XML. Instead of basic authentication, the REST API of vRA uses a bearer token. You get a bearer token by authenticating to the vRA identity service.
Tip
To test the examples about vRealize Automation in this chapter, you can use the VMware Hands-On Lab HOL-1721-USE-1 - vRealize Automation 7 Basics or any other vRealize Automation Hands-On lab available on http://labs.hol.vmware.com/ . You can use the SEND TEXT button in the Hands-On Lab to send a text to the console. The button is on the upper left-hand side of your window.
In the following example, we will retrieve a bearer token for the [email protected] account in the vsphere.local tenant of the vra-01a.corp.local vRA server. First, we will save the server name, username, password, and tenant name in variables, using the following commands:
PowerCLI C:> $vRAServer = 'vra-01a.corp.local' PowerCLI C:> $Username = '[email protected]' PowerCLI C:> $Password = 'VMware1!' PowerCLI C:> $Tenant = 'vsphere.local'
We will create a JSON here-string to store the username, password, and tenant name in the variable $Body, as follows:
$Body = @"
{
"username":"$Username",
"password":"$Password",
"tenant":"$Tenant"
}
"@
The URI is saved in the variable $Uri, using the following command:
PowerCLI C:> $Uri = "https://$vRAServer/identity/api/tokens"
The Invoke-RestMethod cmdlet is called with the POST method, and the output is saved in the variable $Response, as follows:
PowerCLI C:> $Response = Invoke-RestMethod -Uri $Uri -Method POST
-Body $Body -ContentType 'application/json'
The bearer token is in the $Response.Id property. The bearer token is only valid for a specific time frame. The time the bearer token expires is in the $Response.Expires property. For convenience and later use, we create a pscustomobject containing the server name, token, token expiration time, tenant name, and username. The pscustomobject is saved in the variable $DefaultvRAServer, as follows:
$DefaultvRAServer = [pscustomobject]@{
Server = $vRAServer
Token = $Response.id
Expires = $Response.Expires
Tenant = $Response.tenant
Username = $Username
}
Finally, we create a new hash table containing the bearer token and save the hash table in the variable $Headers for later use, using the following command:
$Headers = @{
Accept = "application/json"
'Content-Type' = "application/json"
Authorization = "Bearer $($Global:DefaultvRAServer.Token)"
}
The line Accept = "application/json" specifies that the output of the Invoke-RestMethod call must be JSON. The line 'Content-Type' = "application/json" specifies that the body of the Invoke-RestMethod call is JSON.