Forum Discussion

Vitor_Santos's avatar
3 years ago

VMware Velo Cloud - Refined modules (to permit usage of API Token instead of user/pass)


Due to recent requirements imposed by a customer of ours, we've refined the Velo Cloud module suite.
We've tweaked those to allow the usage of a generated API Token only (using the property -> velo.apitoken.key) & disregard the use of velo.user/velo.pass.

The reason behind this is the customer not wanting to share any creds to their infra (even if read-only), since he didn't wanted us to have GUI access.
The modules will collect the same exact metrics as the OOTB ones, only difference will be in the actual authentication.

In addition to the original suite, we've also created the addCategory_VeloCloudAPI_TokenStatus property source. This will allow the token to be renewed & having the resource updated on LM automatically (without any interaction from the end-user).
This is a required automation since VMware only allows to create tokens that are valid for up to 12 months & we don't want to miss/forget to renewing it. Since it would cause monitoring to fail. With that in mind we've came up with this PS.
However, to use this PS the velo.user needs to mapped (only the user) & it has to have more than read-only permissions too (required privileges are mentioned in their swagger page for the different API calls).

PS would require the following privilegies assigned to the user
    - CREATE
    - READ
    - UPDATE

The remaining modules work only with the velo.apitoken.key mapped, this is just if you want to renew the token in a automated way & make use of that extra PS (we've coded it to renew the token if <10 days for it to expire).

Despite those still being in security review - here you go

VMware_VeloCloud_EdgeLinkMetrics             - MTWGY4
VMware_VeloCloud_EdgeLinkEventQuality    - J7WKEF
VMware_VeloCloud_EdgeLinkHealth              - AWTYNE
VMware_VeloCloud_EdgeHealth                     - 4DPLLC

Property Source(s)
addCategory_VeloCloudAPI                          - RTCDA2
addERI_VMware_VeloCloud                          - ECDHXG
addCategory_VeloCloudAPI_TokenStatus    - EER7JK

Topology Source(s)
VMware_VeloCloud_Topology                      - CZ7AKJ

Hope this helps in case anyone has the same needs.

Thank you!