In Part 3, we are going to look at auditing the different ways you can access the VCSA which includes direct console access (TTY1), Direct-Console UI (TTY2), whether the Bash Shell is enabled and remote SSH access. This is especially useful if you need to ensure certain interfaces like SSH is always disabled and you can even create scheduled task that would periodically run the PowerCLI script and generate either an email or some other notification when a particular access interface is enabled when it is not supposed to be.
VAMI UI Area of Focus
We will be retrieving the two access configurations properties shown in the VAMI UI today as well as two additional properties that are not displayed.
VAMI APIs Used
- GET /appliance/access/consoleui
- GET /appliance/access/dcui
- GET /appliance/access/shell
- GET /appliance/access/ssh
PowerCLI Function
Sample Output
The output is fairly straight forward, just boolean specifying whether each of the access types are either enabled or disabled. To make changes to any of these settings, you just need to use the PUT operation against the specific access endpoint that you wish to enable or disable. I will leave that as an exercise for the reader.
- Exploring new VCSA VAMI API w/PowerCLI: Part 1
- Exploring new VCSA VAMI API w/PowerCLI: Part 2
- Exploring new VCSA VAMI API w/PowerCLI: Part 3
- Exploring new VCSA VAMI API w/PowerCLI: Part 4
- Exploring new VCSA VAMI API w/PowerCLI: Part 5
- Exploring new VCSA VAMI API w/PowerCLI: Part 6
- Exploring new VCSA VAMI API w/PowerCLI: Part 7
- Exploring new VCSA VAMI API w/PowerCLI: Part 8
- Exploring new VCSA VAMI API w/PowerCLI: Part 9
- Exploring new VCSA VAMI API w/PowerCLI: Part 10
Hey William,
I have one doubt. As you know most of the thing about Vc.
Could you please help with - "how to retrieve thumbprint of VCenter using command line or API"
Thanks
Hi William,
Sorry but there are some 404 error when I try to download your module ... I have tried https://github.com/lamw/PowerCLI-Example-Scripts/blob/master/Modules/VAMI.psm1 & https://github.com/lamw/PowerCLI-Example-Scripts/blob/master/Modules/VAMI.psm1 ... It is the same ... Where can i download it ?
Thanks for all your shares !
The original repo (which I don't own) had changed the module paths and hence the old URLs no longer work. Here's the new URL https://github.com/lamw/PowerCLI-Example-Scripts/blob/master/Modules/VAMI/VAMI.psm1
Lam, look like all this command not working with 6.7 or something? I try this Get-VAMISUmmary on 6.7 the error ( the term is not recognized) is this each version of vcenter is different command?
Hi William, In regard to the Get-VAMIAccess function, you indicate "The output is fairly straight forward, just boolean specifying whether each of the access types are either enabled or disabled. To make changes to any of these settings, you just need to use the PUT operation against the specific access endpoint that you wish to enable or disable. I will leave that as an exercise for the reader."
While Get-VAMIAccess leverages Get-CISService, I can't figure out how PUT is leveraged to start / stop SSH. There is no Put-CISService command. Can you please provide an example on how to use the PUT command to manage access? Thank you!