WilliamLam.com

  • About
    • About
    • Privacy
  • VMware Cloud Foundation
  • VKS
  • Homelab
    • Resources
    • Nested Virtualization
  • VMware Nostalgia
  • Apple
You are here: Home / Automation / Exploring new VCSA VAMI API w/PowerCLI: Part 10

Exploring new VCSA VAMI API w/PowerCLI: Part 10

03.14.2017 by William Lam // 2 Comments

In Part 10, we are going to take a look at local user management for the VAMI interface. By default, only the root local user exists but customers have the option of creating additional accounts. In vSphere 6.5, the VAMI has been enhanced to support different roles such as Admin, Operator and SuperAdmin. You can refer to the VAMI documentation on what each of the roles provides.

VAMI UI Area of Focus

There is not a VAMI UI for user management, this is currently only available using the VAMI REST APIs.

VAMI APIs Used

  • GET /appliance/techpreview/localaccounts/user
  • POST /appliance/techpreview/localaccounts/user
  • DELETE /appliance/techpreview/localaccounts/user/{user-id}

PowerCLI Function

  • Get-VAMIUser
  • New-VAMIUser
  • Remove-VAMIUser

Sample Output

To retrieve all VAMI users, use the Get-VAMIUser function. By default, your system will probably only have the root user unless you have already added additional VAMI users.


To create a new user, we will use the New-VAMIUser which requires a few input parameter that should be pretty self explanatory. The role parameter can be one of three values: admin, operator or superAdmin as defined in the VAMI documentation.

Here is an example of creating a new user called lamw:

New-VAMIUser -name lamw -fullname "William Lam" -role "operator" -email "*protected email*" -password "VMware1!"


If we now re-run our Get-VAMIUser command, we should see the new user that we had just created.


To remove a VAMI user, you simply use the Remove-VAMIUser and specify the name of the user you wish to remove. Below is an example of deleting the user we had just created.


One thing to note is that when using the Connect-CisServer cmdlet to interact with the VAMI REST API, it currently does not support connecting with local VAMI users, only SSO users. This is a limitation with the PowerCLI implementation and does not affect direct use of the VAMI REST API or using it through other SDKs. This is something that will be resolved in a future update of PowerCLI, so something to keep in mind as I was scratching my head when trying to use a local user to authenticate.

  • Exploring new VCSA VAMI API w/PowerCLI: Part 1
  • Exploring new VCSA VAMI API w/PowerCLI: Part 2
  • Exploring new VCSA VAMI API w/PowerCLI: Part 3
  • Exploring new VCSA VAMI API w/PowerCLI: Part 4
  • Exploring new VCSA VAMI API w/PowerCLI: Part 5
  • Exploring new VCSA VAMI API w/PowerCLI: Part 6
  • Exploring new VCSA VAMI API w/PowerCLI: Part 7
  • Exploring new VCSA VAMI API w/PowerCLI: Part 8
  • Exploring new VCSA VAMI API w/PowerCLI: Part 9
  • Exploring new VCSA VAMI API w/PowerCLI: Part 10

More from my site

  • Exploring new VCSA VAMI API w/PowerCLI: Part 9
  • Exploring new VCSA VAMI API w/PowerCLI: Part 8
  • Exploring new VCSA VAMI API w/PowerCLI: Part 7
  • Exploring new VCSA VAMI API w/PowerCLI: Part 6
  • Exploring new VCSA VAMI API w/PowerCLI: Part 5

Categories // Automation, PowerCLI, vSphere 6.5 Tags // PowerCLI, vami, vcenter server appliance, vSphere 6.5

Comments

  1. *protectedbigbluemike says

    10/23/2018 at 1:51 pm

    Hi William,

    love your site. I am trying to make myself familiar with VAMI Rest API. I am trying to create a PowerCLI script where I can modify the update URL on vSphere 6.7U1 VCSA /appliance/update/policy. I am taking your example of New-VAMIUser as an example to get me started. Can you explain $userAPI.Help.add.config.CreateExample() ? I can not find CreateExample() documented anywhere. I also don't understand the Help.add part. Where is that coming from? You also use $userAPI.add($createSpec), where is the method add coming from? Can you point me to documentation/API Explorer where these are documented? I am trying to make sense of it.

    Thank you very much!

    Mike

    Reply
  2. *protectedvMan says

    08/27/2020 at 5:30 am

    Thank you Mr Lam!! this has been very helpful for some work I am doing.

    Unfortunately it appears a few of these functions no longer work on 7.0.0 as they have changed the CisService from com.vmware.appliance.techpreview.localaccounts.user to com.vmware.appliance.local_accounts.

    I have proposed some updates to Get-VAMIUser, New-VAMIUser & Remove-VAMIUser but will also look at updating all the other "techpreview" in the future.

    For those interested if its not merged into the master see: https://github.com/lamw/PowerCLI-Example-Scripts/compare/master...vmanch:patch-1

    Reply

Thanks for the comment!Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Search

Thank Author

Author

William is Distinguished Platform Engineering Architect in the VMware Cloud Foundation (VCF) Division at Broadcom. His primary focus is helping customers and partners build, run and operate a modern Private Cloud using the VMware Cloud Foundation (VCF) platform.

Connect

  • Bluesky
  • Email
  • GitHub
  • LinkedIn
  • Mastodon
  • Reddit
  • RSS
  • Twitter
  • Vimeo

Recent

  • Programmatically accessing the Broadcom Compatibility Guide (BCG) 05/06/2025
  • Quick Tip - Validating Broadcom Download Token  05/01/2025
  • Supported chipsets for the USB Network Native Driver for ESXi Fling 04/23/2025
  • vCenter Identity Federation with Authelia 04/16/2025
  • vCenter Server Identity Federation with Kanidm 04/10/2025

Advertisment

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Copyright WilliamLam.com © 2025

 

Loading Comments...