In the vRealize Automation 8.1 API reference material. I wanted to go through the examples in the section for acquiring a token and verifying roles. I prefer Python and thought this may help others. With the code below, this should be a good starting point and make the other API calls in the documentation easier to convert to Python.
At the start of the Authenticate() function, you'll see that I'm using configparser to read a configuration file named config.ini. Place the configuration file into the same directory as the script.
Here is the relevant configuration I'm using for vRA:
file: config.ini
[vra user]
usrName=adm-user
usrPass=P@ssw0rd
usrTenant=corp.local
[vra server]
srvName=vm-vra.corp.local
At the start of the Authenticate() function, you'll see that I'm using configparser to read a configuration file named config.ini. Place the configuration file into the same directory as the script.
Here is the relevant configuration I'm using for vRA:
file: config.ini
[vra user]
usrName=adm-user
usrPass=P@ssw0rd
usrTenant=corp.local
[vra server]
srvName=vm-vra.corp.local
vRA will require a token when making RESTful API calls. The first function called in the script will acquire the necessary tokens. Once we have the access token, we can make the subsequent calls to acquire the Organization ID, Organization Roles and Organization Service Roles for the authenticated user.
The documentation states:
"To use the API, a vRealize Automation user must be an organization member with at least a user service role. You use the access token to verify user roles"
Here is the code derived from the API documentation:
vra-1.py
#!/usr/bin/python3
# vRA8.1 API Calls
import sys, os, time, configparser, json, requests
from requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
def Authenticate():
# Read Config parameters
config = configparser.ConfigParser()
config.read('config.ini')
#Your vROps environment parameters
usrName = config['vra user']['usrName']
usrPass = config['vra user']['usrPass']
usrTenant = config['vra user']['usrTenant']
srvName = config['vra server']['srvName']
global baseURL
baseURL = "https://" + srvName
vraURL = baseURL + "/csp/gateway/am/api/login?access_token"
apiJSON = {"username": usrName,"password": usrPass,"tenant":usrTenant}
apiHeaders = {"Content-Type":"application/json","Accept":"application/json"}
apiToken = requests.post(vraURL,data=json.dumps(apiJSON),headers=apiHeaders,verify=False)
refreshToken=apiToken.json()['refresh_token']
vraURL = baseURL + "/iaas/api/login"
accessJSON = {"refreshToken":apiToken.json()['refresh_token']}
accessHeaders = {"Content-Type":"application/json","Accept":"application/json"}
accessToken = requests.post(vraURL,data=json.dumps(accessJSON),headers=accessHeaders,verify=False)
return(accessToken.json()['token'])
def GetOrgId(token):
vraURL = baseURL + "/csp/gateway/am/api/loggedin/user/orgs"
authToken = "Bearer " + token
Headers = {"accept": "application/json", "authorization":authToken}
apiReq = requests.get(vraURL,headers=Headers,verify=False)
return(apiReq.json()['items'][0]['id'])
def GetOrgRole(token,OrgId):
vraURL = baseURL + "/csp/gateway/am/api/loggedin/user/orgs/"+OrgId+"/roles"
authToken = "Bearer " + token
Headers = {"accept": "application/json", "authorization":authToken}
apiReq = requests.get(vraURL,headers=Headers,verify=False)
print("Org Id: " + apiReq.json()[0]['name'])
return(apiReq.json()[0]['name'])
def GetServiceRole(token,OrgId):
vraURL = baseURL + "/csp/gateway/am/api/loggedin/user/orgs/"+OrgId+"/service-roles"
authToken = "Bearer " + token
Headers = {"accept": "application/json", "authorization":authToken}
apiReq = requests.get(vraURL,headers=Headers,verify=False)
print("Service Roles:")
for x in range(len(apiReq.json()['serviceRoles'])):
for y in range(len(apiReq.json()['serviceRoles'][x]['serviceRoleNames'])):
print(apiReq.json()['serviceRoles'][x]['serviceRoleNames'][y])
# Script starts here
def main():
authToken=Authenticate()
OrgId = GetOrgId(authToken)
GetOrgRole(authToken,OrgId)
GetServiceRole(authToken,OrgId)
if __name__ == "__main__":
main()
The documentation states:
"To use the API, a vRealize Automation user must be an organization member with at least a user service role. You use the access token to verify user roles"
Here is the code derived from the API documentation:
vra-1.py
#!/usr/bin/python3
# vRA8.1 API Calls
import sys, os, time, configparser, json, requests
from requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
def Authenticate():
# Read Config parameters
config = configparser.ConfigParser()
config.read('config.ini')
#Your vROps environment parameters
usrName = config['vra user']['usrName']
usrPass = config['vra user']['usrPass']
usrTenant = config['vra user']['usrTenant']
srvName = config['vra server']['srvName']
global baseURL
baseURL = "https://" + srvName
vraURL = baseURL + "/csp/gateway/am/api/login?access_token"
apiJSON = {"username": usrName,"password": usrPass,"tenant":usrTenant}
apiHeaders = {"Content-Type":"application/json","Accept":"application/json"}
apiToken = requests.post(vraURL,data=json.dumps(apiJSON),headers=apiHeaders,verify=False)
refreshToken=apiToken.json()['refresh_token']
vraURL = baseURL + "/iaas/api/login"
accessJSON = {"refreshToken":apiToken.json()['refresh_token']}
accessHeaders = {"Content-Type":"application/json","Accept":"application/json"}
accessToken = requests.post(vraURL,data=json.dumps(accessJSON),headers=accessHeaders,verify=False)
return(accessToken.json()['token'])
def GetOrgId(token):
vraURL = baseURL + "/csp/gateway/am/api/loggedin/user/orgs"
authToken = "Bearer " + token
Headers = {"accept": "application/json", "authorization":authToken}
apiReq = requests.get(vraURL,headers=Headers,verify=False)
return(apiReq.json()['items'][0]['id'])
def GetOrgRole(token,OrgId):
vraURL = baseURL + "/csp/gateway/am/api/loggedin/user/orgs/"+OrgId+"/roles"
authToken = "Bearer " + token
Headers = {"accept": "application/json", "authorization":authToken}
apiReq = requests.get(vraURL,headers=Headers,verify=False)
print("Org Id: " + apiReq.json()[0]['name'])
return(apiReq.json()[0]['name'])
def GetServiceRole(token,OrgId):
vraURL = baseURL + "/csp/gateway/am/api/loggedin/user/orgs/"+OrgId+"/service-roles"
authToken = "Bearer " + token
Headers = {"accept": "application/json", "authorization":authToken}
apiReq = requests.get(vraURL,headers=Headers,verify=False)
print("Service Roles:")
for x in range(len(apiReq.json()['serviceRoles'])):
for y in range(len(apiReq.json()['serviceRoles'][x]['serviceRoleNames'])):
print(apiReq.json()['serviceRoles'][x]['serviceRoleNames'][y])
# Script starts here
def main():
authToken=Authenticate()
OrgId = GetOrgId(authToken)
GetOrgRole(authToken,OrgId)
GetServiceRole(authToken,OrgId)
if __name__ == "__main__":
main()
No comments:
Post a Comment