In Part 3, we are going to look at auditing the different ways you can access the VCSA which includes direct console access (TTY1), Direct-Console UI (TTY2), whether the Bash Shell is enabled and remote SSH access. This is especially useful if you need to ensure certain interfaces like SSH is always disabled and you can even create scheduled task that would periodically run the PowerCLI script and generate either an email or some other notification when a particular access interface is enabled when it is not supposed to be.
VAMI UI Area of Focus
We will be retrieving the two access configurations properties shown in the VAMI UI today as well as two additional properties that are not displayed.
VAMI APIs Used
- GET /appliance/access/consoleui
- GET /appliance/access/dcui
- GET /appliance/access/shell
- GET /appliance/access/ssh
PowerCLI Function
Sample Output
The output is fairly straight forward, just boolean specifying whether each of the access types are either enabled or disabled. To make changes to any of these settings, you just need to use the PUT operation against the specific access endpoint that you wish to enable or disable. I will leave that as an exercise for the reader.
- Exploring new VCSA VAMI API w/PowerCLI: Part 1
- Exploring new VCSA VAMI API w/PowerCLI: Part 2
- Exploring new VCSA VAMI API w/PowerCLI: Part 3
- Exploring new VCSA VAMI API w/PowerCLI: Part 4
- Exploring new VCSA VAMI API w/PowerCLI: Part 5
- Exploring new VCSA VAMI API w/PowerCLI: Part 6
- Exploring new VCSA VAMI API w/PowerCLI: Part 7
- Exploring new VCSA VAMI API w/PowerCLI: Part 8
- Exploring new VCSA VAMI API w/PowerCLI: Part 9
- Exploring new VCSA VAMI API w/PowerCLI: Part 10