vra-New-Account.ps1
description
Configure a new AWS account in VRA so that can use existing blueprints.
introduction
vmWare Realize Automation - Cloud Assembly (vra-cas) can be configured to deploy and manage (day-2) servers deployed in AWS. In order to effectively deploy servers using blueprints in VRA Service Broker requires configuration of approximately 20 different items. This project is automate that configuration and standarize configuration settings.
What it configures:
- AWS Cloud Account created
- Cloud zone confirmed
- Cloud zones tagged
- cz:accountname-aws-czRegion
- VRA Project created
- availibity zones tagged
- az:$FindcloudAccount.name +"-aws-"+ $FoundAZ.name
- subnets tagged and added to profile
- default admins added to project
- cloud zones added to project (for provisioning)
- availibity zones tagged
- image profiles updated to include new cloud zone(s)
- copies image profiles of a 'master' account
- duplicates are deleted.
- flavor profiles updated to include new cloud zone(s)
- copies image profiles of a 'master' account
- duplicates are deleted
- security groups are tagged
- sg:$FindExistingProject.name + "-aws-"+$roleTag.ToLower()
- roleTag is pulled from existing security group name
- Network profile created for each zone
- fabric networks identified and tagged
- network:$FindExistingProject.name+"-aws-"+ $FNroleTag.tolower() + "-"+ $ZoneName
- FindExistingProject is the project object found after the project is created.
- FNRoleTag is pulled directly from the fabric network based off the naming standard
- zoneName is the aws region name (ie us-west-2a)
- network profile tagged
- network-name:FindExistingProject.name+"-aws"
- fabric networks identified and tagged
- Storage profile created for each zone
- basic storage policy defined
- storage tagged
- storage:$FindcloudAccount.name+":"+$thisNewRegion.externalRegionId
- share blueprint repository from master
dependencies
- AWS account created and network resources configured using default naming standard.
- power user account
- Powershell v3 or greater
- VRA Cloud Assembly Admin account
usage
.\vra-new-account.ps1 -strAccountName "MyNewAWSEnvironment" -strCloudAccountAccessKey "abc123akjhsd" -strCloudAccountSecretKey "longpassword-to-be-entered-here"
parameters
name | purpose |
---|---|
strAccountName | Account name is populated throughout VRA. Needs to be unique as to not overlap other existing cloud accounts in VRA. This will become the Cloud Account name, project name, network profile names, and storage profile name. Value must not contain spaces, the script will remove them and change the value if present. |
strCloudAccountAccessKey | The access key is from an account that has been granted programatic access and "POWER USER" role to the new AWS account. |
strCloudAccountSecretKey | 'password' for the new AWS service account. |
contributing
This project is held in GitHub and follows standard feature branch workflow. If you wish to contribute to the development of this project, please reach out to the authors listed in the Authors section. You can always clone the project, make changes, and complete a pull request. However, without prior notice to the authors, pull requests will be rejected.