Highlighted
User Moderator
User Moderator

Subscription Payload

Jump to solution

Good day all,

I was taking a closer look at the payload properties that gets displayed in the logs when the subscription is called and noticed that my encrypted values are getting displayed in plain text in the logs.  Can anyone confirm if they are seeing that in their environment please?

Thanks

Steve

Steve Beaver VMware Communities User Moderator VMware vExpert 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017 ==== Co-Author of "VMware ESX Essentials in the Virtual Data Center" (ISBN:1420070274) from Auerbach Come check out my blog: [www.virtualizationpractice.com/blog|http://www.virtualizationpractice.com/blog/] Come follow me on twitter http://www.twitter.com/sbeaver **The Cloud is a journey, not a project.**
Tags (1)
1 Solution

Accepted Solutions
Highlighted
Immortal
Immortal

Or...j/k, I already had a subscription and scriptable task ready and waiting. So, yes, I confirm your observation.

pastedImage_0.png

Output in the log for a scriptable task that writes out all properties:

Chip.EncryptedProp01: VMware1!

Not good.

View solution in original post

0 Kudos
11 Replies
Highlighted
Immortal
Immortal
0 Kudos
Highlighted
User Moderator
User Moderator

7.3

Steve Beaver VMware Communities User Moderator VMware vExpert 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017 ==== Co-Author of "VMware ESX Essentials in the Virtual Data Center" (ISBN:1420070274) from Auerbach Come check out my blog: [www.virtualizationpractice.com/blog|http://www.virtualizationpractice.com/blog/] Come follow me on twitter http://www.twitter.com/sbeaver **The Cloud is a journey, not a project.**
0 Kudos
Highlighted
Immortal
Immortal

Can you give me something specific to test? I'll check it out on my end.

0 Kudos
Highlighted
User Moderator
User Moderator

Thank you that would be great.  Create a encrypted property for a VM that will trigger a subscription.  When the subscription runs the scriptable task that receives the payload will log all the values as well as the looping and logging all the virtual machine properties.  I am looking to see if you see the same results that I am in that the encrypted property you configured gets presented in the System.log as plain text.

Thanks for taking the time

Steve Beaver VMware Communities User Moderator VMware vExpert 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017 ==== Co-Author of "VMware ESX Essentials in the Virtual Data Center" (ISBN:1420070274) from Auerbach Come check out my blog: [www.virtualizationpractice.com/blog|http://www.virtualizationpractice.com/blog/] Come follow me on twitter http://www.twitter.com/sbeaver **The Cloud is a journey, not a project.**
0 Kudos
Highlighted
Immortal
Immortal

Ok, I'll whip up a test and get back to you. May be tomorrow morning, though.

0 Kudos
Highlighted
User Moderator
User Moderator

No worries!!  Thank again for your time

Steve Beaver VMware Communities User Moderator VMware vExpert 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017 ==== Co-Author of "VMware ESX Essentials in the Virtual Data Center" (ISBN:1420070274) from Auerbach Come check out my blog: [www.virtualizationpractice.com/blog|http://www.virtualizationpractice.com/blog/] Come follow me on twitter http://www.twitter.com/sbeaver **The Cloud is a journey, not a project.**
0 Kudos
Highlighted
Immortal
Immortal

Or...j/k, I already had a subscription and scriptable task ready and waiting. So, yes, I confirm your observation.

pastedImage_0.png

Output in the log for a scriptable task that writes out all properties:

Chip.EncryptedProp01: VMware1!

Not good.

View solution in original post

0 Kudos
Highlighted
User Moderator
User Moderator

OK thank you for the confirmation on this.  I am going to see if I can get some attention to this issue.  Thanks again for you help

Steve Beaver VMware Communities User Moderator VMware vExpert 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017 ==== Co-Author of "VMware ESX Essentials in the Virtual Data Center" (ISBN:1420070274) from Auerbach Come check out my blog: [www.virtualizationpractice.com/blog|http://www.virtualizationpractice.com/blog/] Come follow me on twitter http://www.twitter.com/sbeaver **The Cloud is a journey, not a project.**
0 Kudos
Highlighted
Enthusiast
Enthusiast

vRO does this too, if you run a System.log on a SecureString type it will put it in clear text in the log. To me it's obfuscated and not actually encrypted.

0 Kudos
Highlighted
Contributor
Contributor

Secure string is just like a password field, nothing to do with encrypting the string. just making it less readable over shoulders etc.

Highlighted
Hot Shot
Hot Shot

I faced the same issue. I was thinking about encrypting the value with vRO and push it back by EBS with virtualMachineAddOrUpdateProperties

Any other suggestions?

0 Kudos