I don't know if there is such option on XaaS Resource Action but i think you can do it on Entitlements (if you want exclude Action just create separate Entitlements for Business Group which does not include your action)
thou, as stated in my initial post, my blueprints are available in the same business group, so it wil not be possible as you suggest.
You can definitely do it for machine resources. In the target dropdown its literally called Blueprint Name.
What is your XaaS Resource Action attached to? Another custom type?
Yes, I can specify the Blueprint Name when my input is an IaaS VC VirtualMachine.
The Blueprint Name is not available when my input is of type Deployment. Which I believe is still based and built on my blueprint which should include the blueprint name...
So I just had a look at filtering an action for Deployments.
Does Requested Catalog Item -> Name -> <equals/contains/filter> not meet your needs? Obviously the name of the Catalog Item is not always the same as the blueprint, but it should still be workable?
Edit: Just realised this won't work if you're using nested blueprints and want to filter the action out from the nested blueprints, as they all derive from the same catalog item. Can you not just use the filter Item Name? Provided you aren't using the static deployment name property vRA will be generating the name by using the blueprint name itself. This could be an issue on vRA 7.5+ as users can change the name of their deployment.
it did the trick!
Many thanks for your help.
a second question from a noob... Do you know if it is possible to set up a conditions, which is true if the logged in user / executing use is the same as the owner on the deployment. I got an action, which should only be possible to execute as long it is the owner... Or should I much such check into my vRO code?
So I've just spent a little time looking and unfortunately I cannot see a way to do it.
There is a target criteria of Owners -> Users -> Principal ID. If you set the value to constant and put your UPN in it does successfully filter the action; however I could not find a way to dynamically target the logged in user. I even tried setting the value via the API (as the UI doesn't always show all possible values) but I couldn't get anything to work.
Unless someone else knows a way to do it, this leaves you with 3 options (in order of best User Experience):
- Have your XaaS form use logic that displays a text box if the person is not the owner that says they're not allowed to use the action. You can then manipulate the presentation properties so that Submit will never work for them. Determining the user once you're in the request is possible by binding to the field Request Info -> Requested By -> Principal ID (for XaaS) or #__username (for vRO presentation, which I recommend)
- Use an EBS PRE-ApprovalPolicy that inspects the requester versus owner and rejects as appropriate
- Do the inspection inside your Day-2 vRO workflow and throw an exception as appropriate
Hope that helps and please mark the previous answer as accepted if it met your needs.