VMware Cloud Community
KThorlund
Enthusiast
Enthusiast
‎12-12-2019 01:48 AM
Jump to solution

Conditions on XaaS Resource Action - Blueprint name - not possible?

Hello, 

I have been looking to set a condition on a XaaS Resource Action but cant find...

Many options are available, but dont find it possible to specify a condition which taget the blueprint name. 

E.g. i have a blueprint named "Linux Server", and wanna exclude an action on this one. All blueprints are avilable to the same buisness group. 

Can it be that I cant filter on blueprint name?

Regards, Kjled 

Reply
0 Kudos
1 Solution

Accepted Solutions
stevedrummond
Hot Shot
Hot Shot
‎12-15-2019 03:55 PM
Jump to solution

So I just had a look at filtering an action for Deployments.

Does Requested Catalog Item -> Name -> <equals/contains/filter>​ not meet your needs? Obviously the name of the Catalog Item is not always the same as the blueprint, but it should still be workable?

Edit: Just realised this won't work if you're using nested blueprints and want to filter the action out from the nested blueprints, as they all derive from the same catalog item. Can you not just use the filter Item Name? Provided you aren't using the static deployment name property vRA will be generating the name by using the blueprint name itself. This could be an issue on vRA 7.5+ as users can change the name of their deployment.

View solution in original post

Reply
0 Kudos
8 Replies
KocPawel
Hot Shot
Hot Shot
‎12-12-2019 04:46 AM
Jump to solution

I don't know if there is such option on XaaS Resource Action but i think you can do it on Entitlements (if you want exclude Action just create separate Entitlements for Business Group which does not include your action)

Reply
0 Kudos
KThorlund
Enthusiast
Enthusiast
‎12-12-2019 08:19 AM
Jump to solution

Thanks Pawel, 

thou, as stated in my initial post, my blueprints are available in the same business group, so it wil not be possible as you suggest. 

Reply
0 Kudos
stevedrummond
Hot Shot
Hot Shot
‎12-12-2019 02:09 PM
Jump to solution

You can definitely do it for machine resources. In the target dropdown its literally called Blueprint Name.

What is your XaaS Resource Action attached to? Another custom type?

Reply
0 Kudos
KThorlund
Enthusiast
Enthusiast
‎12-12-2019 11:46 PM
Jump to solution

Yes, I can specify the Blueprint Name when my input is an IaaS VC VirtualMachine. 

The Blueprint Name is not available when my input is of type Deployment. Which I believe is still based and built on my blueprint which should include the blueprint name...

Reply
0 Kudos
stevedrummond
Hot Shot
Hot Shot
‎12-15-2019 03:55 PM
Jump to solution

So I just had a look at filtering an action for Deployments.

Does Requested Catalog Item -> Name -> <equals/contains/filter>​ not meet your needs? Obviously the name of the Catalog Item is not always the same as the blueprint, but it should still be workable?

Edit: Just realised this won't work if you're using nested blueprints and want to filter the action out from the nested blueprints, as they all derive from the same catalog item. Can you not just use the filter Item Name? Provided you aren't using the static deployment name property vRA will be generating the name by using the blueprint name itself. This could be an issue on vRA 7.5+ as users can change the name of their deployment.

Reply
0 Kudos
KThorlund
Enthusiast
Enthusiast
‎12-16-2019 01:07 AM
Jump to solution

Perfect Steve, 

it did the trick!

Many thanks for your help. 

Reply
0 Kudos
KThorlund
Enthusiast
Enthusiast
‎12-16-2019 05:09 AM
Jump to solution

Steve, 

a second question from a noob... Do you know if it is possible to set up a conditions, which is true if the logged in user / executing use is the same as the owner on the deployment.  I got an action, which should only be possible to execute as long it is the owner... Or should I much such check into my vRO code?

Regards, Kjeld

Reply
0 Kudos
stevedrummond
Hot Shot
Hot Shot
‎12-16-2019 04:25 PM
Jump to solution

So I've just spent a little time looking and unfortunately I cannot see a way to do it.

There is a target criteria of Owners -> Users -> Principal ID. If you set the value to constant and put your UPN in it does successfully filter the action; however I could not find a way to dynamically target the logged in user. I even tried setting the value via the API (as the UI doesn't always show all possible values) but I couldn't get anything to work.

Unless someone else knows a way to do it, this leaves you with 3 options (in order of best User Experience):

  1. Have your XaaS form use logic that displays a text box if the person is not the owner that says they're not allowed to use the action. You can then manipulate the presentation properties so that Submit will never work for them. Determining the user once you're in the request is possible by binding to the field Request Info -> Requested By -> Principal ID (for XaaS) or #__username (for vRO presentation, which I recommend)
  2. Use an EBS PRE-ApprovalPolicy that inspects the requester versus owner and rejects as appropriate
  3. Do the inspection inside your Day-2 vRO workflow and throw an exception as appropriate

Hope that helps and please mark the previous answer as accepted if it met your needs.

Reply
0 Kudos