Hi all. I'd appreciate some advice on if what I'm trying to do can be done, and where I'm going wrong. I need a way for end-users to connect to a VM using VMRC without them needing their own login to the VRA console. I thought it would be possible using the API.
I am able to get resource actions using:
GET /api/consumer/resources/{resourceId}/actions/{resourceActionId}/requests/template
Partial output of the above:
"@type": "ConsumerResourceOperation",
"name": "Connect using VMRC",
"description": "Infrastructure connect using VMRC",
"iconId": "cafe_default_icon_genericResourceOperation",
"type": "EXTENSION",
"id": "bf83082c-682f-4c54-bc67-24d3b7eccb35",
"extensionId": "csp.places.iaas.item.nowindow.ConnectViaNativeVmrc",
"providerTypeId": null,
"bindingId": null,
"hasForm": false,
"formScale": null
},
{
"@type": "ConsumerResourceOperation",
"name": "Create Snapshot",
"description": "Create a snapshot for this machine.",
"iconId": "virtualCreateSnapshot.png",
"type": "ACTION",
"id": "a390dcbc-c3a7-4668-8246-69237e075605",
"extensionId": null,
"providerTypeId": "com.vmware.csp.iaas.blueprint.service",
"bindingId": "Infrastructure.Virtual.Action.CreateSnapshot",
"hasForm": true,
"formScale": "SMALL"
},
I can perform some actions by first getting the template using:
"type": "com.vmware.vcac.catalog.domain.request.CatalogResourceRequest",
"resourceId": "c92b2b7f-0cb3-4399-bb8c-e4d7896eb4dd",
"actionId": "a390dcbc-c3a7-4668-8246-69237e075605",
"description": null,
"reasons": null,
"data": {
"SnapshotInputDescription": null,
"SnapshotInputMemoryIncluded": null,
"SnapshotInputName": null
}
}
Then modify the JSON and post it to
The problem is that if I try to retrieve the request template for any of the connect actions (console, VMRC or SSH) I get this:
"errors": [
{
"code": 50505,
"source": null,
"message": "System exception.",
"systemMessage": null,
"moreInfoUrl": null
}
]
}
Any thoughts on if what I want to do is possible and how I could proceed?
I don't think that's going to work because of authentication. You can't just bypass that mechanism as it's not optional.
I would've thought - obviously stand open to correction - that authentication was necessary to generate the link (that bit will be handled server side by generating a bearer token using my credentials) - but that the link that was generated would be valid for the lifetime of the token? I've already had to authenticate to get the other request templates - it's only the 'connect' templates that are giving a 500 error.