Getting Started with Aria Automation & Terraform
Using Terraform to consume Aria Automation / VCF Automation is easy to configure and to get started, have a read of the below code snippets. This guide will cover the initial setup and configuration of the Aria Automation Terraform provider and assumes that you have the Terraform executable installed locally. If not, install locally following the HashiCorp documentation.
Part One of this guide will cover authenticating to the Aria Automation / VCF Automation instance.
To get started, the first file to create is provider.tf
which will contain the configuration needed to setup the Aria Automation provider. The first code block in the provider.tf
file is to tell terraform which providers are required for your terraform files. In this file we are defining that the terraform version installed must be at least 0.13 and the Aria Automation provider installed must be at least 0.11.0. Don\t worry, besides the Terraform installer, there isn't anything else to be installed by you.
1terraform {
2 required_version = ">= 0.13"
3 required_providers {
4 vra = {
5 source = "vmware/vra"
6 version = "~> 0.11.0"
7 }
8 }
9}
The next part of the provider.tf
file is to define the "vra" provider configuration, including the URL and authentication to Aria Automation. The provider configuration will reference a variable for the url and insecure options, and a data source for the access token.
1provider "vra" {
2 url = var.url
3 access_token = data.http.access_token
4 insecure = var.insecure
5}
Below the provider configuration is two 'http' data blocks. The first data block is for the 'refresh token' which contains the username and password of the user that you want to use. The second data block is the 'access token' which is generated based on your refresh token.
1data "http" "refresh_token" {
2 url = "${var.url}/csp/gateway/am/api/login?access_token"
3 method = "POST"
4 request_headers = {
5 Content-Type = "application/json",
6 Accept = "application/json"
7 }
8 request_body = jsonencode({
9 username: var.username
10 password: var.password
11 domain: var.domain
12 })
13}
14
15data "http" "access_token" {
16 url = "${var.url}/iaas/api/login"
17 method = "POST"
18 request_headers = {
19 Content-Type = "application/json",
20 Accept = "application/json"
21 }
22 request_body = jsonencode({
23 refreshToken: data.http.refresh_token
24 })
25}
The providers.tf
should now look like the below code snippet.
1terraform {
2 required_version = ">= 0.13"
3 required_providers {
4 vra = {
5 source = "vmware/vra"
6 version = "0.11.0"
7 }
8 }
9}
10
11provider "vra" {
12 url = var.url
13 access_token = data.http.access_token
14 insecure = var.insecure
15}
16
17data "http" "refresh_token" {
18 url = "${var.url}/csp/gateway/am/api/login?access_token"
19 method = "POST"
20 request_headers = {
21 Content-Type = "application/json",
22 Accept = "application/json"
23 }
24 request_body = jsonencode({
25 username : var.username
26 password : var.password
27 domain : var.domain
28 })
29}
30
31data "http" "access_token" {
32 url = "${var.url}/iaas/api/login"
33 method = "POST"
34 request_headers = {
35 Content-Type = "application/json",
36 Accept = "application/json"
37 }
38 request_body = jsonencode({
39 refreshToken : data.http.refresh_token
40 })
41}
In the code above, there are some references to variables which we haven't defined yet, so next, create a variables.tf
file. Each variable block is created with the variable name, and it's best practice to define a description and type. For variables that won't be mandatory, also provide a default value.
1# Input variable: url
2variable "url" {
3 description = "The URL of the Aria Automation / VCF Automation instance"
4 type = string
5}
6
7# Input variable: insecure
8variable "insecure" {
9 description = "Should SSL verification be skipped? true = skip ssl verification"
10 type = bool
11 default = "false"
12}
13
14# Input variable: username
15variable "username" {
16 description = "Username of the user to authenticate to Aria Automation / VCF Automation"
17 type = string
18 default = "your_username"
19 sensitive = true
20}
21
22# Input variable: password
23variable "password" {
24 description = "Password of the user to authenticate to Aria Automation / VCF Automation"
25 type = string
26 default = "your_password"
27 sensitive = true
28}
29
30# Input variable: domain
31variable "domain" {
32 description = "Domain of the user to authenticate to Aria Automation / VCF Automation"
33 type = string
34 default = "System Domain"
35}
The final step is to define the values of each variable. To do this, create a variables.tfvars
file and enter your variable values in the file, as per the example below. Remember, all *.tfvars files should not be stored in source control such as git, as the values will differ between environments.
1url = "https://vaa.homelab.local"
2insecure = false
3username = "configadmin"
4password = "S3cur3P@ssw0rd!"
To test your terraform configurations are working, running the terraform init
command to initialise the current directory and install the required providers. Once terraform has initialised, run terraform plan
to confirm that no resources will be created. Once the plan has run successfully, run terraform apply
to run your configuration.