Getting Started with Aria Automation & Terraform

Using Terraform to consume Aria Automation / VCF Automation is easy to configure and to get started, have a read of the below code snippets. This guide will cover the initial setup and configuration of the Aria Automation Terraform provider and assumes that you have the Terraform executable installed locally. If not, install locally following the HashiCorp documentation.

Part One of this guide will cover authenticating to the Aria Automation / VCF Automation instance.

To get started, the first file to create is provider.tf which will contain the configuration needed to setup the Aria Automation provider. The first code block in the provider.tf file is to tell terraform which providers are required for your terraform files. In this file we are defining that the terraform version installed must be at least 0.13 and the Aria Automation provider installed must be at least 0.11.0. Don\t worry, besides the Terraform installer, there isn't anything else to be installed by you.

1terraform {
2  required_version = ">= 0.13"
3  required_providers {
4    vra = {
5      source  = "vmware/vra"
6      version = "~> 0.11.0"
7    }
8  }
9}

The next part of the provider.tf file is to define the "vra" provider configuration, including the URL and authentication to Aria Automation. The provider configuration will reference a variable for the url and insecure options, and a data source for the access token.

1provider "vra" {
2  url           = var.url
3  access_token  = data.http.access_token
4  insecure      = var.insecure
5}

Below the provider configuration is two 'http' data blocks. The first data block is for the 'refresh token' which contains the username and password of the user that you want to use. The second data block is the 'access token' which is generated based on your refresh token.

 1data "http" "refresh_token" {
 2  url    = "${var.url}/csp/gateway/am/api/login?access_token"
 3  method = "POST"
 4  request_headers = {
 5    Content-Type = "application/json",
 6    Accept = "application/json"
 7  }
 8  request_body = jsonencode({
 9    username: var.username
10    password: var.password
11    domain:   var.domain
12  })
13}
14
15data "http" "access_token" {
16  url    = "${var.url}/iaas/api/login"
17  method = "POST"
18  request_headers = {
19    Content-Type = "application/json",
20    Accept = "application/json"
21  }
22  request_body = jsonencode({
23    refreshToken: data.http.refresh_token
24  })
25}

The providers.tf should now look like the below code snippet.

 1terraform {
 2  required_version = ">= 0.13"
 3  required_providers {
 4    vra = {
 5      source  = "vmware/vra"
 6      version = "0.11.0"
 7    }
 8  }
 9}
10
11provider "vra" {
12  url          = var.url
13  access_token = data.http.access_token
14  insecure     = var.insecure
15}
16
17data "http" "refresh_token" {
18  url    = "${var.url}/csp/gateway/am/api/login?access_token"
19  method = "POST"
20  request_headers = {
21    Content-Type = "application/json",
22    Accept       = "application/json"
23  }
24  request_body = jsonencode({
25    username : var.username
26    password : var.password
27    domain : var.domain
28  })
29}
30
31data "http" "access_token" {
32  url    = "${var.url}/iaas/api/login"
33  method = "POST"
34  request_headers = {
35    Content-Type = "application/json",
36    Accept       = "application/json"
37  }
38  request_body = jsonencode({
39    refreshToken : data.http.refresh_token
40  })
41}

In the code above, there are some references to variables which we haven't defined yet, so next, create a variables.tf file. Each variable block is created with the variable name, and it's best practice to define a description and type. For variables that won't be mandatory, also provide a default value.

 1# Input variable: url
 2variable "url" {
 3  description = "The URL of the Aria Automation / VCF Automation instance"
 4  type        = string
 5}
 6
 7# Input variable: insecure
 8variable "insecure" {
 9  description = "Should SSL verification be skipped? true = skip ssl verification"
10  type        = bool
11  default     = "false"
12}
13
14# Input variable: username
15variable "username" {
16  description = "Username of the user to authenticate to Aria Automation / VCF Automation"
17  type        = string
18  default     = "your_username"
19  sensitive   = true
20}
21
22# Input variable: password
23variable "password" {
24  description = "Password of the user to authenticate to Aria Automation / VCF Automation"
25  type        = string
26  default     = "your_password"
27  sensitive   = true
28}
29
30# Input variable: domain
31variable "domain" {
32  description = "Domain of the user to authenticate to Aria Automation / VCF Automation"
33  type        = string
34  default     = "System Domain"
35}

The final step is to define the values of each variable. To do this, create a variables.tfvars file and enter your variable values in the file, as per the example below. Remember, all *.tfvars files should not be stored in source control such as git, as the values will differ between environments.

1url                 = "https://vaa.homelab.local"
2insecure            = false
3username            = "configadmin"
4password            = "S3cur3P@ssw0rd!"

To test your terraform configurations are working, running the terraform init command to initialise the current directory and install the required providers. Once terraform has initialised, run terraform plan to confirm that no resources will be created. Once the plan has run successfully, run terraform apply to run your configuration.

comments powered by Disqus