Credentials APIs
APIs for managing Credentials
Table of Contents
1. Get the Credentials
This API is used to fetch all credentials known to the system.
1.1. Prerequisites
The following data is required
Resource type, name, IP address, accountType or the domain name associated with the resource is required to filter the results. For allowable resource type values, refer : Get the Credentials API
"pageNumber" and "pageSize" filters are recommended to be additionally used for limiting response content and also improving response time.
Get All Credentials in Page
1.2. Steps
- Invoke the API by specifying the "pageNumber" and "pageSize" filters.
Tip : Other filters like "resourceName" , "resourceIp" , "resourceType" and "domainName" can be additionally used as search criteria.
Tip : If no value for "pageNumber" and "pageSize" filters is specified, the API returns all known records in a single page.
Tip : Page number starts with 0.
Tip : A page size value equal to 0 will return all known records in a single page.
cURL Request
$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials?pageNumber=0&pageSize=15' -i -X GET \
-H 'Accept: application/json' \
-H 'Authorization: Bearer etYWRta....'
HTTP Request
GET /v1/credentials?pageNumber=0&pageSize=15 HTTP/1.1
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....
HTTP Response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 7871
{
"elements" : [ {
"id" : "a16de416-f865-4fc8-9e7c-06f6070e7439",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.455Z",
"modificationTimestamp" : "2023-05-22T06:17:36.455Z",
"resource" : {
"resourceId" : "a4836c53-1f05-489a-9907-83d68991c08c",
"resourceName" : "sfo01-m01-esx01.rainpole.io",
"resourceIp" : "10.0.0.100",
"resourceType" : "ESXI",
"domainName" : "MGMT"
}
}, {
"id" : "f9716543-0a55-433f-a6c8-b2bb2519aafa",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.455Z",
"modificationTimestamp" : "2023-05-22T06:17:36.455Z",
"resource" : {
"resourceId" : "e597e4f4-21e7-48e8-865f-8e4bdc81ad53",
"resourceName" : "sfo01-m01-esx02.rainpole.io",
"resourceIp" : "10.0.0.101",
"resourceType" : "ESXI",
"domainName" : "MGMT"
}
}, {
"id" : "9ef5e63f-2942-40e1-b365-4b1b10214ab7",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.455Z",
"modificationTimestamp" : "2023-05-22T06:17:36.455Z",
"resource" : {
"resourceId" : "ece995fb-e090-4b02-80e2-3ffc9f07700d",
"resourceName" : "sfo01-m01-esx03.rainpole.io",
"resourceIp" : "10.0.0.102",
"resourceType" : "ESXI",
"domainName" : "MGMT"
}
}, {
"id" : "f76a8783-f553-417d-94c9-7f9e40260f73",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.455Z",
"modificationTimestamp" : "2023-05-22T06:17:36.455Z",
"resource" : {
"resourceId" : "a5e69364-fe73-475c-9dd6-88818ef8c25e",
"resourceName" : "sfo01-m01-esx04.rainpole.io",
"resourceIp" : "10.0.0.103",
"resourceType" : "ESXI",
"domainName" : "MGMT"
}
}, {
"id" : "f6234b86-dcbb-41d6-b9e7-ac7efce48a66",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.455Z",
"modificationTimestamp" : "2023-05-22T06:17:36.455Z",
"resource" : {
"resourceId" : "531d54d6-41a6-438a-a47d-ab3ab98cf061",
"resourceName" : "sfo01-m01-vc01.rainpole.io",
"resourceIp" : "10.0.0.6",
"resourceType" : "VCENTER",
"domainName" : "MGMT"
}
}, {
"id" : "0b3b7f5c-caf8-4c53-ba82-a45ab6539e47",
"credentialType" : "SSO",
"accountType" : "USER",
"username" : "[email protected]",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.455Z",
"modificationTimestamp" : "2023-05-22T06:17:36.455Z",
"resource" : {
"resourceId" : "e6a7f451-0c46-4347-94f5-4948ad263df1",
"resourceName" : "sfo01-m01-vc01.rainpole.io",
"resourceIp" : "10.0.0.6",
"resourceType" : "PSC",
"domainName" : "MGMT"
}
}, {
"id" : "4ad9cac6-1b5f-45fe-99fc-94bd22132a82",
"credentialType" : "SSO",
"accountType" : "SERVICE",
"username" : "[email protected]",
"creationTimestamp" : "2023-05-22T06:17:36.455Z",
"modificationTimestamp" : "2023-05-22T06:17:36.455Z",
"resource" : {
"resourceId" : "f86310c2-2878-40d1-a74d-873460d97e93",
"resourceName" : "sfo01m01vcenter01.sfo01.rainpole.local",
"resourceIp" : "10.0.0.6",
"resourceType" : "VCENTER",
"domainName" : "MGMT"
}
}, {
"id" : "4eba3ffd-e0ae-4cdf-95af-dbb1c48c24fc",
"credentialType" : "API",
"accountType" : "USER",
"username" : "admin",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.455Z",
"modificationTimestamp" : "2023-05-22T06:17:36.455Z",
"resource" : {
"resourceId" : "ee735959-34f6-4df3-b09d-99f80d7c2dcc",
"resourceName" : "sfo01-m01-nsx01.rainpole.io",
"resourceIp" : "10.0.0.9",
"resourceType" : "NSX_MANAGER",
"domainName" : "MGMT"
}
}, {
"id" : "1f890832-3eb9-4f24-bfa2-f535a2bc7dcb",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.455Z",
"modificationTimestamp" : "2023-05-22T06:17:36.455Z",
"resource" : {
"resourceId" : "ee735959-34f6-4df3-b09d-99f80d7c2dcc",
"resourceName" : "sfo01-m01-nsx01.rainpole.io",
"resourceIp" : "10.0.0.9",
"resourceType" : "NSX_MANAGER",
"domainName" : "MGMT"
}
}, {
"id" : "172ba0f6-c2ac-4226-9dd6-0054b8b3a6a1",
"credentialType" : "API",
"accountType" : "USER",
"username" : "admin",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.455Z",
"modificationTimestamp" : "2023-05-22T06:17:36.455Z",
"resource" : {
"resourceId" : "201a437c-7ef8-4ebf-8042-2d6dfd0cceff",
"resourceName" : "sfo-vrli01.rainpole.io",
"resourceIp" : "10.0.0.15",
"resourceType" : "VRLI",
"domainName" : "MGMT"
}
}, {
"id" : "0244b7c7-938e-442c-a57c-6105aac35291",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.456Z",
"modificationTimestamp" : "2023-05-22T06:17:36.456Z",
"resource" : {
"resourceId" : "ea7b7156-6489-43c6-bec7-2401d5128696",
"resourceName" : "sfo-vrli01b.rainpole.io",
"resourceIp" : "10.0.0.16",
"resourceType" : "VRLI",
"domainName" : "MGMT"
}
}, {
"id" : "776931d3-7d5a-4631-9b8e-109fca695823",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.456Z",
"modificationTimestamp" : "2023-05-22T06:17:36.456Z",
"resource" : {
"resourceId" : "6cfa7c0f-f7e2-48f2-a384-b2f0adada5d2",
"resourceName" : "xreg-vrops01a.rainpole.io",
"resourceIp" : "10.0.1.33",
"resourceType" : "VROPS",
"domainName" : "MGMT"
}
}, {
"id" : "4b9e6e4d-b056-4a05-9fff-6e1d6cb3b2b0",
"credentialType" : "API",
"accountType" : "USER",
"username" : "admin",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.456Z",
"modificationTimestamp" : "2023-05-22T06:17:36.456Z",
"resource" : {
"resourceId" : "0c1b9283-c7a4-4c0e-b6ae-b0727396b7de",
"resourceName" : "xreg-vrops01.rainpole.io",
"resourceIp" : "10.0.0.31",
"resourceType" : "VROPS",
"domainName" : "MGMT"
}
}, {
"id" : "6c15351e-bf27-4589-aeb1-a01512a8a494",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.456Z",
"modificationTimestamp" : "2023-05-22T06:17:36.456Z",
"resource" : {
"resourceId" : "6c622f8a-aefe-4bdc-a78c-28d05a860aec",
"resourceName" : "xreg-vrslcm01.rainpole.io",
"resourceIp" : "10.0.0.32",
"resourceType" : "VRSLCM",
"domainName" : "MGMT"
}
}, {
"id" : "435a2c61-b1ac-4d41-b43a-ccdcc596078e",
"credentialType" : "API",
"accountType" : "USER",
"username" : "admin@localhost",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.456Z",
"modificationTimestamp" : "2023-05-22T06:17:36.456Z",
"resource" : {
"resourceId" : "419dbd02-9af6-43e6-a71a-2d1ab31746fe",
"resourceName" : "xreg-vrslcm01.rainpole.io",
"resourceIp" : "10.0.0.32",
"resourceType" : "VRSLCM",
"domainName" : "MGMT"
}
} ],
"pageMetadata" : {
"pageNumber" : 0,
"pageSize" : 15,
"totalElements" : 15,
"totalPages" : 1
}
}
Get All Credentials
1.3. Steps
- Invoke the API.
Tip : For a scaled environment, it is always recommended to provide "resourceType" filter for avoiding timeouts.
Tip : "pageNumber" and "pageSize" filters are recommended to be additionally used for limiting response content and also improving response time.
cURL Request
$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials' -i -X GET \
-H 'Accept: application/json' \
-H 'Authorization: Bearer etYWRta....'
HTTP Request
GET /v1/credentials HTTP/1.1
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....
HTTP Response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 7871
{
"elements" : [ {
"id" : "2f11fc07-6507-4edb-a713-7d86d30cf45d",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:34.464Z",
"modificationTimestamp" : "2023-05-22T06:17:34.464Z",
"resource" : {
"resourceId" : "3dce124f-a234-4631-865f-8b1413af9aac",
"resourceName" : "sfo01-m01-esx01.rainpole.io",
"resourceIp" : "10.0.0.100",
"resourceType" : "ESXI",
"domainName" : "MGMT"
}
}, {
"id" : "f9716543-0a55-433f-a6c8-b2bb2519aafa",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:34.464Z",
"modificationTimestamp" : "2023-05-22T06:17:34.464Z",
"resource" : {
"resourceId" : "e597e4f4-21e7-48e8-865f-8e4bdc81ad53",
"resourceName" : "sfo01-m01-esx02.rainpole.io",
"resourceIp" : "10.0.0.101",
"resourceType" : "ESXI",
"domainName" : "MGMT"
}
}, {
"id" : "eda11c65-3ab9-49f9-ac85-ff41e270cd34",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:34.464Z",
"modificationTimestamp" : "2023-05-22T06:17:34.464Z",
"resource" : {
"resourceId" : "1038e624-0683-4f3a-89c2-082964d57af7",
"resourceName" : "sfo01-m01-esx03.rainpole.io",
"resourceIp" : "10.0.0.102",
"resourceType" : "ESXI",
"domainName" : "MGMT"
}
}, {
"id" : "5a7cb6b8-e91f-4fe5-bbf2-04a468d88285",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:34.464Z",
"modificationTimestamp" : "2023-05-22T06:17:34.464Z",
"resource" : {
"resourceId" : "a8e47c85-4edd-4307-9f89-8c9d1c767b61",
"resourceName" : "sfo01-m01-esx04.rainpole.io",
"resourceIp" : "10.0.0.103",
"resourceType" : "ESXI",
"domainName" : "MGMT"
}
}, {
"id" : "08b20e97-c8f3-429f-baa2-33225d3cca08",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:34.464Z",
"modificationTimestamp" : "2023-05-22T06:17:34.464Z",
"resource" : {
"resourceId" : "531d54d6-41a6-438a-a47d-ab3ab98cf061",
"resourceName" : "sfo01-m01-vc01.rainpole.io",
"resourceIp" : "10.0.0.6",
"resourceType" : "VCENTER",
"domainName" : "MGMT"
}
}, {
"id" : "a5fbdb98-176b-496f-a0be-e6be2d5ae63a",
"credentialType" : "SSO",
"accountType" : "USER",
"username" : "[email protected]",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:34.464Z",
"modificationTimestamp" : "2023-05-22T06:17:34.464Z",
"resource" : {
"resourceId" : "0f1d2a95-0304-40b7-b16f-806c6b1d2f2e",
"resourceName" : "sfo01-m01-vc01.rainpole.io",
"resourceIp" : "10.0.0.6",
"resourceType" : "PSC",
"domainName" : "MGMT"
}
}, {
"id" : "fd7165a5-02d4-40d5-a03b-e0134c4d4518",
"credentialType" : "SSO",
"accountType" : "SERVICE",
"username" : "[email protected]",
"creationTimestamp" : "2023-05-22T06:17:34.464Z",
"modificationTimestamp" : "2023-05-22T06:17:34.464Z",
"resource" : {
"resourceId" : "467efd92-9f04-477a-8a6a-dd050a28bcb0",
"resourceName" : "sfo01m01vcenter01.sfo01.rainpole.local",
"resourceIp" : "10.0.0.6",
"resourceType" : "VCENTER",
"domainName" : "MGMT"
}
}, {
"id" : "4eba3ffd-e0ae-4cdf-95af-dbb1c48c24fc",
"credentialType" : "API",
"accountType" : "USER",
"username" : "admin",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:34.464Z",
"modificationTimestamp" : "2023-05-22T06:17:34.464Z",
"resource" : {
"resourceId" : "ee735959-34f6-4df3-b09d-99f80d7c2dcc",
"resourceName" : "sfo01-m01-nsx01.rainpole.io",
"resourceIp" : "10.0.0.9",
"resourceType" : "NSX_MANAGER",
"domainName" : "MGMT"
}
}, {
"id" : "1f890832-3eb9-4f24-bfa2-f535a2bc7dcb",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:34.464Z",
"modificationTimestamp" : "2023-05-22T06:17:34.464Z",
"resource" : {
"resourceId" : "ee735959-34f6-4df3-b09d-99f80d7c2dcc",
"resourceName" : "sfo01-m01-nsx01.rainpole.io",
"resourceIp" : "10.0.0.9",
"resourceType" : "NSX_MANAGER",
"domainName" : "MGMT"
}
}, {
"id" : "acc4739d-7578-451a-8dda-3f45066703bf",
"credentialType" : "API",
"accountType" : "USER",
"username" : "admin",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:34.464Z",
"modificationTimestamp" : "2023-05-22T06:17:34.464Z",
"resource" : {
"resourceId" : "40f5e9dc-d83b-4b9c-ba89-3f676eb1175b",
"resourceName" : "sfo-vrli01.rainpole.io",
"resourceIp" : "10.0.0.15",
"resourceType" : "VRLI",
"domainName" : "MGMT"
}
}, {
"id" : "6f3a53dc-d593-4b10-94e0-eb655bc89637",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:34.464Z",
"modificationTimestamp" : "2023-05-22T06:17:34.464Z",
"resource" : {
"resourceId" : "fdfb47be-1d2d-42dc-9721-f96db5a1d8bf",
"resourceName" : "sfo-vrli01b.rainpole.io",
"resourceIp" : "10.0.0.16",
"resourceType" : "VRLI",
"domainName" : "MGMT"
}
}, {
"id" : "a45470d2-de15-4adc-b79c-703428ef3392",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:34.464Z",
"modificationTimestamp" : "2023-05-22T06:17:34.464Z",
"resource" : {
"resourceId" : "51efc92d-d040-472f-979d-9f6c8f5a30e1",
"resourceName" : "xreg-vrops01a.rainpole.io",
"resourceIp" : "10.0.1.33",
"resourceType" : "VROPS",
"domainName" : "MGMT"
}
}, {
"id" : "e507742d-590f-4177-98be-363e87c20116",
"credentialType" : "API",
"accountType" : "USER",
"username" : "admin",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:34.464Z",
"modificationTimestamp" : "2023-05-22T06:17:34.464Z",
"resource" : {
"resourceId" : "f84fe924-3318-4d72-8340-6f2ede9c7814",
"resourceName" : "xreg-vrops01.rainpole.io",
"resourceIp" : "10.0.0.31",
"resourceType" : "VROPS",
"domainName" : "MGMT"
}
}, {
"id" : "247553f6-e07a-427e-b830-49150f4cd9e7",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:34.464Z",
"modificationTimestamp" : "2023-05-22T06:17:34.464Z",
"resource" : {
"resourceId" : "4f5f9653-6caf-450b-a0f2-0241999d008d",
"resourceName" : "xreg-vrslcm01.rainpole.io",
"resourceIp" : "10.0.0.32",
"resourceType" : "VRSLCM",
"domainName" : "MGMT"
}
}, {
"id" : "e869c567-9c5a-4b07-a473-81f68a167309",
"credentialType" : "API",
"accountType" : "USER",
"username" : "admin@localhost",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:34.465Z",
"modificationTimestamp" : "2023-05-22T06:17:34.465Z",
"resource" : {
"resourceId" : "136a6c56-b18d-4124-b10b-894683835dfa",
"resourceName" : "xreg-vrslcm01.rainpole.io",
"resourceIp" : "10.0.0.32",
"resourceType" : "VRSLCM",
"domainName" : "MGMT"
}
} ],
"pageMetadata" : {
"pageNumber" : 0,
"pageSize" : 15,
"totalElements" : 15,
"totalPages" : 1
}
}
Get Credentials by "resourceName"
This API can be used to fetch the credentials associated with a resource with a specific name.
1.4. Steps
- Invoke the API by specifying the "resourceName".
cURL Request
$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials?resourceName=sfo01-mo1-esx02.rainpole.io' -i -X GET \
-H 'Accept: application/json' \
-H 'Authorization: Bearer etYWRta....'
HTTP Request
GET /v1/credentials?resourceName=sfo01-mo1-esx02.rainpole.io HTTP/1.1
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....
HTTP Response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 648
{
"elements" : [ {
"id" : "f9716543-0a55-433f-a6c8-b2bb2519aafa",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.406Z",
"modificationTimestamp" : "2023-05-22T06:17:36.406Z",
"resource" : {
"resourceId" : "e597e4f4-21e7-48e8-865f-8e4bdc81ad53",
"resourceName" : "sfo01-m01-esx02.rainpole.io",
"resourceIp" : "10.0.0.101",
"resourceType" : "ESXI",
"domainName" : "MGMT"
}
} ],
"pageMetadata" : {
"pageNumber" : 0,
"pageSize" : 1,
"totalElements" : 1,
"totalPages" : 1
}
}
Get Credentials by "resourceIp"
This API can be used to fetch the credentials associated with a resource with a specific IP address.
1.5. Steps
- Invoke the API by specifying the "resourceIp".
cURL Request
$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials?resourceIp=10.0.0.101' -i -X GET \
-H 'Accept: application/json' \
-H 'Authorization: Bearer etYWRta....'
HTTP Request
GET /v1/credentials?resourceIp=10.0.0.101 HTTP/1.1
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....
HTTP Response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 648
{
"elements" : [ {
"id" : "f9716543-0a55-433f-a6c8-b2bb2519aafa",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:34.932Z",
"modificationTimestamp" : "2023-05-22T06:17:34.932Z",
"resource" : {
"resourceId" : "e597e4f4-21e7-48e8-865f-8e4bdc81ad53",
"resourceName" : "sfo01-m01-esx02.rainpole.io",
"resourceIp" : "10.0.0.101",
"resourceType" : "ESXI",
"domainName" : "MGMT"
}
} ],
"pageMetadata" : {
"pageNumber" : 0,
"pageSize" : 1,
"totalElements" : 1,
"totalPages" : 1
}
}
Get Credentials by "resourceType"
This API can be used to fetch the credentials associated with all the resources with a specific resource type.
1.6. Steps
- Invoke the API by specifying the "resourceType".
Tip : "pageNumber" and "pageSize" filters are recommended to be additionally used for limiting response content and also improving response time.
cURL Request
$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials?resourceType=ESXI' -i -X GET \
-H 'Accept: application/json' \
-H 'Authorization: Bearer etYWRta....'
HTTP Request
GET /v1/credentials?resourceType=ESXI HTTP/1.1
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....
HTTP Response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 2187
{
"elements" : [ {
"id" : "3e2f6026-9eeb-46ea-99f8-eb1dae7f0829",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:34.341Z",
"modificationTimestamp" : "2023-05-22T06:17:34.341Z",
"resource" : {
"resourceId" : "11e928d5-6f71-4cd9-be08-34039633cae4",
"resourceName" : "sfo01-m01-esx01.rainpole.io",
"resourceIp" : "10.0.0.100",
"resourceType" : "ESXI",
"domainName" : "MGMT"
}
}, {
"id" : "f9716543-0a55-433f-a6c8-b2bb2519aafa",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:34.341Z",
"modificationTimestamp" : "2023-05-22T06:17:34.341Z",
"resource" : {
"resourceId" : "e597e4f4-21e7-48e8-865f-8e4bdc81ad53",
"resourceName" : "sfo01-m01-esx02.rainpole.io",
"resourceIp" : "10.0.0.101",
"resourceType" : "ESXI",
"domainName" : "MGMT"
}
}, {
"id" : "018546b7-797c-4c80-a1d9-361f347fe23b",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:34.341Z",
"modificationTimestamp" : "2023-05-22T06:17:34.341Z",
"resource" : {
"resourceId" : "4778ddce-44f2-4468-bb44-21aa317fdf2e",
"resourceName" : "sfo01-m01-esx03.rainpole.io",
"resourceIp" : "10.0.0.102",
"resourceType" : "ESXI",
"domainName" : "MGMT"
}
}, {
"id" : "00edd4b7-2d72-410e-aece-8401c9778868",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:34.341Z",
"modificationTimestamp" : "2023-05-22T06:17:34.341Z",
"resource" : {
"resourceId" : "f47c3c8e-e841-44e9-a07d-ce69f39cc87d",
"resourceName" : "sfo01-m01-esx04.rainpole.io",
"resourceIp" : "10.0.0.103",
"resourceType" : "ESXI",
"domainName" : "MGMT"
}
} ],
"pageMetadata" : {
"pageNumber" : 0,
"pageSize" : 4,
"totalElements" : 4,
"totalPages" : 1
}
}
Get Credentials by "domainName"
This API can be used to fetch the credentials associated with all the resources belonging to a specific domain.
1.7. Steps
- Invoke the API by specifying the "domainName".
Tip : "pageNumber" and "pageSize" filters are recommended to be additionally used for limiting response content and also improving response time.
cURL Request
$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials?domainName=MGMT' -i -X GET \
-H 'Accept: application/json' \
-H 'Authorization: Bearer etYWRta....'
HTTP Request
GET /v1/credentials?domainName=MGMT HTTP/1.1
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....
HTTP Response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 7871
{
"elements" : [ {
"id" : "a4dd0497-66b1-43ca-9ca2-371330be7b09",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.353Z",
"modificationTimestamp" : "2023-05-22T06:17:36.353Z",
"resource" : {
"resourceId" : "c881ddac-0ab8-4eb7-9cbb-0c18c199027d",
"resourceName" : "sfo01-m01-esx01.rainpole.io",
"resourceIp" : "10.0.0.100",
"resourceType" : "ESXI",
"domainName" : "MGMT"
}
}, {
"id" : "f9716543-0a55-433f-a6c8-b2bb2519aafa",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.353Z",
"modificationTimestamp" : "2023-05-22T06:17:36.353Z",
"resource" : {
"resourceId" : "e597e4f4-21e7-48e8-865f-8e4bdc81ad53",
"resourceName" : "sfo01-m01-esx02.rainpole.io",
"resourceIp" : "10.0.0.101",
"resourceType" : "ESXI",
"domainName" : "MGMT"
}
}, {
"id" : "34597529-344b-47ba-8a57-3e93eed5b4fd",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.353Z",
"modificationTimestamp" : "2023-05-22T06:17:36.353Z",
"resource" : {
"resourceId" : "8ffd5fc8-b1bf-48ab-a0c5-126aaccd7c70",
"resourceName" : "sfo01-m01-esx03.rainpole.io",
"resourceIp" : "10.0.0.102",
"resourceType" : "ESXI",
"domainName" : "MGMT"
}
}, {
"id" : "2fe8943e-2d49-4d57-b8e9-dac5b4dbef18",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.353Z",
"modificationTimestamp" : "2023-05-22T06:17:36.353Z",
"resource" : {
"resourceId" : "83cb95fb-b3d8-49ee-a27b-03bab8fe4be5",
"resourceName" : "sfo01-m01-esx04.rainpole.io",
"resourceIp" : "10.0.0.103",
"resourceType" : "ESXI",
"domainName" : "MGMT"
}
}, {
"id" : "156f8bab-5461-4e92-a37e-6c1902d99bbb",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.353Z",
"modificationTimestamp" : "2023-05-22T06:17:36.353Z",
"resource" : {
"resourceId" : "531d54d6-41a6-438a-a47d-ab3ab98cf061",
"resourceName" : "sfo01-m01-vc01.rainpole.io",
"resourceIp" : "10.0.0.6",
"resourceType" : "VCENTER",
"domainName" : "MGMT"
}
}, {
"id" : "ee913c48-7a20-41b9-85f7-e0294e08cd0c",
"credentialType" : "SSO",
"accountType" : "USER",
"username" : "[email protected]",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.353Z",
"modificationTimestamp" : "2023-05-22T06:17:36.353Z",
"resource" : {
"resourceId" : "f90b9e34-3ebb-41ea-91d3-4f279dd4c553",
"resourceName" : "sfo01-m01-vc01.rainpole.io",
"resourceIp" : "10.0.0.6",
"resourceType" : "PSC",
"domainName" : "MGMT"
}
}, {
"id" : "adef5fa1-ba99-4afe-96e8-b248ca905158",
"credentialType" : "SSO",
"accountType" : "SERVICE",
"username" : "[email protected]",
"creationTimestamp" : "2023-05-22T06:17:36.353Z",
"modificationTimestamp" : "2023-05-22T06:17:36.353Z",
"resource" : {
"resourceId" : "ccde0d84-f190-4a64-a7c3-7a2f37d1bb63",
"resourceName" : "sfo01m01vcenter01.sfo01.rainpole.local",
"resourceIp" : "10.0.0.6",
"resourceType" : "VCENTER",
"domainName" : "MGMT"
}
}, {
"id" : "4eba3ffd-e0ae-4cdf-95af-dbb1c48c24fc",
"credentialType" : "API",
"accountType" : "USER",
"username" : "admin",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.353Z",
"modificationTimestamp" : "2023-05-22T06:17:36.353Z",
"resource" : {
"resourceId" : "ee735959-34f6-4df3-b09d-99f80d7c2dcc",
"resourceName" : "sfo01-m01-nsx01.rainpole.io",
"resourceIp" : "10.0.0.9",
"resourceType" : "NSX_MANAGER",
"domainName" : "MGMT"
}
}, {
"id" : "1f890832-3eb9-4f24-bfa2-f535a2bc7dcb",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.353Z",
"modificationTimestamp" : "2023-05-22T06:17:36.353Z",
"resource" : {
"resourceId" : "ee735959-34f6-4df3-b09d-99f80d7c2dcc",
"resourceName" : "sfo01-m01-nsx01.rainpole.io",
"resourceIp" : "10.0.0.9",
"resourceType" : "NSX_MANAGER",
"domainName" : "MGMT"
}
}, {
"id" : "f645789f-31f5-45c0-af12-26d815f4a220",
"credentialType" : "API",
"accountType" : "USER",
"username" : "admin",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.353Z",
"modificationTimestamp" : "2023-05-22T06:17:36.353Z",
"resource" : {
"resourceId" : "84197e1d-7d45-4513-be23-a1bdbfe379da",
"resourceName" : "sfo-vrli01.rainpole.io",
"resourceIp" : "10.0.0.15",
"resourceType" : "VRLI",
"domainName" : "MGMT"
}
}, {
"id" : "777b92b5-3744-4363-96ba-556a4d207b3b",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.353Z",
"modificationTimestamp" : "2023-05-22T06:17:36.353Z",
"resource" : {
"resourceId" : "ebbe431a-ac18-441e-b1b1-11d9703a5d64",
"resourceName" : "sfo-vrli01b.rainpole.io",
"resourceIp" : "10.0.0.16",
"resourceType" : "VRLI",
"domainName" : "MGMT"
}
}, {
"id" : "5441cec0-a337-4d75-b79b-2027a1252132",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.353Z",
"modificationTimestamp" : "2023-05-22T06:17:36.353Z",
"resource" : {
"resourceId" : "d7d98b65-d6d5-4bec-bd42-77f0bfa15d22",
"resourceName" : "xreg-vrops01a.rainpole.io",
"resourceIp" : "10.0.1.33",
"resourceType" : "VROPS",
"domainName" : "MGMT"
}
}, {
"id" : "21113f24-7463-4c4f-b3d1-db29ff984699",
"credentialType" : "API",
"accountType" : "USER",
"username" : "admin",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.353Z",
"modificationTimestamp" : "2023-05-22T06:17:36.353Z",
"resource" : {
"resourceId" : "3cd3c272-7da6-4c95-ae5f-3ff75cc84ca3",
"resourceName" : "xreg-vrops01.rainpole.io",
"resourceIp" : "10.0.0.31",
"resourceType" : "VROPS",
"domainName" : "MGMT"
}
}, {
"id" : "03bce173-4f07-48af-aab9-10ffb86bd3c9",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.353Z",
"modificationTimestamp" : "2023-05-22T06:17:36.353Z",
"resource" : {
"resourceId" : "74682f83-cc0c-42a1-b02a-89b52f82cd49",
"resourceName" : "xreg-vrslcm01.rainpole.io",
"resourceIp" : "10.0.0.32",
"resourceType" : "VRSLCM",
"domainName" : "MGMT"
}
}, {
"id" : "43a08117-a79b-46bc-9232-cee02983bb1e",
"credentialType" : "API",
"accountType" : "USER",
"username" : "admin@localhost",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.353Z",
"modificationTimestamp" : "2023-05-22T06:17:36.353Z",
"resource" : {
"resourceId" : "922ae1a2-8668-4a3d-adfd-328d7244c52d",
"resourceName" : "xreg-vrslcm01.rainpole.io",
"resourceIp" : "10.0.0.32",
"resourceType" : "VRSLCM",
"domainName" : "MGMT"
}
} ],
"pageMetadata" : {
"pageNumber" : 0,
"pageSize" : 15,
"totalElements" : 15,
"totalPages" : 1
}
}
Note : SSH services might be disabled for a few accounts. The user needs to enable SSH service in the product in order to use SSH credentials. In order to connect to the "enable" user of NSX_MANAGER, firstly enable SSH services using API credentials, connect to the API user and then enter enable mode using "enable" user credentials.
2. Get a Credential
This API is used to fetch credential for an ID.
2.1. Prerequisites
The following data is required
- ID of the credential
2.2. Steps
- Invoke the API.
cURL Request
$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials/f9716543-0a55-433f-a6c8-b2bb2519aafa' -i -X GET \
-H 'Authorization: Bearer etYWRta....'
HTTP Request
GET /v1/credentials/f9716543-0a55-433f-a6c8-b2bb2519aafa HTTP/1.1
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....
HTTP Response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 481
{
"id" : "f9716543-0a55-433f-a6c8-b2bb2519aafa",
"credentialType" : "SSH",
"accountType" : "USER",
"username" : "root",
"password" : "xxxxx",
"creationTimestamp" : "2023-05-22T06:17:36.147Z",
"modificationTimestamp" : "2023-05-22T06:17:36.147Z",
"resource" : {
"resourceId" : "e597e4f4-21e7-48e8-865f-8e4bdc81ad53",
"resourceName" : "sfo01-m01-esx02.rainpole.io",
"resourceIp" : "10.0.0.101",
"resourceType" : "ESXI",
"domainName" : "MGMT"
}
}
3. Update the Passwords
This API is used to update passwords for list of resources by supplying new passwords.
3.1. Prerequisites
The following data is required
Name or ID of the resource
Type of the resource
Credential type of the resource
Username of the resource
Tip : Refer to: Get the Credentials to get the credential type, username, name, ID and type of the resource.
New password must be in compliance with these password policies.
Password requirements:
Note : Although individual VMware Cloud Foundation accounts support different password requirements, it is recommended that you set passwords following a common set of requirements across all accounts.
Length: 12-20 characters
Allowed special characters: ! @ # $ ^ *
At least 1 small letter, capital letter, number and special character should be present
Cannot include:
A dictionary word
A palindrome
More than four monotonic character sequences
Three same consecutive characters
3.2. Steps
- Trigger the task using the valid input specification.
cURL Request
$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials' -i -X PATCH \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer etYWRta....' \
-d '{
"operationType" : "UPDATE",
"elements" : [ {
"resourceName" : "sfo01-mo1-esx02.rainpole.io",
"resourceType" : "ESXI",
"credentials" : [ {
"credentialType" : "SSH",
"username" : "root",
"password" : "xxxxx"
} ]
} ]
}'
HTTP Request
PATCH /v1/credentials HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 257
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....
{
"operationType" : "UPDATE",
"elements" : [ {
"resourceName" : "sfo01-mo1-esx02.rainpole.io",
"resourceType" : "ESXI",
"credentials" : [ {
"credentialType" : "SSH",
"username" : "root",
"password" : "xxxxx"
} ]
} ]
}
HTTP Response
HTTP/1.1 202 Accepted
Location: /v1/tasks/4e9ea384-6155-4537-b7d2-167a06462c5d
Content-Type: application/json
Content-Length: 100
{
"id" : "4e9ea384-6155-4537-b7d2-167a06462c5d",
"name" : "UPDATE",
"status" : "IN_PROGRESS"
}
- Poll the status of the task using the task API with the ID from the response of the previous API.
Tip : Refer to: Get a Task or Get a Credentials Task.
- Poll the task until "status" is not "IN_PROGRESS" with the ID from the previous response.
Tip : Refer to: Get a Task.
If the "status" is "SUCCESSFUL", the task is completed successfully.
If the "status" is "FAILED", the task can be re-executed.
Tip : Refer to: Retry the Update Passwords Task.
Warning : The password once updated cannot be rolled back.
Note : The password is updated in the order of the input.
Note : The passwords of the dependent resources of the requested resources will also get updated.
4. Rotate the Passwords
This API is used to rotate passwords for list of resources using system generated passwords.
4.1. Prerequisites
The following data is required
Name or ID of the resource
Type of the resource
Credential type of the resource
Username of the resource
Tip : Refer to: Get the Credentials to get the credential type, username, name, ID and type of the resource.
4.2. Steps
- Trigger the task using the valid input specification.
cURL Request
$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials' -i -X PATCH \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer etYWRta....' \
-d '{
"operationType" : "ROTATE",
"elements" : [ {
"resourceName" : "sfo01-mo1-esx02.rainpole.io",
"resourceType" : "ESXI",
"credentials" : [ {
"credentialType" : "SSH",
"username" : "root"
} ]
} ]
}'
HTTP Request
PATCH /v1/credentials HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 229
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....
{
"operationType" : "ROTATE",
"elements" : [ {
"resourceName" : "sfo01-mo1-esx02.rainpole.io",
"resourceType" : "ESXI",
"credentials" : [ {
"credentialType" : "SSH",
"username" : "root"
} ]
} ]
}
HTTP Response
HTTP/1.1 202 Accepted
Location: /v1/tasks/1e19244c-444d-4a35-8c3c-0175eb76315c
Content-Type: application/json
Content-Length: 100
{
"id" : "1e19244c-444d-4a35-8c3c-0175eb76315c",
"name" : "ROTATE",
"status" : "IN_PROGRESS"
}
- Poll the status of the task using the task API with the ID from the response of the previous API.
Tip : Refer to: Get a Task or Get a Credentials Task.
- Poll the task until "status" is not "IN_PROGRESS" with the ID from the previous response.
Tip : Refer to: Get a Task.
If the "status" is "SUCCESSFUL", the task is completed successfully.
If the "status" is "FAILED", the task can be re-executed.
Tip : Refer to: Retry the Rotate Passwords Task.
Warning : The password once rotated cannot be rolled back.
Note : The password is rotated in the order of the input.
Note : The generated password adheres to the password compliance. Refer to: Password Compliance Guide.
Note : The passwords of the dependent resources of the requested resources will also get rotated.
5. Retry the Update Passwords Task
This API is used to retry a failed update passwords task.
5.1. Prerequisites
The following data is required
ID of the last triggered failed update passwords task
Name or ID of the resource
Type of the resource
Credential type of the resource
Username of the resource
Tip : Refer to: Get the Credentials to get the credential type, username, name, ID and type of the resource and ID of the failed task.
- New password must be in compliance with the password policies.
Tip : Refer to: Password Compliance Guide.
5.2. Steps
- Trigger the task using the valid input specification.
cURL Request
$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials/tasks/0a0cb6ff-f703-41b1-8aa7-e9d67cf60569' -i -X PATCH \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer etYWRta....' \
-d '{
"operationType" : "UPDATE",
"elements" : [ {
"resourceName" : "sfo01-mo1-esx02.rainpole.io",
"resourceType" : "ESXI",
"credentials" : [ {
"credentialType" : "SSH",
"username" : "root",
"password" : "xxxxx"
} ]
} ]
}'
HTTP Request
PATCH /v1/credentials/tasks/0a0cb6ff-f703-41b1-8aa7-e9d67cf60569 HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 257
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....
{
"operationType" : "UPDATE",
"elements" : [ {
"resourceName" : "sfo01-mo1-esx02.rainpole.io",
"resourceType" : "ESXI",
"credentials" : [ {
"credentialType" : "SSH",
"username" : "root",
"password" : "xxxxx"
} ]
} ]
}
HTTP Response
HTTP/1.1 202 Accepted
Location: /v1/tasks/0a0cb6ff-f703-41b1-8aa7-e9d67cf60569
Content-Type: application/json
Content-Length: 100
{
"id" : "0a0cb6ff-f703-41b1-8aa7-e9d67cf60569",
"name" : "UPDATE",
"status" : "IN_PROGRESS"
}
- Poll the task until "status" is not "IN_PROGRESS" with the ID from the previous response.
Tip : Refer to: Get a Task or Get a Credentials Task.
If the "status" is "SUCCESSFUL", the task is completed successfully.
If the "status" is "FAILED", the task can be re-executed by providing previous credentials rotate specification or by amending the credentials rotate specification for FAILED resources.
Tip : Refer to: Retry the Update Passwords Task.
- The failed task can be cancelled.
Tip : Refer to: Cancel the Update/Rotate Passwords Task.
Warning : The password once updated cannot be rolled back.
Note : The password is updated in the order of the input.
Note : Retry should be performed if updating passwords task has failed.
Note : Retry should be performed on the same list of resources as in the failed operation specification.
Tip : Refer to: Get the Resource Credentials for Credentials Task for the list of resources in the failed task.
Note : The passwords of the dependent resources of the requested resources will also get updated.
6. Retry the Rotate Passwords Task
This API is used to retry a failed rotate passwords task.
6.1. Prerequisites
The following data is required
ID of the last triggered failed rotate passwords task
Name or ID of the resource
Type of the resource
Credential type of the resource
Username of the resource
Tip : Refer to: Get the Credentials to get the credential type, username, name, ID and type of the resource and ID of the failed task.
6.2. Steps
- Trigger the task using the valid input specification.
cURL Request
$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials/tasks/78c31003-c119-49dd-896a-8dd99140371d' -i -X PATCH \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer etYWRta....' \
-d '{
"operationType" : "ROTATE",
"elements" : [ {
"resourceName" : "sfo01-mo1-esx02.rainpole.io",
"resourceType" : "ESXI",
"credentials" : [ {
"credentialType" : "SSH",
"username" : "root"
} ]
} ]
}'
HTTP Request
PATCH /v1/credentials/tasks/78c31003-c119-49dd-896a-8dd99140371d HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 229
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....
{
"operationType" : "ROTATE",
"elements" : [ {
"resourceName" : "sfo01-mo1-esx02.rainpole.io",
"resourceType" : "ESXI",
"credentials" : [ {
"credentialType" : "SSH",
"username" : "root"
} ]
} ]
}
HTTP Response
HTTP/1.1 202 Accepted
Location: /v1/tasks/78c31003-c119-49dd-896a-8dd99140371d
Content-Type: application/json
Content-Length: 100
{
"id" : "78c31003-c119-49dd-896a-8dd99140371d",
"name" : "ROTATE",
"status" : "IN_PROGRESS"
}
- Poll the task until "status" is not "IN_PROGRESS" with the ID from the previous response.
Tip : Refer to: Get a Task or Get a Credentials Task.
If the "status" is "SUCCESSFUL", the task is completed successfully.
If the "status" is "FAILED", the task can be re-executed by providing previous credentials rotate specification or by amending the credentials rotate specification for FAILED resources.
Tip : Refer to: Retry the Rotate Passwords Task.
- The failed task can be cancelled.
Tip : Refer to: Cancel the Update/Rotate Passwords Task.
Warning : The password once rotated cannot be rolled back.
Note : The password is rotated in the order of the input.
Note : The generated password adheres to the password compliance. Refer to: Password Compliance Guide.
Note : Retry should be performed if some password rotation task has failed.
Note : Retry should be performed on the same list of resources as in the failed operation specification.
Tip : Refer to: Get the Resource Credentials for Credentials Task for the list of resources in the failed task.
Note : The passwords of the dependent resources of the requested resources will also get rotated.
7. Cancel the Update/Rotate Passwords Task
- This API is used to cancel a failed update or rotate passwords task.
7.1. Prerequisites
The following data is required
- ID of the last triggered failed update/rotate passwords task
Tip : Refer to: Get the Credentials Tasks section to get the ID of the failed task.
7.2. Steps
- Invoke the API.
cURL Request
$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials/tasks/3ee1e62f-cfcf-4ac8-b038-2b215f1e6e81' -i -X DELETE \
-H 'Authorization: Bearer etYWRta....'
HTTP Request
DELETE /v1/credentials/tasks/3ee1e62f-cfcf-4ac8-b038-2b215f1e6e81 HTTP/1.1
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....
HTTP Response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 74
{
"id" : "3ee1e62f-cfcf-4ac8-b038-2b215f1e6e81",
"status" : "FAILED"
}
Warning : The password once updated or rotated cannot be rolled back.
Note : The password is updated or rotated in the order of the input.
Note : Cancel should be performed to release the internal global lock held at VCF instance level if some password updation or rotation task has failed after several retries.
8. Get the Credentials Tasks
This API is used to fetch all credentials tasks in reverse chronological order.
Note : "oldPassword " and "newPassword " fields won't be listed and will come as empty string. Refer Get a Credentials Subtask for fetching passwords details.
8.1. Prerequisites
None
8.2. Steps
- Invoke the API.
cURL Request
$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials/tasks' -i -X GET \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer etYWRta....'
HTTP Request
GET /v1/credentials/tasks HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....
HTTP Response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1597
{
"elements" : [ {
"id" : "186d891f-aac3-4501-ae52-afb89eb7e32f",
"name" : "Credentials rotate operation",
"type" : "ROTATE",
"creationTimestamp" : "2018-11-05T05:15:32.864Z",
"status" : "SUCCESSFUL",
"subTasks" : [ {
"id" : "acb6fa7b-a81b-41d8-bb53-0c1611609dd7",
"resourceName" : "vra01svr01a.rainpole.io",
"name" : "Password rotate for resource : vra01svr01a.rainpole.io, user : root and credential type : SSH",
"creationTimestamp" : "2018-11-05T05:15:32.864Z",
"status" : "SUCCESSFUL",
"oldPassword" : "",
"newPassword" : "",
"entityType" : "VRA",
"username" : "root",
"credentialType" : "SSH"
}, {
"id" : "900e8ce0-4ff4-4a76-a7e0-8e44748aa46e",
"resourceName" : "vra01svr01b.rainpole.io",
"name" : "Password rotate for resource : vra01svr01b.rainpole.io, user : root and credential type : SSH",
"creationTimestamp" : "2018-11-05T05:15:32.864Z",
"status" : "SUCCESSFUL",
"oldPassword" : "",
"newPassword" : "",
"entityType" : "VRA",
"username" : "root",
"credentialType" : "SSH"
}, {
"id" : "1b3b962d-fff7-4dcc-98ed-0a15b495afa5",
"resourceName" : "vra01svr01c.rainpole.io",
"name" : "Password rotate for resource : vra01svr01c.rainpole.io, user : root and credential type : SSH",
"creationTimestamp" : "2018-11-05T05:15:32.864Z",
"status" : "SUCCESSFUL",
"oldPassword" : "",
"newPassword" : "",
"entityType" : "VRA",
"username" : "root",
"credentialType" : "SSH"
} ]
} ]
}
9. Get a Credentials Task
This API is used to fetch a credentials task for an ID.
Note : "oldPassword " and "newPassword " fields won't be listed and will come as empty string. Refer Get a Credentials Subtask for fetching passwords details.
9.1. Prerequisites
The following data is required
- ID of the credentials task
9.2. Steps
- Invoke the API.
cURL Request
$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials/tasks/186d891f-aac3-4501-ae52-afb89eb7e32f' -i -X GET \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer etYWRta....'
HTTP Request
GET /v1/credentials/tasks/186d891f-aac3-4501-ae52-afb89eb7e32f HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....
HTTP Response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1494
{
"id" : "186d891f-aac3-4501-ae52-afb89eb7e32f",
"name" : "Credentials rotate operation",
"type" : "ROTATE",
"creationTimestamp" : "2018-11-05T05:15:32.864Z",
"status" : "SUCCESSFUL",
"subTasks" : [ {
"id" : "acb6fa7b-a81b-41d8-bb53-0c1611609dd7",
"resourceName" : "vra01svr01a.rainpole.io",
"name" : "Password rotate for resource : vra01svr01a.rainpole.io, user : root and credential type : SSH",
"creationTimestamp" : "2018-11-05T05:15:32.864Z",
"status" : "SUCCESSFUL",
"oldPassword" : "",
"newPassword" : "",
"entityType" : "VRA",
"username" : "root",
"credentialType" : "SSH"
}, {
"id" : "900e8ce0-4ff4-4a76-a7e0-8e44748aa46e",
"resourceName" : "vra01svr01b.rainpole.io",
"name" : "Password rotate for resource : vra01svr01b.rainpole.io, user : root and credential type : SSH",
"creationTimestamp" : "2018-11-05T05:15:32.864Z",
"status" : "SUCCESSFUL",
"oldPassword" : "",
"newPassword" : "",
"entityType" : "VRA",
"username" : "root",
"credentialType" : "SSH"
}, {
"id" : "1b3b962d-fff7-4dcc-98ed-0a15b495afa5",
"resourceName" : "vra01svr01c.rainpole.io",
"name" : "Password rotate for resource : vra01svr01c.rainpole.io, user : root and credential type : SSH",
"creationTimestamp" : "2018-11-05T05:15:32.864Z",
"status" : "SUCCESSFUL",
"oldPassword" : "",
"newPassword" : "",
"entityType" : "VRA",
"username" : "root",
"credentialType" : "SSH"
} ]
}
10. Get the Resource Credentials for Credentials Task
This API is used to fetch resource credentials for a credentials task ID.
10.1. Prerequisites
The following data is required
- ID of the credentials task
Tip : Refer to: Get the Credentials Tasks to get the ID of credentials tasks.
10.2. Steps
- Invoke the API.
cURL Request
$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials/tasks/186d891f-aac3-4501-ae52-afb89eb7e32f/resource-credentials' -i -X GET \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer etYWRta....'
HTTP Request
GET /v1/credentials/tasks/186d891f-aac3-4501-ae52-afb89eb7e32f/resource-credentials HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....
HTTP Response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 557
[ {
"resourceName" : "vra01svr01a.rainpole.io",
"resourceType" : "VRA",
"credentials" : [ {
"credentialType" : "SSH",
"username" : "root",
"password" : "yyyyy"
} ]
}, {
"resourceName" : "vra01svr01b.rainpole.io",
"resourceType" : "VRA",
"credentials" : [ {
"credentialType" : "SSH",
"username" : "root",
"password" : "yyyyy"
} ]
}, {
"resourceName" : "vra01svr01c.rainpole.io",
"resourceType" : "VRA",
"credentials" : [ {
"credentialType" : "SSH",
"username" : "root",
"password" : "yyyyy"
} ]
} ]
11. Get a Credentials Subtask
This API is used to fetch details of a subtask corresponding to a credentials task ID and subtask ID.
11.1. Prerequisites
The following data is required
ID of the credentials task
ID of the credentials subtask
11.2. Steps
- Invoke the API.
cURL Request
$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials/tasks/186d891f-aac3-4501-ae52-afb89eb7e32f/subtasks/acb6fa7b-a81b-41d8-bb53-0c1611609dd7' -i -X GET \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer etYWRta....'
HTTP Request
GET /v1/credentials/tasks/186d891f-aac3-4501-ae52-afb89eb7e32f/subtasks/acb6fa7b-a81b-41d8-bb53-0c1611609dd7 HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....
HTTP Response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 650
{
"id" : "186d891f-aac3-4501-ae52-afb89eb7e32f",
"name" : "Credentials rotate operation",
"type" : "ROTATE",
"creationTimestamp" : "2018-11-05T05:15:32.864Z",
"status" : "SUCCESSFUL",
"subTasks" : [ {
"id" : "acb6fa7b-a81b-41d8-bb53-0c1611609dd7",
"resourceName" : "vra01svr01a.rainpole.io",
"name" : "Password rotate for resource : vra01svr01a.rainpole.io, user : root and credential type : SSH",
"creationTimestamp" : "2018-11-05T05:15:32.864Z",
"status" : "SUCCESSFUL",
"oldPassword" : "xxxxx",
"newPassword" : "yyyyy",
"entityType" : "VRA",
"username" : "root",
"credentialType" : "SSH"
} ]
}
12. Remediate expired Passwords
If the password is expired, then the customer requires to manually reset the account in the product and then reach out to GSS to sync credentials store of VCF with new password for the product.
Hence this new API will accept the new password from the client, validates by testing the connectivity and then performs credentials store update. This API is generalized so that the same API can be used for both service accounts and user accounts.
For service accounts, Password will be auto rotated post rememdiaton with correct password.
Please note: Credentials store sync is irreversible operation, ie when credentials store sync is successful and password rotation failed due to other issues, then we wont be reverting credentials store with older non working password.
12.1. Prerequisites
The following data is required
Name or ID of the resource
Type of the resource
Username of the resource
Working password of the resource
Tip : Refer to: Get the Credentials to get the credential type, username, name, ID and type of the resource.
12.2. Steps
- Trigger the task using the valid input specification.
cURL Request
$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials' -i -X PATCH \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer etYWRta....' \
-d '{
"operationType" : "REMEDIATE",
"elements" : [ {
"resourceName" : "sfo01m01esx02.sfo01.rainpole.local",
"resourceType" : "ESXI",
"credentials" : [ {
"username" : "root",
"password" : "xxxxx"
} ]
} ]
}'
HTTP Request
PATCH /v1/credentials HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 235
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....
{
"operationType" : "REMEDIATE",
"elements" : [ {
"resourceName" : "sfo01m01esx02.sfo01.rainpole.local",
"resourceType" : "ESXI",
"credentials" : [ {
"username" : "root",
"password" : "xxxxx"
} ]
} ]
}
HTTP Response
HTTP/1.1 202 Accepted
Location: /v1/tasks/7725fd3f-4491-40f9-a350-d14c575136b7
Content-Type: application/json
Content-Length: 103
{
"id" : "7725fd3f-4491-40f9-a350-d14c575136b7",
"name" : "REMEDIATE",
"status" : "IN_PROGRESS"
}
- Poll the status of the task using the task API with the ID from the response of the previous API.
Tip : Refer to: Get a Task or Get a Credentials Task.
- Poll the task until "status" is not "IN_PROGRESS" with the ID from the previous response.
Tip : Refer to: Get a Task.
If the "status" is "SUCCESSFUL", the task is completed successfully.
If the "status" is "FAILED", the task can be re-executed.
Tip : Refer to: Retry the Rotate Passwords Task.
Warning : The password once rotated cannot be rolled back.
Note : Currently we support only one credential at a time for remediation.
Note : The password is rotated in the order of the input.
Note : The generated password adheres to the password compliance. Refer to: Password Compliance Guide.
Note : The passwords of the dependent resources of the requested resources will also get rotated.
13. Configure auto-rotate schedule for Credentials
This API is used to configure schedule for auto-rotate of the passwords for the list of selected credentials.
13.1. Prerequisites
The following data is required
Name or ID of the resource
Type of the resource
Credential type of the resource
Username of the resource
enableAutoRotatePolicy refers to property for enable/disable the auto-rotate schedule
frequencyInDays refers to frequency in number of days for auto-rotate schedule
Tip : Refer to: Get the Credentials to get the credential type, username, name, ID and type of the resource.
13.2. Steps
Trigger the task using the valid input specification.
set enableAutoRotatePolicy to True
set frequencyInDays to number of days auto-rotate schedule should execute.
cURL Request
$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials' -i -X PATCH \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer etYWRta....' \
-d '{
"operationType" : "UPDATE_AUTO_ROTATE_POLICY",
"elements" : [ {
"resourceName" : "sfo01-m01-vc01.rainpole.io",
"resourceType" : "VCENTER",
"credentials" : [ {
"credentialType" : "SSH",
"username" : "root"
} ]
} ],
"autoRotatePolicy" : {
"frequencyInDays" : 30,
"enableAutoRotatePolicy" : true
}
}'
HTTP Request
PATCH /v1/credentials HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 344
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....
{
"operationType" : "UPDATE_AUTO_ROTATE_POLICY",
"elements" : [ {
"resourceName" : "sfo01-m01-vc01.rainpole.io",
"resourceType" : "VCENTER",
"credentials" : [ {
"credentialType" : "SSH",
"username" : "root"
} ]
} ],
"autoRotatePolicy" : {
"frequencyInDays" : 30,
"enableAutoRotatePolicy" : true
}
}
HTTP Response
HTTP/1.1 202 Accepted
Location: /v1/tasks/b9b0732c-8c22-4b1d-ae54-96474b01489e
Content-Type: application/json
Content-Length: 119
{
"id" : "b9b0732c-8c22-4b1d-ae54-96474b01489e",
"name" : "UPDATE_AUTO_ROTATE_POLICY",
"status" : "IN_PROGRESS"
}
- Poll the status of the task using the task API with the ID from the response of the previous API.
Tip : Refer to: Get a Task or Get a Credentials Task.
- Poll the task until "status" is not "IN_PROGRESS" with the ID from the previous response.
Tip : Refer to: Get a Task.
If the "status" is "SUCCESSFUL", the task is completed successfully.
If the "status" is "FAILED", the task can be re-executed.
Tip : Refer to: Retry the Rotate Passwords Task.
14. Disable auto-rotate schedule for credentials
This API is used to disable configured schedule for auto-rotate of passwords for the list of selected credentials.
14.1. Prerequisites
The following data is required
Name or ID of the resource
Type of the resource
Credential type of the resource
Username of the resource
enableAutoRotatePolicy refers to property for enable/disable the auto-rotate schedule
Tip : Refer to: Get the Credentials to get the credential type, username, name, ID and type of the resource.
14.2. Steps
Trigger the task using the valid input specification.
set enableAutoRotatePolicy to True
cURL Request
$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials' -i -X PATCH \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer etYWRta....' \
-d '{
"operationType" : "UPDATE_AUTO_ROTATE_POLICY",
"elements" : [ {
"resourceName" : "sfo01-m01-vc01.rainpole.io",
"resourceType" : "VCENTER",
"credentials" : [ {
"credentialType" : "SSH",
"username" : "root"
} ]
} ],
"autoRotatePolicy" : {
"enableAutoRotatePolicy" : false
}
}'
HTTP Request
PATCH /v1/credentials HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 317
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....
{
"operationType" : "UPDATE_AUTO_ROTATE_POLICY",
"elements" : [ {
"resourceName" : "sfo01-m01-vc01.rainpole.io",
"resourceType" : "VCENTER",
"credentials" : [ {
"credentialType" : "SSH",
"username" : "root"
} ]
} ],
"autoRotatePolicy" : {
"enableAutoRotatePolicy" : false
}
}
HTTP Response
HTTP/1.1 202 Accepted
Location: /v1/tasks/af8744e6-407a-4633-a2bf-a3b602199ef3
Content-Type: application/json
Content-Length: 119
{
"id" : "af8744e6-407a-4633-a2bf-a3b602199ef3",
"name" : "UPDATE_AUTO_ROTATE_POLICY",
"status" : "IN_PROGRESS"
}
- Poll the status of the task using the task API with the ID from the response of the previous API.
Tip : Refer to: Get a Task. or Get a Credentials Task.
- Poll the task until "status" is not "IN_PROGRESS" with the ID from the previous response.
Tip : Refer to: Get a Task.
If the "status" is "SUCCESSFUL", the task is completed successfully.
If the "status" is "FAILED", the task can be re-executed.
Tip : Refer to: Retry the Rotate Passwords Task.
15. Fetch password expiration details
This API is used to get password expiration details for a list of credentials.
15.1. Prerequisites
The following data is required
- Type of the resource
The following data is optional
Domain name associated with the resource
Credential id of the resource
Tip : Refer to: Get the Credentials to get the credential id, domain name and type of the resource.
15.2. Steps
- Trigger the task using the valid input specification.
cURL Request
$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials/expirations' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer etYWRta....' \
-d '{
"domainName" : "MGMT",
"resourceType" : "NSX_MANAGER",
"credentialIds" : [ "1f890832-3eb9-4f24-bfa2-f535a2bc7dcb", "4eba3ffd-e0ae-4cdf-95af-dbb1c48c24fc" ]
}'
HTTP Request
POST /v1/credentials/expirations HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 165
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....
{
"domainName" : "MGMT",
"resourceType" : "NSX_MANAGER",
"credentialIds" : [ "1f890832-3eb9-4f24-bfa2-f535a2bc7dcb", "4eba3ffd-e0ae-4cdf-95af-dbb1c48c24fc" ]
}
HTTP Response
HTTP/1.1 202 Accepted
Location: /v1/credentials/expirations/70699cee-1ee9-418f-8dc6-1db1db3b0600
Content-Type: application/json
Content-Length: 79
{
"id" : "70699cee-1ee9-418f-8dc6-1db1db3b0600",
"status" : "IN_PROGRESS"
}
Poll the status of the task using the get expiration API with the ID from the response of the previous API. Continue polling until "status" is not "IN_PROGRESS".
If the "status" is "COMPLETED", the task is completed and expiration details of credentials can be obtained from the list elements in the response. If the expiration fetch fails for any credential, check the error response of that element in the response.
If the "status" is "FAILED", the task can be re-executed.
cURL Request
$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials/expirations/70699cee-1ee9-418f-8dc6-1db1db3b0600' -i -X GET \
-H 'Authorization: Bearer etYWRta....'
HTTP Request
GET /v1/credentials/expirations/70699cee-1ee9-418f-8dc6-1db1db3b0600 HTTP/1.1
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....
HTTP Response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 873
{
"id" : "70699cee-1ee9-418f-8dc6-1db1db3b0600",
"status" : "COMPLETED",
"elements" : [ {
"id" : "1f890832-3eb9-4f24-bfa2-f535a2bc7dcb",
"username" : "root",
"resource" : {
"resourceId" : "ee735959-34f6-4df3-b09d-99f80d7c2dcc",
"resourceName" : "sfo01-m01-nsx01.rainpole.io",
"resourceType" : "NSX_MANAGER",
"domainName" : "MGMT"
},
"expiry" : {
"expiryDate" : "2023-08-20T06:17:35.063Z",
"status" : "ACTIVE"
}
}, {
"id" : "4eba3ffd-e0ae-4cdf-95af-dbb1c48c24fc",
"username" : "admin",
"resource" : {
"resourceId" : "ee735959-34f6-4df3-b09d-99f80d7c2dcc",
"resourceName" : "sfo01-m01-nsx01.rainpole.io",
"resourceType" : "NSX_MANAGER",
"domainName" : "MGMT"
},
"expiry" : {
"expiryDate" : "2023-08-20T06:17:35.063Z",
"status" : "ACTIVE"
}
} ]
}
Last updated 2023-05-21 23:30:49 PDT