From 14ecf2107de3bfc728046a86420b6d613a708f87 Mon Sep 17 00:00:00 2001 From: William Lam Date: Sat, 15 Sep 2018 05:32:19 -0700 Subject: [PATCH 1/6] Initial Commit --- Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psd1 | 88 +++++++++++++ Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 | 127 +++++++++++++++++++ 2 files changed, 215 insertions(+) create mode 100644 Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psd1 create mode 100644 Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 diff --git a/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psd1 b/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psd1 new file mode 100644 index 0000000..0e68563 --- /dev/null +++ b/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psd1 @@ -0,0 +1,88 @@ +# +# Module manifest for module 'VMware.VMC.NSXT' +# +# Generated by: wlam@vmware.com +# +# Generated on: 09/11/18 +# + +@{ + +# Script module or binary module file associated with this manifest. +RootModule = 'VMware.VMC.NSXT.psm1' + +# Version number of this module. +ModuleVersion = '1.0.0' + +# Supported PSEditions +# CompatiblePSEditions = @() + +# ID used to uniquely identify this module +GUID = 'c094608a-7480-4751-a14c-c9dd68870607' + +# Author of this module +Author = 'William Lam' + +# Company or vendor of this module +CompanyName = 'VMware' + +# Copyright statement for this module +Copyright = '(c) 2018 VMware. All rights reserved.' + +# Description of the functionality provided by this module +Description = 'PowerShell Module for Managing NSX-T on VMware Cloud on AWS' + +# Minimum version of the Windows PowerShell engine required by this module +PowerShellVersion = '6.0' + +# Functions to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no functions to export. +FunctionsToExport = 'Connect-NSXTProxy', 'Get-NSXTSegment' +# Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export. +CmdletsToExport = @() + +# Variables to export from this module +VariablesToExport = '*' + +# Aliases to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no aliases to export. +AliasesToExport = @() + +# DSC resources to export from this module +# DscResourcesToExport = @() + +# List of all modules packaged with this module +# ModuleList = @() + +# List of all files packaged with this module +# FileList = @() + +# Private data to pass to the module specified in RootModule/ModuleToProcess. This may also contain a PSData hashtable with additional module metadata used by PowerShell. +PrivateData = @{ + + PSData = @{ + + # Tags applied to this module. These help with module discovery in online galleries. + # Tags = @() + + # A URL to the license for this module. + # LicenseUri = '' + + # A URL to the main website for this project. + # ProjectUri = '' + + # A URL to an icon representing this module. + # IconUri = '' + + # ReleaseNotes of this module + # ReleaseNotes = '' + + } # End of PSData hashtable + +} # End of PrivateData hashtable + +# HelpInfo URI of this module +# HelpInfoURI = '' + +# Default prefix for commands exported from this module. Override the default prefix using Import-Module -Prefix. +# DefaultCommandPrefix = '' + +} \ No newline at end of file diff --git a/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 b/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 new file mode 100644 index 0000000..72f5ebc --- /dev/null +++ b/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 @@ -0,0 +1,127 @@ +Function Connect-NSXTProxy { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 09/11/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Retrieves NSX-T Proxy URL + acquire CSP Access Token to then be used with NSXT-T Policy API + .DESCRIPTION + This cmdlet creates $global:nsxtProxyConnection object containing the NSX-T Proxy URL along with CSP Token + .EXAMPLE + Connect-NSXTProxy -RefreshToken $RefreshToken -OrgName $OrgName -SDDCName $SDDCName + .NOTES + You must be logged into VMC using Connect-VmcServer cmdlet +#> + Param ( + [Parameter(Mandatory=$true)][String]$RefreshToken, + [Parameter(Mandatory=$true)][String]$OrgName, + [Parameter(Mandatory=$true)][String]$SDDCName + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; exit } Else { + $sddcService = Get-VmcService "com.vmware.vmc.orgs.sddcs" + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + $sddc = $sddcService.get($orgId,$sddcId) + if($sddc.resource_config.nsxt) { + $nsxtProxyURL = $sddc.resource_config.nsx_api_public_endpoint_url + } else { + Write-Host -ForegroundColor Red "This is not an NSX-T based SDDC" + break + } + } + + $results = Invoke-WebRequest -Uri "https://console.cloud.vmware.com/csp/gateway/am/api/auth/api-tokens/authorize?refresh_token=$RefreshToken" -Method POST -ContentType "application/json" -UseBasicParsing -Headers @{"csp-auth-token"="$RefreshToken"} + if($results.StatusCode -ne 200) { + Write-Host -ForegroundColor Red "Failed to retrieve Access Token, please ensure your VMC Refresh Token is valid and try again" + break + } + $accessToken = ($results | ConvertFrom-Json).access_token + + $headers = @{ + "csp-auth-token"="$accessToken" + "Content-Type"="application/json" + "Accept"="application/json" + } + $global:nsxtProxyConnection = new-object PSObject -Property @{ + 'Server' = $nsxtProxyURL + 'headers' = $headers + } + $global:nsxtProxyConnection +} + +Function Get-NSXTSegment { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 09/11/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Returns all NSX-T Segments (Logical Networks) + .DESCRIPTION + This cmdlet retrieves all NSX-T Segments (Logical Networks) + .EXAMPLE + Get-NSXTSegment + .EXAMPLE + Get-NSXTSegment -Name "sddc-cgw-network-1" +#> + Param ( + [Parameter(Mandatory=$False)]$Name, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $method = "GET" + $segmentsURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/networks/cgw/segments" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $METHOD`n$segmentsURL`n" + } + + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $segmentsURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $segmentsURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + + if($requests.StatusCode -eq 200) { + $segments = ($requests.Content | ConvertFrom-Json).results + + if ($PSBoundParameters.ContainsKey("Name")){ + $segments = $segments | where {$_.display_name -eq $Name} + } + + $results = @() + foreach ($segment in $segments) { + + $subnets = $segment.subnets + $network = $subnets.network + $gateway = $subnets.gateway_addresses + $dhcpRange = $subnets.dhcp_ranges + + $tmp = [pscustomobject] @{ + Name = $segment.display_name; + ID = $segment.Id; + Network = $network; + Gateway = $gateway; + DHCPRange = $dhcpRange; + } + $results+=$tmp + } + $results + } else { + Write-Error "Failed to retrieve NSX-T Segments" + } + } +} \ No newline at end of file From 526f6a8ad902d99e334ccb869372d8475bf79f4c Mon Sep 17 00:00:00 2001 From: William Lam Date: Tue, 18 Sep 2018 14:47:36 -0700 Subject: [PATCH 2/6] Check $global:DefaultVMCServers.IsConnected during NSX-T Proxy Connect --- Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 b/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 index 72f5ebc..126cad5 100644 --- a/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 +++ b/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 @@ -24,7 +24,7 @@ Function Connect-NSXTProxy { [Parameter(Mandatory=$true)][String]$SDDCName ) - If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; exit } Else { + If (-Not $global:DefaultVMCServers.IsConnected) { Write-error "No valid VMC Connection found, please use the Connect-VMC to connect"; break } Else { $sddcService = Get-VmcService "com.vmware.vmc.orgs.sddcs" $orgId = (Get-VMCOrg -Name $OrgName).Id $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id From 16b32f1b03dd96c96a7091d7cb104a2355f4272b Mon Sep 17 00:00:00 2001 From: William Lam Date: Wed, 19 Sep 2018 05:34:20 -0700 Subject: [PATCH 3/6] Additional NSX-T Policy API functions --- Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psd1 | 2 +- Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 | 766 ++++++++++++++++++- 2 files changed, 762 insertions(+), 6 deletions(-) diff --git a/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psd1 b/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psd1 index 0e68563..c7feb19 100644 --- a/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psd1 +++ b/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psd1 @@ -36,7 +36,7 @@ Description = 'PowerShell Module for Managing NSX-T on VMware Cloud on AWS' PowerShellVersion = '6.0' # Functions to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no functions to export. -FunctionsToExport = 'Connect-NSXTProxy', 'Get-NSXTSegment' +FunctionsToExport = 'Connect-NSXTProxy', 'Get-NSXTSegment', 'New-NSXTSegment', 'Remove-NSXTSegment', 'Get-NSXTGroup', 'New-NSXTGroup', 'Remove-NSXTGroup', 'Get-NSXTService', 'New-NSXTService' # Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export. CmdletsToExport = @() diff --git a/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 b/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 index 126cad5..09b6b4d 100644 --- a/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 +++ b/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 @@ -81,7 +81,7 @@ Function Get-NSXTSegment { [Switch]$Troubleshoot ) - If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { $method = "GET" $segmentsURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/networks/cgw/segments" @@ -89,10 +89,15 @@ Function Get-NSXTSegment { Write-Host -ForegroundColor cyan "`n[DEBUG] - $METHOD`n$segmentsURL`n" } - if($PSVersionTable.PSEdition -eq "Core") { - $requests = Invoke-WebRequest -Uri $segmentsURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck - } else { - $requests = Invoke-WebRequest -Uri $segmentsURL -Method $method -Headers $global:nsxtProxyConnection.headers + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $segmentsURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $segmentsURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break } if($requests.StatusCode -eq 200) { @@ -124,4 +129,755 @@ Function Get-NSXTSegment { Write-Error "Failed to retrieve NSX-T Segments" } } +} + +Function New-NSXTSegment { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 09/11/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Creates a new NSX-T Segment (Logical Networks) + .DESCRIPTION + This cmdlet creates a new NSX-T Segment (Logical Networks) + .EXAMPLE + New-NSXTSegment -Name "sddc-cgw-network-4" -Gateway "192.168.4.1" -Prefix "24" -DHCP -DHCPRange "192.168.4.2-192.168.4.254" +#> + Param ( + [Parameter(Mandatory=$True)]$Name, + [Parameter(Mandatory=$True)]$Gateway, + [Parameter(Mandatory=$True)]$Prefix, + [Parameter(Mandatory=$False)]$DHCPRange, + [Switch]$DHCP, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + if($DHCP) { + $dhcpConf = @($DHCPRange) + } else { + $dhcpConf = @($null) + } + + $subnets = @{ + gateway_addresses = @($gateway); + prefix_len = $Prefix; + dhcp_ranges = $dhcpConf + } + + $payload = @{ + display_name = $Name; + subnets = @($subnets) + } + $body = $payload | ConvertTo-Json -depth 4 + + $method = "PUT" + $newSegmentsURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/networks/cgw/segments/$Name" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$newSegmentsURL`n" + Write-Host -ForegroundColor cyan "[DEBUG]`n$body`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $newSegmentsURL -Body $body -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $newSegmentsURL -Body $body -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } + + if($requests.StatusCode -eq 200) { + Write-Host "Succesfully created new NSX-T Segment $Name" + ($requests.Content | ConvertFrom-Json) | select display_name, id + } else { + Write-Error "Failed to create new NSX-T Segment" + + } + } +} + +Function Remove-NSXTSegment { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 09/11/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Removes an NSX-T Segment (Logical Networks) + .DESCRIPTION + This cmdlet removes an NSX-T Segment (Logical Networks) + .EXAMPLE + Remove-NSXTSegment -Id "sddc-cgw-network-4" +#> + Param ( + [Parameter(Mandatory=$True)]$Id, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $method = "DELETE" + $deleteSegmentsURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/networks/cgw/segments/$Id" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$deleteSegmentsURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $deleteSegmentsURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $deleteSegmentsURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } + + if($requests.StatusCode -eq 200) { + Write-Host "Succesfully removed NSX-T Segment $Name" + } else { + Write-Error "Failed to remove NSX-T Segments" + + } + } +} + +Function Get-NSXTFirewall { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 09/11/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Returns all NSX-T Firewall Rules on MGW or CGW + .DESCRIPTION + This cmdlet retrieves all NSX-T Firewall Rules on MGW or CGW + .EXAMPLE + Get-NSXTFirewall -GatewayType MGW + .EXAMPLE + Get-NSXTFirewall -GatewayType MGW -Name "Test" +#> + param( + [Parameter(Mandatory=$false)][String]$Name, + [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $method = "GET" + $edgeFirewallURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/domains/$($GatewayType.toLower())/edge-communication-maps/default" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$edgeFirewallURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $edgeFirewallURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $edgeFirewallURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } + + if($requests.StatusCode -eq 200) { + $rules = ($requests.Content | ConvertFrom-Json).communication_entries + + if ($PSBoundParameters.ContainsKey("Name")){ + $rules = $rules | where {$_.display_name -eq $Name} + } + + $results = @() + foreach ($rule in $rules | Sort-Object -Property sequence_number) { + $sourceGroups = $rule.source_groups + $source = @() + foreach ($sourceGroup in $sourceGroups) { + if($sourceGroup -eq "ANY") { + $source += $sourceGroup + break + } else { + $sourceGroupURL = $global:nsxtProxyConnection.Server + "/policy/api/v1" + $sourceGroup + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$sourceGroupURL`n" + } + try { + $requests = Invoke-WebRequest -Uri $sourceGroupURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } catch { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } + $group = ($requests.Content | ConvertFrom-Json) + $source += $group.display_name + } + } + + $destinationGroups = $rule.destination_groups + $destination = @() + foreach ($destinationGroup in $destinationGroups) { + if($destinationGroup -eq "ANY") { + $destination += $destinationGroup + break + } else { + $destionationGroupURL = $global:nsxtProxyConnection.Server + "/policy/api/v1" + $destinationGroup + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$destionationGroupURL`n" + } + try { + $requests = Invoke-WebRequest -Uri $destionationGroupURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } catch { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } + $group = ($requests.Content | ConvertFrom-Json) + $destination += $group.display_name + } + } + + $serviceGroups = $rule.services + $service = @() + foreach ($serviceGroup in $serviceGroups) { + if($serviceGroup -eq "ANY") { + $service += $serviceGroup + break + } else { + $serviceGroupURL = $global:nsxtProxyConnection.Server + "/policy/api/v1" + $serviceGroup + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$serviceGroupURL`n" + } + try { + $requests = Invoke-WebRequest -Uri $serviceGroupURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } catch { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } + $group = ($requests.Content | ConvertFrom-Json) + $service += $group.display_name + } + } + + $tmp = [pscustomobject] @{ + SequenceNumber = $rule.sequence_number; + Name = $rule.display_name; + ID = $rule.id; + Source = $source; + Destination = $destination; + Services = $service; + Action = $rule.action; + } + $results+=$tmp + } + $results + + } else { + Write-Error "Failed to retrieve NSX-T Firewall Rules" + } + } +} + +Function New-NSXTFirewall { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 09/11/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Creates a new NSX-T Firewall Rule on MGW or CGW + .DESCRIPTION + This cmdlet creates a new NSX-T Firewall Rule on MGW or CGW + .EXAMPLE + New-NSXTFirewall -GatewayType MGW -Name TEST -Id TEST -SourceGroupId ESXI -DestinationGroupId ANY -Service ANY -Logged $true -SequenceNumber 7 -Action ALLOW +#> + Param ( + [Parameter(Mandatory=$True)]$Name, + [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType, + [Parameter(Mandatory=$True)]$Id, + [Parameter(Mandatory=$True)]$SequenceNumber, + [Parameter(Mandatory=$True)]$SourceGroupId, + [Parameter(Mandatory=$True)]$DestinationGroupId, + [Parameter(Mandatory=$True)]$Service, + [Parameter(Mandatory=$True)][ValidateSet("ALLOW","DENY")]$Action, + [Parameter(Mandatory=$false)][Boolean]$Logged=$false, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + + if($DestinationGroupId -eq "ANY") { + $destinationGroups = $DestinationGroupId + } else { + $destinationGroups = "/infra/domains/$($GatewayType.toLower())/groups/$DestinationGroupId" + } + + $sourceGroups = @() + foreach ($group in $SourceGroupId) { + $tmp = "/infra/domains/$($GatewayType.toLower())/groups/$group" + $sourceGroups+= $tmp + } + + $services = @() + foreach ($serviceName in $Service) { + if($serviceName -eq "ANY") { + $tmp = "ANY" + } else { + $tmp = "/infra/services/$serviceName" + } + $services+=$tmp + } + + $payload = @{ + display_name = $Name; + resource_type = "CommunicationEntry"; + id = $Id; + sequence_number = $SequenceNumber; + destination_groups = @($destinationGroups); + source_groups = $sourceGroups; + logged = $Logged; + scope = @("/infra/labels/$($GatewayType.toLower())"); + services = $services; + action = $Action; + } + + $body = $payload | ConvertTo-Json -depth 5 + + $method = "PUT" + $newFirewallURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/domains/$($GatewayType.toLower())/edge-communication-maps/default/communication-entries/$Id" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$newFirewallURL`n" + Write-Host -ForegroundColor cyan "[DEBUG]`n$body`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $newFirewallURL -Body $body -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $newFirewallURL -Body $body -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } + + if($requests.StatusCode -eq 200) { + Write-Host "Succesfully created new NSX-T Firewall Rule $Name" + ($requests.Content | ConvertFrom-Json) | select display_name, id + } else { + Write-Error "Failed to create new NSX-T Firewall Rule" + } + } +} + +Function Remove-NSXTFirewall { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 09/11/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Removes an NSX-T Firewall Rule on MGW or CGW + .DESCRIPTION + This cmdlet removes an NSX-T Firewall Rule on MGW or CGW + .EXAMPLE + Remove-NSXTFirewall -Id TEST -GatewayType MGW -Troubleshoot +#> + Param ( + [Parameter(Mandatory=$True)]$Id, + [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $method = "DELETE" + $deleteGgroupURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/domains/$($GatewayType.toLower())/edge-communication-maps/default/communication-entries/$Id" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$deleteGgroupURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $deleteGgroupURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $deleteGgroupURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } + + if($requests.StatusCode -eq 200) { + Write-Host "Succesfully removed NSX-T Firewall Rule $Name" + } else { + Write-Error "Failed to create new NSX-T Firewall Rule" + } + } +} + +Function Get-NSXTGroup { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 09/11/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Returns all NSX-T Groups for MGW or CGW + .DESCRIPTION + This cmdlet retrieves all NSX-T Groups for MGW or CGW + .EXAMPLE + Get-NSXTGroup -GatewayType MGW + .EXAMPLE + Get-NSXTGroup -GatewayType MGW -Name "Test" +#> + param( + [Parameter(Mandatory=$false)][String]$Name, + [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $method = "GET" + $edgeFirewallGroupsURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/domains/$($GatewayType.toLower())/groups" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$edgeFirewallGroupsURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $edgeFirewallGroupsURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $edgeFirewallGroupsURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } + + if($requests.StatusCode -eq 200) { + $groups = ($requests.Content | ConvertFrom-Json).results + + if ($PSBoundParameters.ContainsKey("Name")){ + $groups = $groups | where {$_.display_name -eq $Name} + } + + $results = @() + foreach ($group in $groups) { + if($group.tags.tag -eq $null) { + $groupType = "USER_DEFINED" + } else { $groupType = $group.tags.tag } + + $members = @() + foreach ($member in $group.expression) { + $members += $member.ip_addresses + } + + $tmp = [pscustomobject] @{ + Name = $group.display_name; + ID = $group.id; + Type = $groupType; + Members = $members; + } + $results+=$tmp + } + $results + } else { + Write-Error "Failed to retrieve NSX-T Groups" + } + } +} + +Function New-NSXTGroup { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 09/11/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Creates a new NSX-T Group on MGW or CGW + .DESCRIPTION + This cmdlet creates a new NSX-T Firewall Rule on MGW or CGW + .EXAMPLE + New-NSXTGroup -GatewayType MGW -Name Foo -IPAddress @("172.31.0.0/24") +#> + Param ( + [Parameter(Mandatory=$True)]$Name, + [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType, + [Parameter(Mandatory=$True)][String[]]$IPAddress, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $expression = @{ + resource_type = "IPAddressExpression"; + ip_addresses = $IPAddress; + } + + $payload = @{ + display_name = $Name; + expression = @($expression); + } + $body = $payload | ConvertTo-Json -depth 5 + + $method = "PUT" + $newGroupURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/domains/$($GatewayType.toLower())/groups/$Name" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$newGroupURL`n" + Write-Host -ForegroundColor cyan "[DEBUG]`n$body`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $newGroupURL -Body $body -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $newGroupURL -Body $body -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } + + if($requests.StatusCode -eq 200) { + Write-Host "Succesfully created new NSX-T Group $Name" + ($requests.Content | ConvertFrom-Json) | select display_name, id + } else { + Write-Error "Failed to create new NSX-T Group" + } + } +} + +Function Remove-NSXTGROUP { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 09/11/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Removes an NSX-T Group + .DESCRIPTION + This cmdlet removes an NSX-T Group + .EXAMPLE + Remove-NSXTGROUP -Id Foo -GatewayType MGW -Troubleshoot +#> + Param ( + [Parameter(Mandatory=$True)]$Id, + [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $method = "DELETE" + $deleteGgroupURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/domains/$($GatewayType.toLower())/groups/$Id" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$deleteGgroupURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $deleteGgroupURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $deleteGgroupURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } + + if($requests.StatusCode -eq 200) { + Write-Host "Succesfully removed NSX-T Group $Name" + } else { + Write-Error "Failed to create new NSX-T Group" + } + } +} + +Function Get-NSXTService { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 09/11/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Returns all NSX-T Services + .DESCRIPTION + This cmdlet retrieves all NSX-T Services + .EXAMPLE + Get-NSXTService + .EXAMPLE + Get-NSXTService -Name "WINS" +#> + param( + [Parameter(Mandatory=$false)][String]$Name, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $method = "GET" + $serviceGroupsURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/services" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$serviceGroupsURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $serviceGroupsURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $serviceGroupsURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } + + if($requests.StatusCode -eq 200) { + $services = ($requests.Content | ConvertFrom-Json).results + + if ($PSBoundParameters.ContainsKey("Name")){ + $services = $services | where {$_.display_name -eq $Name} + } + + $results = @() + foreach ($service in $services | Sort-Object -Propert display_name) { + $serviceEntry = $service.service_entries + $serviceProtocol = $serviceEntry.l4_protocol + $serviceSourcePorts = $serviceEntry.source_ports + $serviceDestinationPorts = $serviceEntry.destination_ports + + $tmp = [pscustomobject] @{ + Name = $service.display_name; + Id = $service.id; + Protocol = $serviceProtocol; + Source = $serviceSourcePorts; + Destination = $serviceDestinationPorts; + } + $results += $tmp + } + $results + } else { + Write-Error "Failed to retrieve NSX-T Services" + } + } +} + +Function New-NSXTService { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 09/11/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Creates a new NSX-T Service + .DESCRIPTION + This cmdlet creates a new NSX-T Service + .EXAMPLE + New-NSXTService -Name "MyHTTP2" -Protocol TCP -DestinationPorts @("8080","8081") +#> + Param ( + [Parameter(Mandatory=$True)]$Name, + [Parameter(Mandatory=$True)][String[]]$DestinationPorts, + [Parameter(Mandatory=$True)][ValidateSet("TCP","UDP")][String]$Protocol, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $serviceEntry = @() + $entry = @{ + display_name = $name + "-$destinationPort" + resource_type = "L4PortSetServiceEntry"; + destination_ports = @($DestinationPorts); + l4_protocol = $Protocol; + } + $serviceEntry+=$entry + + $payload = @{ + display_name = $Name; + service_entries = $serviceEntry; + } + $body = $payload | ConvertTo-Json -depth 5 + + $method = "PUT" + $newServiceURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/services/$Name" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$newServiceURL`n" + Write-Host -ForegroundColor cyan "[DEBUG]`n$body`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $newServiceURL -Body $body -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $newServiceURL -Body $body -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } + + if($requests.StatusCode -eq 200) { + Write-Host "Succesfully created new NSX-T Service $Name" + ($requests.Content | ConvertFrom-Json) | select display_name, id + } else { + Write-Error "Failed to create new NSX-T Service" + } + } } \ No newline at end of file From 691709dd40d1f8b0c33bd78adcd6d6d9618f7732 Mon Sep 17 00:00:00 2001 From: William Lam Date: Wed, 19 Sep 2018 05:34:54 -0700 Subject: [PATCH 4/6] Initial commit for HCX PowerShell Module --- Modules/VMware.HCX/VMware.HCX.psd1 | 88 +++++++++++++++ Modules/VMware.HCX/VMware.HCX.psm1 | 176 +++++++++++++++++++++++++++++ 2 files changed, 264 insertions(+) create mode 100644 Modules/VMware.HCX/VMware.HCX.psd1 create mode 100644 Modules/VMware.HCX/VMware.HCX.psm1 diff --git a/Modules/VMware.HCX/VMware.HCX.psd1 b/Modules/VMware.HCX/VMware.HCX.psd1 new file mode 100644 index 0000000..de1f200 --- /dev/null +++ b/Modules/VMware.HCX/VMware.HCX.psd1 @@ -0,0 +1,88 @@ +# +# Module manifest for module 'VMware.HCX' +# +# Generated by: wlam@vmware.com +# +# Generated on: 09/11/18 +# + +@{ + +# Script module or binary module file associated with this manifest. +RootModule = 'VMware.HCX.psm1' + +# Version number of this module. +ModuleVersion = '1.0.0' + +# Supported PSEditions +# CompatiblePSEditions = @() + +# ID used to uniquely identify this module +GUID = '88898ed6-26e8-4dfa-a9de-10d3a12571de' + +# Author of this module +Author = 'William Lam' + +# Company or vendor of this module +CompanyName = 'VMware' + +# Copyright statement for this module +Copyright = '(c) 2018 VMware. All rights reserved.' + +# Description of the functionality provided by this module +Description = 'PowerShell Module for Managing Hybrid Cloud Extension (HCX) on VMware Cloud on AWS' + +# Minimum version of the Windows PowerShell engine required by this module +PowerShellVersion = '6.0' + +# Functions to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no functions to export. +FunctionsToExport = 'Connect-HcxServer', 'Get-HcxCloudConfig', 'Connect-HcxVAMI', 'Get-HcxVAMIVCConfig' +# Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export. +CmdletsToExport = @() + +# Variables to export from this module +VariablesToExport = '*' + +# Aliases to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no aliases to export. +AliasesToExport = @() + +# DSC resources to export from this module +# DscResourcesToExport = @() + +# List of all modules packaged with this module +# ModuleList = @() + +# List of all files packaged with this module +# FileList = @() + +# Private data to pass to the module specified in RootModule/ModuleToProcess. This may also contain a PSData hashtable with additional module metadata used by PowerShell. +PrivateData = @{ + + PSData = @{ + + # Tags applied to this module. These help with module discovery in online galleries. + # Tags = @() + + # A URL to the license for this module. + # LicenseUri = '' + + # A URL to the main website for this project. + # ProjectUri = '' + + # A URL to an icon representing this module. + # IconUri = '' + + # ReleaseNotes of this module + # ReleaseNotes = '' + + } # End of PSData hashtable + +} # End of PrivateData hashtable + +# HelpInfo URI of this module +# HelpInfoURI = '' + +# Default prefix for commands exported from this module. Override the default prefix using Import-Module -Prefix. +# DefaultCommandPrefix = '' + +} \ No newline at end of file diff --git a/Modules/VMware.HCX/VMware.HCX.psm1 b/Modules/VMware.HCX/VMware.HCX.psm1 new file mode 100644 index 0000000..222f8d1 --- /dev/null +++ b/Modules/VMware.HCX/VMware.HCX.psm1 @@ -0,0 +1,176 @@ +Function Connect-HcxServer { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 09/16/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Connect to the HCX Enterprise Manager + .DESCRIPTION + This cmdlet connects to the HCX Enterprise Manager + .EXAMPLE + Connect-HcxServer -Server $HCXServer -Username $Username -Password $Password +#> + Param ( + [Parameter(Mandatory=$true)][String]$Server, + [Parameter(Mandatory=$true)][String]$Username, + [Parameter(Mandatory=$true)][String]$Password + ) + + $payload = @{ + "username" = $Username + "password" = $Password + } + $body = $payload | ConvertTo-Json + + $hcxLoginUrl = "https://$Server/hybridity/api/sessions" + + if($PSVersionTable.PSEdition -eq "Core") { + $results = Invoke-WebRequest -Uri $hcxLoginUrl -Body $body -Method POST -UseBasicParsing -ContentType "application/json" -SkipCertificateCheck + } else { + $results = Invoke-WebRequest -Uri $hcxLoginUrl -Body $body -Method POST -UseBasicParsing -ContentType "application/json" + } + + if($results.StatusCode -eq 200) { + $hcxAuthToken = $results.Headers.'x-hm-authorization' + + $headers = @{ + "x-hm-authorization"="$hcxAuthToken" + "Content-Type"="application/json" + "Accept"="application/json" + } + + $global:hcxConnection = new-object PSObject -Property @{ + 'Server' = "https://$server/hybridity/api"; + 'headers' = $headers + } + $global:hcxConnection + } else { + Write-Error "Failed to connect to HCX Manager, please verify your vSphere SSO credentials" + } +} + +Function Get-HcxCloudConfig { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 09/16/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Returns the Cloud HCX information that is registerd with HCX Manager + .DESCRIPTION + This cmdlet returns the Cloud HCX information that is registerd with HCX Manager + .EXAMPLE + Get-HcxCloudConfig +#> + If (-Not $global:hcxConnection) { Write-error "HCX Auth Token not found, please run Connect-HcxServer " } Else { + $cloudConfigUrl = $global:hcxConnection.Server + "/cloudConfigs" + + if($PSVersionTable.PSEdition -eq "Core") { + $cloudvcRequests = Invoke-WebRequest -Uri $cloudConfigUrl -Method GET -Headers $global:hcxConnection.headers -UseBasicParsing -SkipCertificateCheck + } else { + $cloudvcRequests = Invoke-WebRequest -Uri $cloudConfigUrl -Method GET -Headers $global:hcxConnection.headers -UseBasicParsing + } + + $cloudvcData = ($cloudvcRequests.content | ConvertFrom-Json).data.items + + $tmp = [pscustomobject] @{ + Name = $cloudvcData.cloudName; + Version = $cloudvcData.version; + Build = $cloudvcData.buildNumber; + HCXUUID = $cloudvcData.endpointId; + } + $tmp + } +} + +Function Connect-HcxVAMI { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 09/16/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Connect to the HCX Enterprise Manager VAMI + .DESCRIPTION + This cmdlet connects to the HCX Enterprise Manager VAMI + .EXAMPLE + Connect-HcxVAMI -Server $HCXServer -Username $VAMIUsername -Password $VAMIPassword +#> + Param ( + [Parameter(Mandatory=$true)][String]$Server, + [Parameter(Mandatory=$true)][String]$Username, + [Parameter(Mandatory=$true)][String]$Password + ) + + $pair = "${Username}:${Password}" + $bytes = [System.Text.Encoding]::ASCII.GetBytes($pair) + $base64 = [System.Convert]::ToBase64String($bytes) + $basicAuthValue = "Basic $base64" + + $headers = @{ + "authorization"="$basicAuthValue" + "Content-Type"="application/json" + "Accept"="application/json" + } + + $global:hcxVAMIConnection = new-object PSObject -Property @{ + 'Server' = "https://${server}:9443"; + 'headers' = $headers + } + $global:hcxVAMIConnection +} + +Function Get-HcxVAMIVCConfig { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 09/16/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Returns the onPrem vCenter Server registered with HCX Manager + .DESCRIPTION + This cmdlet returns the onPrem vCenter Server registered with HCX Manager + .EXAMPLE + Get-HcxVAMIVCConfig +#> + If (-Not $global:hcxVAMIConnection) { Write-error "HCX Auth Token not found, please run Connect-HcxVAMI " } Else { + $vcConfigUrl = $global:hcxVAMIConnection.Server + "/api/admin/global/config/vcenter" + + if($PSVersionTable.PSEdition -eq "Core") { + $vcRequests = Invoke-WebRequest -Uri $vcConfigUrl -Method GET -Headers $global:hcxVAMIConnection.headers -UseBasicParsing -SkipCertificateCheck + } else { + $vcRequests = Invoke-WebRequest -Uri $vcConfigUrl -Method GET -Headers $global:hcxVAMIConnection.headers -UseBasicParsing + } + $vcData = ($vcRequests.content | ConvertFrom-Json).data.items + + $tmp = [pscustomobject] @{ + Name = $vcData.config.name; + Version = $vcData.config.version; + Build = $vcData.config.buildNumber; + UUID = $vcData.config.vcuuid; + HCXUUID = $vcData.config.uuid; + } + $tmp + } +} \ No newline at end of file From a1c3c01f05f59ebf33f02fa20e9f6b23bdd49247 Mon Sep 17 00:00:00 2001 From: William Lam Date: Thu, 20 Sep 2018 04:56:43 -0700 Subject: [PATCH 5/6] Added NSX-T Policy Firewall cmdlets --- Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psd1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psd1 b/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psd1 index c7feb19..9eca367 100644 --- a/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psd1 +++ b/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psd1 @@ -36,7 +36,7 @@ Description = 'PowerShell Module for Managing NSX-T on VMware Cloud on AWS' PowerShellVersion = '6.0' # Functions to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no functions to export. -FunctionsToExport = 'Connect-NSXTProxy', 'Get-NSXTSegment', 'New-NSXTSegment', 'Remove-NSXTSegment', 'Get-NSXTGroup', 'New-NSXTGroup', 'Remove-NSXTGroup', 'Get-NSXTService', 'New-NSXTService' +FunctionsToExport = 'Connect-NSXTProxy', 'Get-NSXTSegment', 'New-NSXTSegment', 'Remove-NSXTSegment', 'Get-NSXTGroup', 'New-NSXTGroup', 'Remove-NSXTGroup', 'Get-NSXTService', 'New-NSXTService', 'Get-NSXTFirewall', 'New-NSXTFirewall', 'Remove-NSXTFirewall' # Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export. CmdletsToExport = @() From 8402e6999384464c94b3fefa4ff1c5ca6f1d8243 Mon Sep 17 00:00:00 2001 From: William Lam Date: Thu, 20 Sep 2018 05:04:18 -0700 Subject: [PATCH 6/6] Fixed caps --- Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 b/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 index 09b6b4d..b87d788 100644 --- a/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 +++ b/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 @@ -688,7 +688,7 @@ Function New-NSXTGroup { } } -Function Remove-NSXTGROUP { +Function Remove-NSXTGroup { <# .NOTES =========================================================================== @@ -704,7 +704,7 @@ Function Remove-NSXTGROUP { .DESCRIPTION This cmdlet removes an NSX-T Group .EXAMPLE - Remove-NSXTGROUP -Id Foo -GatewayType MGW -Troubleshoot + Remove-NSXTGroup -Id Foo -GatewayType MGW -Troubleshoot #> Param ( [Parameter(Mandatory=$True)]$Id,