diff --git a/Modules/VMware.CSP/VMware.CSP.psm1 b/Modules/VMware.CSP/VMware.CSP.psm1 index b4b4515..0562950 100644 --- a/Modules/VMware.CSP/VMware.CSP.psm1 +++ b/Modules/VMware.CSP/VMware.CSP.psm1 @@ -21,7 +21,8 @@ [Parameter(Mandatory=$true)][String]$RefreshToken ) - $results = Invoke-WebRequest -Uri "https://console.cloud.vmware.com/csp/gateway/am/api/auth/api-tokens/authorize?refresh_token=$RefreshToken" -Method POST -ContentType "application/json" -UseBasicParsing -Headers @{"csp-auth-token"="$RefreshToken"} + $body = "refresh_token=$RefreshToken" + $results = Invoke-WebRequest -Uri "https://console.cloud.vmware.com/csp/gateway/am/api/auth/api-tokens/authorize" -Method POST -ContentType "application/x-www-form-urlencoded" -UseBasicParsing -Body $body if($results.StatusCode -ne 200) { Write-Host -ForegroundColor Red "Failed to retrieve Access Token, please ensure your VMC Refresh Token is valid and try again" break @@ -51,4 +52,43 @@ Function Get-CSPServices { $results = Invoke-WebRequest -Uri "https://console.cloud.vmware.com/csp/gateway/slc/api/definitions?expand=1" -Method GET -ContentType "application/json" -UseBasicParsing -Headers @{"csp-auth-token"="$env:cspAuthToken"} ((($results.Content) | ConvertFrom-Json).results | where {$_.visible -eq $true}).displayName } -} \ No newline at end of file +} + +Function Get-CSPRefreshTokenExpiry { + <# + .NOTES + =========================================================================== + Created by: William Lam + Date: 01/10/2019 + Organization: VMware + Blog: https://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .DESCRIPTION + Retrieve the expiry for a given CSP Refresh Token + .PARAMETER RefreshToken + Retrieve the expiry for a given CSP Refresh Token + .EXAMPLE + Get-CSPRefreshTokenExpiry -RefreshToken $RefreshToken + #> + Param ( + [Parameter(Mandatory=$true)][String]$RefreshToken + ) + + $body = @{"tokenValue"="$RefreshToken"} + $json = $body | ConvertTo-Json + $results = Invoke-WebRequest -Uri "https://console.cloud.vmware.com/csp/gateway/am/api/auth/api-tokens/details" -Method POST -ContentType "application/json" -UseBasicParsing -Body $json + $tokenDetails = (($results.Content) | ConvertFrom-Json) + + $createDate = (Get-Date -Date "01/01/1970").AddMilliseconds($tokenDetails.createdAt).ToLocalTime() + $usedDate = (Get-Date -Date "01/01/1970").AddMilliseconds($tokenDetails.lastUsedAt).ToLocalTime() + $expiryDate = (Get-Date -Date "01/01/1970").AddMilliseconds($tokenDetails.expiresAt).ToLocalTime() + + $tmp = [pscustomobject] @{ + LastUsedDate = $usedDate; + CreatedDate = $createDate; + ExpiryDate = $expiryDate; + } + $tmp | Format-List +} diff --git a/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psd1 b/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psd1 index ef45018..b74bad7 100644 --- a/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psd1 +++ b/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psd1 @@ -36,7 +36,7 @@ Description = 'PowerShell Module for Managing NSX-T on VMware Cloud on AWS' PowerShellVersion = '6.0' # Functions to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no functions to export. -FunctionsToExport = 'Connect-NSXTProxy', 'Get-NSXTSegment', 'New-NSXTSegment', 'Remove-NSXTSegment', 'Get-NSXTGroup', 'New-NSXTGroup', 'Remove-NSXTGroup', 'Get-NSXTService', 'New-NSXTService', 'Get-NSXTFirewall', 'New-NSXTFirewall', 'Remove-NSXTFirewall', 'Get-NSXTDistFirewallSection', 'Get-NSXTDistFirewall', 'New-NSXTDistFirewall', 'Remove-NSXTDistFirewall' +FunctionsToExport = 'Connect-NSXTProxy', 'Get-NSXTSegment', 'New-NSXTSegment', 'Remove-NSXTSegment', 'Get-NSXTGroup', 'New-NSXTGroup', 'Remove-NSXTGroup', 'Get-NSXTService', 'New-NSXTService', 'Get-NSXTFirewall', 'New-NSXTFirewall', 'Remove-NSXTFirewall', 'Get-NSXTDistFirewallSection', 'Get-NSXTDistFirewall', 'New-NSXTDistFirewall', 'Remove-NSXTDistFirewall', 'Get-NSXTRouteTable', 'Get-NSXTOverviewInfo' # Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export. CmdletsToExport = @() diff --git a/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 b/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 index 72bc1e3..d120086 100644 --- a/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 +++ b/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 @@ -476,7 +476,7 @@ Function New-NSXTFirewall { $services = @() foreach ($serviceName in $Service) { - if($group -eq "ANY") { + if($serviceName -eq "ANY") { $services = @("ANY") } else { $tmp = "/infra/services/$serviceName" @@ -1361,4 +1361,138 @@ Function Remove-NSXTDistFirewall { Write-Host "Succesfully removed NSX-T Distributed Firewall Rule" } } +} + +Function Get-NSXTRouteTable { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 02/02/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Retrieves NSX-T Routing Table + .DESCRIPTION + This cmdlet retrieves NSX-T Routing Table. By default, it shows all routes but you can filter by BGP, CONNECTED or STATIC routes + .EXAMPLE + Get-NSXTRouteTable + .EXAMPLE + Get-NSXTRouteTable -RouteSource BGP + .EXAMPLE + Get-NSXTRouteTable -RouteSource CONNECTED + .EXAMPLE + Get-NSXTRouteTable -RouteSource STATIC + .EXAMPLE + Get-NSXTRouteTable -RouteSource BGP -Troubleshoot +#> + Param ( + [Parameter(Mandatory=$False)][ValidateSet("BGP","CONNECTED","STATIC")]$RouteSource, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $method = "GET" + $routeTableURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/tier-0s/vmc/routing-table?enforcement_point_path=/infra/deployment-zones/default/enforcement-points/vmc-enforcementpoint" + + if($RouteSource) { + $routeTableURL = $routeTableURL + "&route_source=$RouteSource" + } + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$routeTableURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $routeTableURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $routeTableURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in retrieving NSX-T Routing Table" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + Write-Host "Succesfully retrieved NSX-T Routing Table`n" + $routeTables = ($requests.Content | ConvertFrom-Json).results + + foreach ($routeTable in $routeTables) { + Write-Host "EdgeNode: $($routeTable.edge_node)" + Write-Host "Entries: $($routeTable.count)" + + $routeEntries = $routeTable.route_entries + $routeEntryResults = @() + foreach ($routeEntry in $routeEntries) { + $routeEntryResults += $routeEntry + } + $routeEntryResults | select network,next_hop,admin_distance,route_type | ft + } + } + } +} + +Function Get-NSXTOverviewInfo { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 02/02/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Retrieves NSX-T Overview including the VPN internet IP Address and SDDC Infra/Mgmt Subnets, etc. + .DESCRIPTION + This cmdlet retrieves NSX-T Overview details including the VPN internet IP Address and SDDC Infra/Mgmt Subnets, etc. + .EXAMPLE + Get-NSXTOverviewInfo +#> +Param ( + [Parameter(Mandatory=$False)][ValidateSet("BGP","CONNECTED","STATIC")]$RouteSource, + [Switch]$Troubleshoot +) + +If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $method = "GET" + $overviewURL = $global:nsxtProxyConnection.Server + "/cloud-service/api/v1/infra/sddc-user-config" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$overviewURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $overviewURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $overviewURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in retrieving NSX-T Overview Information" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + Write-Host "Succesfully retrieved NSX-T Overview Information" + ($requests.Content | ConvertFrom-Json) + } +} } \ No newline at end of file diff --git a/Modules/VMware.VMC/VMware.VMC.psm1 b/Modules/VMware.VMC/VMware.VMC.psm1 index de3d1ab..33f78a7 100644 --- a/Modules/VMware.VMC/VMware.VMC.psm1 +++ b/Modules/VMware.VMC/VMware.VMC.psm1 @@ -1,1308 +1,1427 @@ -Function Get-VMCCommand { -<# - .NOTES - =========================================================================== - Created by: VMware - Date: 11/17/2017 - Organization: VMware - Blog: http://vmware.com/go/powercli - Twitter: @powercli - =========================================================================== - - .SYNOPSIS - Returns all cmdlets for VMware Cloud on AWS - .DESCRIPTION - This cmdlet will allow you to return all cmdlets included in the VMC module - .EXAMPLE - Get-VMCCommand - .EXAMPLE - Get-Command -Module VMware.VMC - .NOTES - You can either use this cmdlet or the Get-Command cmdlet as seen in Example 2 -#> - Get-command -Module VMware.VimAutomation.Vmc - Get-Command -Module VMware.VMC - -} -Function Connect-VMCVIServer { -<# - .NOTES - =========================================================================== - Created by: VMware - Date: 11/17/2017 - Organization: VMware - Blog: http://vmware.com/go/powercli - Twitter: @powercli - =========================================================================== - - .SYNOPSIS - Cmdlet to connect to your VMC vCenter Server - .DESCRIPTION - This will connect you to both the VMC ViServer as well as the CiSServer at the same time. - .EXAMPLE - Connect-VMCVIServer -Server -User -Password - .NOTES - Easiest way is to pipe through your credentials from Get-VMCSDDCDefaultCredential -#> - Param ( - [Parameter(Mandatory=$true)]$Org, - [Parameter(Mandatory=$true)]$Sddc, - [switch]$Autologin - ) - - If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { - $creds = Get-VMCSDDCDefaultCredential -Org $Org -Sddc $Sddc - Write-Host "Connecting to VMC vCenter Server" $creds.vc_public_ip - Connect-VIServer -Server $creds.vc_public_ip -User $creds.cloud_username -Password $creds.cloud_password | Add-Member -MemberType Noteproperty -Name Location -Value "VMC" - Write-Host "Connecting to VMC CIS Endpoint" $creds.vc_public_ip - Connect-CisServer -Server $creds.vc_public_ip -User $creds.cloud_username -Password $creds.cloud_password | Add-Member -MemberType Noteproperty -Name Location -Value "VMC" - } -} -Function Get-VMCOrg { -<# - .NOTES - =========================================================================== - Created by: VMware - Date: 11/17/2017 - Organization: VMware - Blog: http://vmware.com/go/powercli - Twitter: @powercli - =========================================================================== - - .SYNOPSIS - Return the Orgs that you are a part of - .DESCRIPTION - Depending on what you've purchased, you may be a part of one or more VMC Orgs. This will return your orgs - .EXAMPLE - Get-VMCOrg - .EXAMPLE - Get-VMCOrg -Name - .NOTES - Return all the info about the orgs you are a part of -#> - Param ( - [Parameter(Mandatory=$false)]$Name - ) - - If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use Connect-VMC to connect" } Else { - $orgService = Get-VMCService com.vmware.vmc.orgs - if ($PSBoundParameters.ContainsKey("Name")){ - $orgs = $orgService.list() | Where {$_.display_name -match $Name} - } Else { - $orgs = $orgService.list() - } - $Orgs | Select display_name, name, user_name, created, id - } -} -Function Get-VMCSDDC { -<# - .NOTES - =========================================================================== - Created by: VMware - Date: 11/17/2017 - Organization: VMware - Blog: http://vmware.com/go/powercli - Twitter: @powercli - =========================================================================== - - .SYNOPSIS - Returns all of the SDDCs you are associated to - .DESCRIPTION - Returns all of the SDDCs ayou are associated to - .EXAMPLE - Get-VMCSDDC -Org - .EXAMPLE - Get-VMCSDDC -Name -Org -#> - Param ( - [Parameter(Mandatory=$True)]$Org, - [Parameter(Mandatory=$false)]$Name - ) - - If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { - if ($PSBoundParameters.ContainsKey("Org")){ - $orgs = Get-VMCOrg -Name $Org - } else { - $orgs = Get-VMCOrg - } - - foreach ($org in $orgs) { - $orgID = $org.ID - $sddcService = Get-VMCService com.vmware.vmc.orgs.sddcs - if ($PSBoundParameters.ContainsKey("Name")){ - $sddcService.list($OrgID) | Where {$_.name -match $Name} - } Else { - $sddcService.list($OrgID) - } - } - } -} -Function Get-VMCTask { -<# - .NOTES - =========================================================================== - Created by: VMware - Date: 11/17/2017 - Organization: VMware - Blog: http://vmware.com/go/powercli - Twitter: @powercli - =========================================================================== - - .SYNOPSIS - Returns all of the VMC Tasks - .DESCRIPTION - Returns all of the VMC Tasks that have either occurred or are in process - .EXAMPLE - Get-VMCTask -#> - Param ( - [Parameter(Mandatory=$True)]$Org - ) - - If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { - if ($PSBoundParameters.ContainsKey("Org")){ - $orgs = Get-VMCOrg -Name $Org - } else { - $orgs = Get-VMCOrg - } - - foreach ($org in $orgs) { - $orgID = $org.ID - $taskService = Get-VMCService com.vmware.vmc.orgs.tasks - $taskService.list($OrgID) | Select * -ExcludeProperty Help - } - } -} -Function Get-VMCSDDCDefaultCredential { -<# - .NOTES - =========================================================================== - Created by: VMware - Date: 11/17/2017 - Organization: VMware - Blog: http://vmware.com/go/powercli - Twitter: @powercli - =========================================================================== - - .SYNOPSIS - Returns the default credential for the SDDC - .DESCRIPTION - Returns the default credential for the sddc - .EXAMPLE - Get-VMCSDDCDefaultCredential -Org - .EXAMPLE - Get-VMCSDDCDefaultCredential -Sddc -Org -#> - Param ( - [Parameter(Mandatory=$true)]$Org, - [Parameter(Mandatory=$false)]$Sddc - ) - - If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { - if ($PSBoundParameters.ContainsKey("Sddc")){ - $sddcs = Get-VMCSDDC -Name $Sddc -Org $Org - } else { - $sddcs = Get-VMCSDDC -Org $Org - } - - foreach ($sddc in $sddcs) { - $sddc.resource_config | Select-object vc_url, vc_management_ip, vc_public_ip, cloud_username, cloud_password - } - } -} -Function Get-VMCSDDCPublicIP { -<# - .NOTES - =========================================================================== - Created by: VMware - Date: 11/17/2017 - Organization: VMware - Blog: http://vmware.com/go/powercli - Twitter: @powercli - =========================================================================== - - .SYNOPSIS - Returns your Public IPs - .DESCRIPTION - Returns your Public IPs - .EXAMPLE - Get-VMCSDDCPublicIP -Org - .EXAMPLE - Get-VMCSDDCPublicIP -Sddc -Org - .NOTES - Return your Public IPs that you have assigned to your account -#> - Param ( - [Parameter(Mandatory=$true)]$Org, - [Parameter(Mandatory=$false)]$Sddc - ) - - If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { - if ($PSBoundParameters.ContainsKey("Sddc")){ - $sddcs = Get-VMCSDDC -Name $Sddc -Org $Org - } else { - $sddcs = Get-VMCSDDC -Org $Org - } - - foreach ($sddc in $sddcs) { - $sddc.resource_config.Public_ip_pool - } - } -} -Function Get-VMCVMHost { - Param ( - [Parameter(Mandatory=$false)]$Sddc, - [Parameter(Mandatory=$true)]$Org - ) - - If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { - if ($PSBoundParameters.ContainsKey("Sddc")){ - $sddcs = Get-VMCSDDC -Name $Sddc -Org $Org - } else { - $sddcs = Get-VMCSDDC -Org $Org - } - - $results = @() - foreach ($sddc in $sddcs) { - foreach ($vmhost in $sddc.resource_config.esx_hosts) { - $tmp = [pscustomobject] @{ - esx_id = $vmhost.esx_id; - name = $vmhost.name; - hostname = $vmhost.hostname; - esx_state = $vmhost.esx_state; - sddc_id = $sddc.id; - org_id = $sddc.org_id; - } - $results += $tmp - } - $results - } - } -} -Function Get-VMCSDDCVersion { -<# - .NOTES - =========================================================================== - Created by: VMware - Date: 11/17/2017 - Organization: VMware - Blog: http://vmware.com/go/powercli - Twitter: @powercli - =========================================================================== - - .SYNOPSIS - Returns SDDC Version - .DESCRIPTION - Returns Version of the SDDC - .EXAMPLE - Get-VMCSDDCVersion -Name -Org -#> - Param ( - [Parameter(Mandatory=$True)]$Org, - [Parameter(Mandatory=$false)]$Name - ) - - If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { - if ($PSBoundParameters.ContainsKey("Org")){ - $orgs = Get-VMCOrg -Name $Org - } else { - $orgs = Get-VMCOrg - } - - foreach ($org in $orgs) { - $orgID = $org.ID - $sddcService = Get-VMCService com.vmware.vmc.orgs.sddcs - if ($PSBoundParameters.ContainsKey("Name")){ - ($sddcService.list($OrgID) | Where {$_.name -match $Name}).resource_config.sddc_manifest | Select *version - } Else { - ($sddcService.list($OrgID)).resource_config.sddc_manifest | Select *version - } - } - } -} -Function Get-VMCFirewallRule { - <# - .NOTES - =========================================================================== - Created by: William Lam - Date: 11/19/2017 - Organization: VMware - Blog: https://www.virtuallyghetto.com - Twitter: @lamw - =========================================================================== - - .SYNOPSIS - Retruns VMC Firewall Rules for a given Gateway (MGW or CGW) - .DESCRIPTION - Retruns VMC Firewall Rules for a given Gateway (MGW or CGW) - .EXAMPLE - Get-VMCFirewallRule -OrgName -SDDCName -GatewayType - .EXAMPLE - Get-VMCFirewallRule -OrgName -SDDCName -GatewayType -ShowAll - #> - param( - [Parameter(Mandatory=$false)][String]$SDDCName, - [Parameter(Mandatory=$false)][String]$OrgName, - [Parameter(Mandatory=$false)][Switch]$ShowAll, - [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType - ) - - if($GatewayType -eq "MGW") { - $EdgeId = "edge-1" - } else { - $EdgeId = "edge-2" - } - - $orgId = (Get-VMCOrg -Name $OrgName).Id - $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id - - $firewallConfigService = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.edges.firewall.config - - $firewallRules = ($firewallConfigService.get($orgId, $sddcId, $EdgeId)).firewall_rules.firewall_rules - if(-not $ShowAll) { - $firewallRules = $firewallRules | where { $_.rule_type -ne "default_policy" -and $_.rule_type -ne "internal_high" -and $_.name -ne "vSphere Cluster HA" -and $_.name -ne "Outbound Access" } | Sort-Object -Property rule_tag - } else { - $firewallRules = $firewallRules | Sort-Object -Property rule_tag - } - - $results = @() - foreach ($firewallRule in $firewallRules) { - if($firewallRule.source.ip_address.Count -ne 0) { - $source = $firewallRule.source.ip_address - } else { $source = "ANY" } - - if($firewallRule.application.service.protocol -ne $null) { - $protocol = $firewallRule.application.service.protocol - } else { $protocol = "ANY" } - - if($firewallRule.application.service.port -ne $null) { - $port = $firewallRule.application.service.port - } else { $port = "ANY" } - - $tmp = [pscustomobject] @{ - ID = $firewallRule.rule_id; - Name = $firewallRule.name; - Type = $firewallRule.rule_type; - Action = $firewallRule.action; - Protocol = $protocol; - Port = $port; - SourceAddress = $source - DestinationAddress = $firewallRule.destination.ip_address; - } - $results+=$tmp - } - $results - } -Function Export-VMCFirewallRule { -<# - .NOTES - =========================================================================== - Created by: William Lam - Date: 11/19/2017 - Organization: VMware - Blog: https://www.virtuallyghetto.com - Twitter: @lamw - =========================================================================== - - .SYNOPSIS - Exports all "customer" created VMC Firewall Rules to JSON file - .DESCRIPTION - Exports all "customer" created VMC Firewall Rules to JSON file - .EXAMPLE - Export-VMCFirewallRule -OrgName -SDDCName -GatewayType -Path "C:\Users\lamw\Desktop\VMCFirewallRules.json" - #> - param( - [Parameter(Mandatory=$false)][String]$SDDCName, - [Parameter(Mandatory=$false)][String]$OrgName, - [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType, - [Parameter(Mandatory=$false)][String]$Path - ) - - if (-not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; break } - - if($GatewayType -eq "MGW") { - $EdgeId = "edge-1" - } else { - $EdgeId = "edge-2" - } - - $orgId = (Get-VMCOrg -Name $OrgName).Id - $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id - - if(-not $orgId) { - Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" - break - } - if(-not $sddcId) { - Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" - break - } - - $firewallConfigService = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.edges.firewall.config - - $firewallRules = ($firewallConfigService.get($orgId, $sddcId, $EdgeId)).firewall_rules.firewall_rules - if(-not $ShowAll) { - $firewallRules = $firewallRules | where { $_.rule_type -ne "default_policy" -and $_.rule_type -ne "internal_high" -and $_.name -ne "vSphere Cluster HA" -and $_.name -ne "Outbound Access" } | Sort-Object -Property rule_tag - } else { - $firewallRules = $firewallRules | Sort-Object -Property rule_tag - } - - $results = @() - $count = 0 - foreach ($firewallRule in $firewallRules) { - if($firewallRule.source.ip_address.Count -ne 0) { - $source = $firewallRule.source.ip_address - } else { - $source = "ANY" - } - - $tmp = [pscustomobject] @{ - Name = $firewallRule.name; - Action = $firewallRule.action; - Protocol = $firewallRule.application.service.protocol; - Port = $firewallRule.application.service.port; - SourcePort = $firewallRule.application.service.source_port; - ICMPType = $firewallRule.application.service.icmp_type; - SourceAddress = $firewallRule.source.ip_address; - DestinationAddress = $firewallRule.destination.ip_address; - Enabled = $firewallRule.enabled; - Logging = $firewallRule.logging_enabled; - } - $count+=1 - $results+=$tmp - } - if($Path) { - Write-Host -ForegroundColor Green "Exporting $count VMC Firewall Rules to $Path ..." - $results | ConvertTo-Json | Out-File $Path - } else { - $results | ConvertTo-Json - } -} -Function Import-VMCFirewallRule { -<# - .NOTES - =========================================================================== - Created by: William Lam - Date: 11/19/2017 - Organization: VMware - Blog: https://www.virtuallyghetto.com - Twitter: @lamw - =========================================================================== - - .SYNOPSIS - Imports VMC Firewall Rules from exported JSON configuration file - .DESCRIPTION - Imports VMC Firewall Rules from exported JSON configuration file - .EXAMPLE - Import-VMCFirewallRule -OrgName -SDDCName -GatewayType -Path "C:\Users\lamw\Desktop\VMCFirewallRules.json" - #> - param( - [Parameter(Mandatory=$false)][String]$SDDCName, - [Parameter(Mandatory=$false)][String]$OrgName, - [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType, - [Parameter(Mandatory=$false)][String]$Path - ) - - if (-not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; break } - - if($GatewayType -eq "MGW") { - $EdgeId = "edge-1" - } else { - $EdgeId = "edge-2" - } - - $orgId = (Get-VMCOrg -Name $OrgName).Id - $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id - - if(-not $orgId) { - Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" - break - } - if(-not $sddcId) { - Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" - break - } - - $firewallService = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.edges.firewall.config.rules - - $vmcFirewallRulesJSON = Get-Content -Raw $Path | ConvertFrom-Json - - # Create top level Firewall Rules Object - $firewallRules = $firewallService.Help.add.firewall_rules.Create() - # Create top top level Firewall Rule Spec which will be an array of individual Firewall rules as we process them in next section - $ruleSpec = $firewallService.Help.add.firewall_rules.firewall_rules.Create() - - foreach ($vmcFirewallRule in $vmcFirewallRulesJSON) { - # Create Individual Firewall Rule Element Spec - $ruleElementSpec = $firewallService.Help.add.firewall_rules.firewall_rules.Element.Create() - - # AppSpec - $appSpec = $firewallService.Help.add.firewall_rules.firewall_rules.Element.application.Create() - # ServiceSpec - $serviceSpec = $firewallService.Help.add.firewall_rules.firewall_rules.Element.application.service.Element.Create() - - $protocol = $null - if($vmcFirewallRule.Protocol -ne $null) { - $protocol = $vmcFirewallRule.Protocol - } - $serviceSpec.protocol = $protocol - - # Process ICMP Type from JSON - $icmpType = $null - if($vmcFirewallRule.ICMPType -ne $null) { - $icmpType = $vmcFirewallRule.ICMPType - } - $serviceSpec.icmp_type = $icmpType - - # Process Source Ports from JSON - $sourcePorts = @() - if($vmcFirewallRule.SourcePort -eq "any" -or $vmcFirewallRule.SourcePort -ne $null) { - foreach ($port in $vmcFirewallRule.SourcePort) { - $sourcePorts+=$port - } - } else { - $sourcePorts = @("any") - } - $serviceSpec.source_port = $sourcePorts - - # Process Ports from JSON - $ports = @() - if($vmcFirewallRule.Port -ne "null") { - foreach ($port in $vmcFirewallRule.Port) { - $ports+=$port - } - } - $serviceSpec.port = $ports - $addSpec = $appSpec.service.Add($serviceSpec) - - # Create Source Spec - $srcSpec = $firewallService.Help.add.firewall_rules.firewall_rules.Element.source.Create() - $srcSpec.exclude = $false - # Process Source Address from JSON - $sourceAddess = @() - if($vmcFirewallRule.SourceAddress -ne "null") { - foreach ($address in $vmcFirewallRule.SourceAddress) { - $sourceAddess+=$address - } - } - $srcSpec.ip_address = $sourceAddess; - - # Create Destination Spec - $destSpec = $firewallService.Help.add.firewall_rules.firewall_rules.Element.destination.Create() - $destSpec.exclude = $false - # Process Destination Address from JSON - $destinationAddess = @() - if($vmcFirewallRule.DestinationAddress -ne "null") { - foreach ($address in $vmcFirewallRule.DestinationAddress) { - $destinationAddess+=$address - } - } - $destSpec.ip_address = $destinationAddess - - # Add various specs - if($vmcFirewallRule.Protocol -ne $null -and $vmcFirewallRule.port -ne $null) { - $ruleElementSpec.application = $appSpec - } - - $ruleElementSpec.source = $srcSpec - $ruleElementSpec.destination = $destSpec - $ruleElementSpec.rule_type = "user" - - # Process Enabled from JSON - $fwEnabled = $false - if($vmcFirewallRule.Enabled -eq "true") { - $fwEnabled = $true - } - $ruleElementSpec.enabled = $fwEnabled - - # Process Logging from JSON - $loggingEnabled = $false - if($vmcFirewallRule.Logging -eq "true") { - $loggingEnabled = $true - } - $ruleElementSpec.logging_enabled = $loggingEnabled - - $ruleElementSpec.action = $vmcFirewallRule.Action - $ruleElementSpec.name = $vmcFirewallRule.Name - - # Add the individual FW rule spec into our overall firewall rules array - Write-host "Creating VMC Firewall Rule Spec:" $vmcFirewallRule.Name "..." - $ruleSpecAdd = $ruleSpec.Add($ruleElementSpec) - } - $firewallRules.firewall_rules = $ruleSpec - - Write-host "Adding VMC Firewall Rules ..." - $firewallRuleAdd = $firewallService.add($orgId,$sddcId,$EdgeId,$firewallRules) -} -Function Remove-VMCFirewallRule { -<# - .NOTES - =========================================================================== - Created by: William Lam - Date: 11/19/2017 - Organization: VMware - Blog: https://www.virtuallyghetto.com - Twitter: @lamw - =========================================================================== - - .SYNOPSIS - Removes VMC Firewall Rule given Rule Id - .DESCRIPTION - Removes VMC Firewall Rule given Rule Id - .EXAMPLE - Remove-VMCFirewallRule -OrgName -SDDCName -GatewayType -RuleId - #> - param( - [Parameter(Mandatory=$false)][String]$SDDCName, - [Parameter(Mandatory=$false)][String]$OrgName, - [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType, - [Parameter(Mandatory=$false)][String]$RuleId - ) - - if (-not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; break } - - if($GatewayType -eq "MGW") { - $EdgeId = "edge-1" - } else { - $EdgeId = "edge-2" - } - - $orgId = (Get-VMCOrg -Name $OrgName).Id - $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id - - if(-not $orgId) { - Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" - break - } - if(-not $sddcId) { - Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" - break - } - - $firewallService = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.edges.firewall.config.rules - Write-Host "Removing VMC Firewall Rule Id $RuleId ..." - $firewallService.delete($orgId,$sddcId,$EdgeId,$RuleId) -} -Function Get-VMCLogicalNetwork { - <# - .NOTES - =========================================================================== - Created by: Kyle Ruddy - Date: 03/06/2018 - Organization: VMware - Blog: https://thatcouldbeaproblem.com - Twitter: @kmruddy - =========================================================================== - - .SYNOPSIS - Retruns VMC Logical Networks for a given SDDC - .DESCRIPTION - Retruns VMC Logical Networks for a given SDDC - .EXAMPLE - Get-VMCLogicalNetwork -OrgName -SDDCName - .EXAMPLE - Get-VMCLogicalNetwork -OrgName -SDDCName -LogicalNetworkName - #> - param( - [Parameter(Mandatory=$true)][String]$SDDCName, - [Parameter(Mandatory=$true)][String]$OrgName, - [Parameter(Mandatory=$false)][String]$LogicalNetworkName - - ) - - $orgId = (Get-VMCOrg -Name $OrgName).Id - $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id - - if(-not $orgId) { - Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" - break - } - if(-not $sddcId) { - Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" - break - } - - # @LucD22 - 21/10/18 - Fix for issue #176 VMware.VMC module only lists firts 20 Logical networks - # Loop until entries (total_count) are returned - - $index = [long]0 - - $logicalNetworks = do{ - $netData = $logicalNetworkService.get_0($orgId,$sddcId,$pagesize,$index) - $netData.data | Sort-Object -Property id - $index = $index + $netdata.paging_info.page_size - } - until($index -ge $netData.paging_info.total_count) - - if($LogicalNetworkName) { - $logicalNetworks = $logicalNetworks | Where-Object {$_.Name -eq $LogicalNetworkName} - } - - $results = @() - foreach ($logicalNetwork in $logicalNetworks) { - $tmp = [pscustomobject] @{ - ID = $logicalNetwork.id; - Name = $logicalNetwork.name; - SubnetMask = $logicalNetwork.subnets.address_groups.prefix_length; - Gateway = $logicalNetwork.subnets.address_groups.primary_address; - DHCPipRange = $logicalNetwork.dhcp_configs.ip_pools.ip_range; - DHCPdomain = $logicalNetwork.dhcp_configs.ip_pools.domain_name; - CGatewayID = $logicalNetwork.cgw_id; - CGateway = $logicalNetwork.cgw_name; - } - $results+=$tmp - } - $results -} -Function Remove-VMCLogicalNetwork { - <# - .NOTES - =========================================================================== - Created by: Kyle Ruddy - Date: 03/06/2018 - Organization: VMware - Blog: https://thatcouldbeaproblem.com - Twitter: @kmruddy - =========================================================================== - - .SYNOPSIS - Removes Logical Network given ID - .DESCRIPTION - Removes Logical Network given ID - .EXAMPLE - Remove-VMCLogicalNetwork -OrgName -SDDCName -LogicalNetworkName - #> - [cmdletbinding(SupportsShouldProcess = $true,ConfirmImpact='High')] - param( - [Parameter(Mandatory=$true)][String]$SDDCName, - [Parameter(Mandatory=$true)][String]$OrgName, - [Parameter(Mandatory=$true)][String]$LogicalNetworkName - ) - - if (-not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; break } - - $orgId = (Get-VMCOrg -Name $OrgName).Id - $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id - $lsId = (Get-VMCLogicalNetwork -OrgName $OrgName -SDDCName $SDDCName -LogicalNetworkName $LogicalNetworkName).Id - - if(-not $orgId) { - Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" - break - } - if(-not $sddcId) { - Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" - break - } - if(-not $lsId) { - Write-Host -ForegroundColor red "Unable to find SDDC $LogicalNetworkName, please verify input" - break - } - - $logicalNetworkService = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.logical - $logicalNetworkService.delete($orgId,$sddcId,$lsId) -} -Function New-VMCLogicalNetwork { -<# - .NOTES - =========================================================================== - Created by: Kyle Ruddy - Date: 03/06/2018 - Organization: VMware - Blog: https://thatcouldbeaproblem.com - Twitter: @kmruddy - =========================================================================== - - .SYNOPSIS - Creates a new Logical Network - .DESCRIPTION - Creates a new Logical Network - .EXAMPLE - New-VMCLogicalNetwork -OrgName -SDDCName -LogicalNetworkName -SubnetMask -Gateway -#> - [cmdletbinding(SupportsShouldProcess = $true,ConfirmImpact='High')] - param( - [Parameter(Mandatory=$true)][String]$SDDCName, - [Parameter(Mandatory=$true)][String]$OrgName, - [Parameter(Mandatory=$true)][String]$LogicalNetworkName, - [Parameter(Mandatory=$true)][String]$SubnetMask, - [Parameter(Mandatory=$true)][String]$Gateway - ) - - if (-not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; break } - - $orgId = (Get-VMCOrg -Name $OrgName).Id - $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id - - if(-not $orgId) { - Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" - break - } - if(-not $sddcId) { - Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" - break - } - - $logicalNetworkService = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.logical - $logicalNetworkSpec = $logicalNetworkService.Help.create.sddc_network.Create() - $logicalNetworkSpec.name = $LogicalNetworkName - $logicalNetworkSpec.cgw_id = "edge-2" - $logicalNetworkSpec.cgw_name = "SDDC-CGW-1" - $logicalNetworkAddressGroupSpec = $logicalNetworkService.Help.create.sddc_network.subnets.address_groups.Element.Create() - $logicalNetworkAddressGroupSpec.prefix_length = $SubnetMask - $logicalNetworkAddressGroupSpec.primary_address = $Gateway - - $logicalNetworkSpec.subnets.address_groups.Add($logicalNetworkAddressGroupSpec) | Out-Null - $logicalNetworkService.create($orgId, $sddcId, $logicalNetworkSpec) - Get-VMCLogicalNetwork -OrgName $OrgName -SDDCName $SDDCName -LogicalNetworkName $LogicalNetworkName -} -Function Get-VMCSDDCSummary { - <# - .NOTES - =========================================================================== - Created by: VMware - Date: 09/04/18 - Organization: VMware - Blog: https://www.virtuallyghetto.com - Twitter: @lamw - =========================================================================== - - .SYNOPSIS - Returns a number of useful informational data about a given SDDC within VMC Org - .DESCRIPTION - Returns Version, Create/Expiration Date, Deployment Type, Region, AZ, Instance Type, VPC CIDR & NSX-T - .EXAMPLE - Get-VMCSDDCSummary -Name -Org - #> - Param ( - [Parameter(Mandatory=$True)]$OrgName, - [Parameter(Mandatory=$True)]$SDDCName - ) - - If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { - $orgId = (Get-VMCOrg -Name $Org).Id - $sddcId = (Get-VMCSDDC -Name $Name -Org $Org).Id - - $sddcService = Get-VmcService "com.vmware.vmc.orgs.sddcs" - $sddc = $sddcService.get($orgId,$sddcId) - - $results = [pscustomobject] @{ - Version = $sddc.resource_config.sddc_manifest.vmc_version; - CreateDate = $sddc.created; - ExpirationDate = $sddc.expiration_date; - DeploymentType = $sddc.resource_config.deployment_type; - Region = $sddc.resource_config.region; - AvailabilityZone = $sddc.resource_config.availability_zones; - InstanceType = $sddc.resource_config.sddc_manifest.esx_ami.instance_type; - VpcCIDR = $sddc.resource_config.vpc_info.vpc_cidr; - NSXT = $sddc.resource_config.nsxt; - } - $results - } -} -Function Get-VMCPublicIP { - <# - .NOTES - =========================================================================== - Created by: William Lam - Date: 09/12/2018 - Organization: VMware - Blog: http://www.virtuallyghetto.com - Twitter: @lamw - =========================================================================== - - .SYNOPSIS - Retrieves all public IP Addresses for a given SDDC - .DESCRIPTION - This cmdlet retrieves all public IP Address for a given SDDC - .EXAMPLE - Get-VMCPublicIP -OrgName $OrgName -SDDCName $SDDCName - #> - Param ( - [Parameter(Mandatory=$True)]$OrgName, - [Parameter(Mandatory=$True)]$SDDCName - ) - - If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { - $orgId = (Get-VMCOrg -Name $OrgName).Id - $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id - - $publicIPService = Get-VmcService "com.vmware.vmc.orgs.sddcs.publicips" - $publicIPs = $publicIPService.list($orgId,$sddcId) - - $publicIPs | select public_ip, name, allocation_id - } - } -Function New-VMCPublicIP { -<# - .NOTES - =========================================================================== - Created by: William Lam - Date: 09/12/2018 - Organization: VMware - Blog: http://www.virtuallyghetto.com - Twitter: @lamw - =========================================================================== - - .SYNOPSIS - Request a new public IP Address for a given SDDC - .DESCRIPTION - This cmdlet requests a new public IP Address for a given SDDC - .EXAMPLE - New-VMCPublicIP -OrgName $OrgName -SDDCName $SDDCName -Description "Test for Randy" -#> - Param ( - [Parameter(Mandatory=$True)]$OrgName, - [Parameter(Mandatory=$True)]$SDDCName, - [Parameter(Mandatory=$False)]$Description - ) - - If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { - $orgId = (Get-VMCOrg -Name $OrgName).Id - $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id - - $publicIPService = Get-VmcService "com.vmware.vmc.orgs.sddcs.publicips" - - $publicIPSpec = $publicIPService.Help.create.spec.Create() - $publicIPSpec.count = 1 - $publicIPSpec.names = @($Description) - - Write-Host "Requesting a new public IP Address for your SDDC ..." - $results = $publicIPService.create($orgId,$sddcId,$publicIPSpec) - } -} -Function Remove-VMCPublicIP { -<# - .NOTES - =========================================================================== - Created by: William Lam - Date: 09/12/2018 - Organization: VMware - Blog: http://www.virtuallyghetto.com - Twitter: @lamw - =========================================================================== - - .SYNOPSIS - Removes a specific public IP Addresses for a given SDDC - .DESCRIPTION - This cmdlet removes a specific public IP Address for a given SDDC - .EXAMPLE - Remove-VMCPublicIP -OrgName $OrgName -SDDCName $SDDCName -AllocationId "eipalloc-0567acf34e436c01f" -#> - Param ( - [Parameter(Mandatory=$True)]$OrgName, - [Parameter(Mandatory=$True)]$SDDCName, - [Parameter(Mandatory=$True)]$AllocationId - ) - - If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { - $orgId = (Get-VMCOrg -Name $OrgName).Id - $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id - - $publicIPService = Get-VmcService "com.vmware.vmc.orgs.sddcs.publicips" - - Write-Host "Deleting public IP Address with ID $AllocationId ..." - $results = $publicIPService.delete($orgId,$sddcId,$AllocationId) - } -} -Function Get-VMCEdge { -<# -.NOTES -=========================================================================== -Created by: Luc Dekens -Date: 23/10/2018 -Organization: Community -Blog: http://lucd.info -Twitter: @LucD22 -=========================================================================== - -.SYNOPSIS - Returns all the VMC Edges -.DESCRIPTION - Returns all the VMC Edges -.EXAMPLE - Get-VMCEdge -OrgName $orgName -SddcName $SDDCName -EdgeType gatewayServices -#> - Param ( - [Parameter(Mandatory=$True)] - [string]$OrgName, - [Parameter(Mandatory=$True)] - [string]$SDDCName, - [ValidateSet('gatewayServices','distributedRouter')] - [string]$EdgeType = '' - ) - - If (-Not $global:DefaultVMCServers) { - Write-error "No VMC Connection found, please use the Connect-VMC to connect" - } - Else { - $orgId = (Get-VMCOrg -Name $OrgName).Id - $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id - - $edgeService = Get-VmcService -Name 'com.vmware.vmc.orgs.sddcs.networks.edges' - $index = [long]0 - $edges = do{ - $edgeData = $edgeService.get($orgId,$sddcId,$EdgeType,'',$index) - $edgeData.edge_page.data | Sort-Object -Property id - $index = $index + $edgeData.edge_page.paging_info.page_size - } - until($index -ge $edgeData.paging_info.total_count) - $edges | %{ - [pscustomobject]@{ - Name = $_.Name - Id = $_.id - Type = $_.edge_type - State = $_.state - Status = $_.edge_status - VNics = $_.number_of_connected_vnics - TenantId = $_.tenant_id - } - } - } -} -Function Get-VMCEdgeStatus { -<# -.NOTES -=========================================================================== -Created by: Luc Dekens -Date: 23/10/2018 -Organization: Community -Blog: http://lucd.info -Twitter: @LucD22 -=========================================================================== - -.SYNOPSIS - Returns the status of the gateway -.DESCRIPTION - Retrieve the status of the specified management or compute gateway (NSX Edge). -.EXAMPLE - Get-VMCEdgeStatus -OrgName $orgName -SddcName $SDDCName -Edge $EdgeName -#> - Param ( - [Parameter(Mandatory=$True)] - [string]$OrgName, - [Parameter(Mandatory=$True)] - [string]$SDDCName, - [Parameter(Mandatory=$True)] - [string]$EdgeName - ) - - If (-Not $global:DefaultVMCServers) { - Write-error "No VMC Connection found, please use the Connect-VMC to connect" - } - Else { - $orgId = (Get-VMCOrg -Name $OrgName).Id - $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id - $edgeId = Get-VMCEdge -SDDCName $SDDCName -Org $OrgName | where{$_.Name -eq $EdgeName} | select -ExpandProperty Id - - $statusService = Get-VmcService -Name 'com.vmware.vmc.orgs.sddcs.networks.edges.status' - $status = $statusService.get($orgId,$sddcId,$edgeId) - - $vmStatus = $status.edge_vm_status | %{ - [pscustomobject]@{ - Name = $_.name - State = $_.edge_VM_status - HAState = $_.ha_state - Index = $_.index - } - } - $featureStatus = $status.feature_statuses | %{ - [pscustomobject]@{ - Service = $_.service - Status = $_.status - } - } - [pscustomobject]@{ - Time = [timezone]::CurrentTimeZone.ToLocalTime(([datetime]'1/1/1970').AddSeconds($status.timestamp/1000)) - Status = $status.edge_status - PublishStatus = $status.publish_status - SystemStatus = $_.system_status - NicInUse = $status.ha_vnic_in_use - } - } -} -Function Get-VMCEdgeNic { -<# -.NOTES -=========================================================================== -Created by: Luc Dekens -Date: 23/10/2018 -Organization: Community -Blog: http://lucd.info -Twitter: @LucD22 -=========================================================================== - -.SYNOPSIS - Returns all interfaces for the gateway -.DESCRIPTION - Retrieve all interfaces for the specified management or compute gateway (NSX Edge). -.EXAMPLE - Get-VMCEdgeNic -OrgName $orgName -SddcName $SDDCName -Edge $EdgeName -#> - Param ( - [Parameter(Mandatory=$True)] - [string]$OrgName, - [Parameter(Mandatory=$True)] - [string]$SDDCName, - [Parameter(Mandatory=$True)] - [string]$EdgeName - ) - - If (-Not $global:DefaultVMCServers) { - Write-error "No VMC Connection found, please use the Connect-VMC to connect" - } - Else { - $orgId = (Get-VMCOrg -Name $OrgName).Id - $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id - $edgeId = Get-VMCEdge -SDDCName $SDDCName -Org $OrgName | where{$_.Name -eq $EdgeName} | select -ExpandProperty Id - - $vnicService = Get-VmcService -Name 'com.vmware.vmc.orgs.sddcs.networks.edges.vnics' - $vnicService.get($orgId,$sddcId,$edgeId) | select -ExpandProperty vnics | %{ - [pscustomobject]@{ - Label = $_.label - Name = $_.Name - Type = $_.type - Index = $_.index - IsConnected = $_.is_connected - Portgroup = $_.portgroup_name - } - } - } -} -Function Get-VMCEdgeNicStat { -<# -.NOTES -=========================================================================== -Created by: Luc Dekens -Date: 23/10/2018 -Organization: Community -Blog: http://lucd.info -Twitter: @LucD22 -=========================================================================== - -.SYNOPSIS - Returns statistics for the gateway interfaces -.DESCRIPTION - Retrieve interface statistics for a management or compute gateway (NSX Edge). -.EXAMPLE - Get-VMCEdgeNicStat -OrgName $orgName -SddcName $SDDCName -Edge $EdgeName -#> - [CmdletBinding(DefaultParameterSetName='Default')] - Param ( - [Parameter(Mandatory=$True)] - [string]$OrgName, - [Parameter(Mandatory=$True)] - [string]$SDDCName, - [Parameter(Mandatory=$True)] - [string]$EdgeName -# [DateTime]$Start, -# [DateTime]$Finish - ) - - If (-Not $global:DefaultVMCServers) { - Write-error "No VMC Connection found, please use the Connect-VMC to connect" - } - Else { - $orgId = (Get-VMCOrg -Name $OrgName).Id - $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id - $edgeId = Get-VMCEdge -SDDCName $SDDCName -Org $OrgName | where{$_.Name -eq $EdgeName} | select -ExpandProperty Id - -# $epoch = Get-Date 01/01/1970 -# -# if($start){ -# $startEpoch = (New-TimeSpan -Start $epoch -End $Start.ToUniversalTime()).TotalMilliseconds -# } -# if($Finish){ -# $finishEpoch = (New-TimeSpan -Start $epoch -End $Finish.ToUniversalTime()).TotalMilliseconds -# } - - $vnicStatService = Get-VmcService -Name 'com.vmware.vmc.orgs.sddcs.networks.edges.statistics.interfaces' -# $stats = $vnicStatService.get($orgId,$sddcId,$edgeId,[long]$startEpoch,[long]$finishEpoch) - $stats = $vnicStatService.get($orgId,$sddcId,$edgeId) - - $stats.data_dto | Get-Member -MemberType NoteProperty | where{$_.Name -ne 'Help'} | %{$_.Name} | %{ - $stats.data_dto."$_" | %{ - [pscustomobject]@{ - vNIC = $_.vnic - Timestamp = [timezone]::CurrentTimeZone.ToLocalTime(([datetime]'1/1/1970').AddSeconds($_.timestamp)) - In = $_.in - Out = $_.out - Unit = 'Kbps' - Interval = $stats.meta_dto.interval - } - } - } - } -} -Function Get-VMCEdgeUplinkStat { -<# -.NOTES -=========================================================================== -Created by: Luc Dekens -Date: 23/10/2018 -Organization: Community -Blog: http://lucd.info -Twitter: @LucD22 -=========================================================================== - -.SYNOPSIS - Returns statistics for the uplink interfaces -.DESCRIPTION - Retrieve uplink interface statistics for a management or compute gateway (NSX Edge). -.EXAMPLE - Get-VMCEdgeUplinkStat -OrgName $orgName -SddcName $SDDCName -Edge $EdgeName -#> - Param ( - [Parameter(Mandatory=$True)] - [string]$OrgName, - [Parameter(Mandatory=$True)] - [string]$SDDCName, - [Parameter(Mandatory=$True)] - [string]$EdgeName -# [DateTime]$Start, -# [DateTime]$Finish - ) - - If (-Not $global:DefaultVMCServers) { - Write-error "No VMC Connection found, please use the Connect-VMC to connect" - } - Else { - $orgId = (Get-VMCOrg -Name $OrgName).Id - $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id - $edgeId = Get-VMCEdge -SDDCName $SDDCName -Org $OrgName | where{$_.Name -eq $EdgeName} | select -ExpandProperty Id - -# $epoch = Get-Date 01/01/1970 -# -# if($start){ -# $startEpoch = (New-TimeSpan -Start $epoch -End $Start.ToUniversalTime()).TotalMilliseconds -# } -# if($Finish){ -# $finishEpoch = (New-TimeSpan -Start $epoch -End $Finish.ToUniversalTime()).TotalMilliseconds -# } - - $uplinkStatService = Get-VmcService -Name 'com.vmware.vmc.orgs.sddcs.networks.edges.statistics.interfaces.uplink' -# $stats = $uplinkStatService.get($orgId,$sddcId,$edgeId,[long]$startEpoch,[long]$finishEpoch) - $stats = $uplinkStatService.get($orgId,$sddcId,$edgeId) - - $stats.data_dto | Get-Member -MemberType NoteProperty | where{$_.Name -ne 'Help'} | %{$_.Name} | %{ - if($stats.data_dto."$_".Count -ne 0){ - $stats.data_dto."$_" | %{ - [pscustomobject]@{ - vNIC = $_.vnic - Timestamp = [timezone]::CurrentTimeZone.ToLocalTime(([datetime]'1/1/1970').AddSeconds($_.timestamp)) - In = $_.in - Out = $_.out - Unit = 'Kbps' - Interval = $stats.meta_dto.interval - } - } - } - } - } -} - -Export-ModuleMember -Function 'Get-VMCCommand', 'Connect-VMCVIServer', 'Get-VMCOrg', 'Get-VMCSDDC', - 'Get-VMCTask', 'Get-VMCSDDCDefaultCredential', 'Get-VMCSDDCPublicIP', 'Get-VMCVMHost', - 'Get-VMCSDDCVersion', 'Get-VMCFirewallRule', 'Export-VMCFirewallRule', 'Import-VMCFirewallRule', - 'Remove-VMCFirewallRule', 'Get-VMCLogicalNetwork', 'Remove-VMCLogicalNetwork', 'New-VMCLogicalNetwork', - 'Get-VMCSDDCSummary', 'Get-VMCPublicIP', 'New-VMCPublicIP', 'Remove-VMCPublicIP', - 'Get-VMCEdge', 'Get-VMCEdgeNic', 'Get-VMCEdgeStatus', 'Get-VMCEdgeNicStat', 'Get-VMCEdgeUplinkStat' +Function Get-VMCCommand { +<# + .NOTES + =========================================================================== + Created by: VMware + Date: 11/17/2017 + Organization: VMware + Blog: http://vmware.com/go/powercli + Twitter: @powercli + =========================================================================== + + .SYNOPSIS + Returns all cmdlets for VMware Cloud on AWS + .DESCRIPTION + This cmdlet will allow you to return all cmdlets included in the VMC module + .EXAMPLE + Get-VMCCommand + .EXAMPLE + Get-Command -Module VMware.VMC + .NOTES + You can either use this cmdlet or the Get-Command cmdlet as seen in Example 2 +#> + Get-command -Module VMware.VimAutomation.Vmc + Get-Command -Module VMware.VMC + +} +Function Connect-VMCVIServer { +<# + .NOTES + =========================================================================== + Created by: VMware + Date: 11/17/2017 + Organization: VMware + Blog: http://vmware.com/go/powercli + Twitter: @powercli + =========================================================================== + + .SYNOPSIS + Cmdlet to connect to your VMC vCenter Server + .DESCRIPTION + This will connect you to both the VMC ViServer as well as the CiSServer at the same time. + .EXAMPLE + Connect-VMCVIServer -Server -User -Password + .NOTES + Easiest way is to pipe through your credentials from Get-VMCSDDCDefaultCredential +#> + Param ( + [Parameter(Mandatory=$true)]$Org, + [Parameter(Mandatory=$true)]$Sddc, + [switch]$Autologin + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + $creds = Get-VMCSDDCDefaultCredential -Org $Org -Sddc $Sddc + Write-Host "Connecting to VMC vCenter Server" $creds.vc_public_ip + Connect-VIServer -Server $creds.vc_public_ip -User $creds.cloud_username -Password $creds.cloud_password | Add-Member -MemberType Noteproperty -Name Location -Value "VMC" + Write-Host "Connecting to VMC CIS Endpoint" $creds.vc_public_ip + Connect-CisServer -Server $creds.vc_public_ip -User $creds.cloud_username -Password $creds.cloud_password | Add-Member -MemberType Noteproperty -Name Location -Value "VMC" + } +} +Function Get-VMCOrg { +<# + .NOTES + =========================================================================== + Created by: VMware + Date: 11/17/2017 + Organization: VMware + Blog: http://vmware.com/go/powercli + Twitter: @powercli + =========================================================================== + + .SYNOPSIS + Return the Orgs that you are a part of + .DESCRIPTION + Depending on what you've purchased, you may be a part of one or more VMC Orgs. This will return your orgs + .EXAMPLE + Get-VMCOrg + .EXAMPLE + Get-VMCOrg -Name + .NOTES + Return all the info about the orgs you are a part of +#> + Param ( + [Parameter(Mandatory=$false)]$Name + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use Connect-VMC to connect" } Else { + $orgService = Get-VMCService com.vmware.vmc.orgs + if ($PSBoundParameters.ContainsKey("Name")){ + $orgs = $orgService.list() | Where {$_.display_name -match $Name} + } Else { + $orgs = $orgService.list() + } + $Orgs | Select display_name, name, user_name, created, id + } +} +Function Get-VMCSDDC { +<# + .NOTES + =========================================================================== + Created by: VMware + Date: 11/17/2017 + Organization: VMware + Blog: http://vmware.com/go/powercli + Twitter: @powercli + =========================================================================== + + .SYNOPSIS + Returns all of the SDDCs you are associated to + .DESCRIPTION + Returns all of the SDDCs ayou are associated to + .EXAMPLE + Get-VMCSDDC -Org + .EXAMPLE + Get-VMCSDDC -Name -Org +#> + Param ( + [Parameter(Mandatory=$True)]$Org, + [Parameter(Mandatory=$false)]$Name + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + if ($PSBoundParameters.ContainsKey("Org")){ + $orgs = Get-VMCOrg -Name $Org + } else { + $orgs = Get-VMCOrg + } + + foreach ($org in $orgs) { + $orgID = $org.ID + $sddcService = Get-VMCService com.vmware.vmc.orgs.sddcs + if ($PSBoundParameters.ContainsKey("Name")){ + $sddcService.list($OrgID) | Where {$_.name -match $Name} + } Else { + $sddcService.list($OrgID) + } + } + } +} +Function Get-VMCTask { +<# + .NOTES + =========================================================================== + Created by: VMware + Date: 11/17/2017 + Organization: VMware + Blog: http://vmware.com/go/powercli + Twitter: @powercli + =========================================================================== + + .SYNOPSIS + Returns all of the VMC Tasks + .DESCRIPTION + Returns all of the VMC Tasks that have either occurred or are in process + .EXAMPLE + Get-VMCTask +#> + Param ( + [Parameter(Mandatory=$True)]$Org + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + if ($PSBoundParameters.ContainsKey("Org")){ + $orgs = Get-VMCOrg -Name $Org + } else { + $orgs = Get-VMCOrg + } + + foreach ($org in $orgs) { + $orgID = $org.ID + $taskService = Get-VMCService com.vmware.vmc.orgs.tasks + $taskService.list($OrgID) | Select * -ExcludeProperty Help + } + } +} +Function Get-VMCSDDCDefaultCredential { +<# + .NOTES + =========================================================================== + Created by: VMware + Date: 11/17/2017 + Organization: VMware + Blog: http://vmware.com/go/powercli + Twitter: @powercli + =========================================================================== + + .SYNOPSIS + Returns the default credential for the SDDC + .DESCRIPTION + Returns the default credential for the sddc + .EXAMPLE + Get-VMCSDDCDefaultCredential -Org + .EXAMPLE + Get-VMCSDDCDefaultCredential -Sddc -Org +#> + Param ( + [Parameter(Mandatory=$true)]$Org, + [Parameter(Mandatory=$false)]$Sddc + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + if ($PSBoundParameters.ContainsKey("Sddc")){ + $sddcs = Get-VMCSDDC -Name $Sddc -Org $Org + } else { + $sddcs = Get-VMCSDDC -Org $Org + } + + foreach ($sddc in $sddcs) { + $sddc.resource_config | Select-object vc_url, vc_management_ip, vc_public_ip, cloud_username, cloud_password + } + } +} +Function Get-VMCSDDCPublicIP { +<# + .NOTES + =========================================================================== + Created by: VMware + Date: 11/17/2017 + Organization: VMware + Blog: http://vmware.com/go/powercli + Twitter: @powercli + =========================================================================== + + .SYNOPSIS + Returns your Public IPs + .DESCRIPTION + Returns your Public IPs + .EXAMPLE + Get-VMCSDDCPublicIP -Org + .EXAMPLE + Get-VMCSDDCPublicIP -Sddc -Org + .NOTES + Return your Public IPs that you have assigned to your account +#> + Param ( + [Parameter(Mandatory=$true)]$Org, + [Parameter(Mandatory=$false)]$Sddc + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + if ($PSBoundParameters.ContainsKey("Sddc")){ + $sddcs = Get-VMCSDDC -Name $Sddc -Org $Org + } else { + $sddcs = Get-VMCSDDC -Org $Org + } + + foreach ($sddc in $sddcs) { + $sddc.resource_config.Public_ip_pool + } + } +} +Function Get-VMCVMHost { + Param ( + [Parameter(Mandatory=$false)]$Sddc, + [Parameter(Mandatory=$true)]$Org + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + if ($PSBoundParameters.ContainsKey("Sddc")){ + $sddcs = Get-VMCSDDC -Name $Sddc -Org $Org + } else { + $sddcs = Get-VMCSDDC -Org $Org + } + + $results = @() + foreach ($sddc in $sddcs) { + foreach ($vmhost in $sddc.resource_config.esx_hosts) { + $tmp = [pscustomobject] @{ + esx_id = $vmhost.esx_id; + name = $vmhost.name; + hostname = $vmhost.hostname; + esx_state = $vmhost.esx_state; + sddc_id = $sddc.id; + org_id = $sddc.org_id; + } + $results += $tmp + } + $results + } + } +} +Function Get-VMCSDDCVersion { +<# + .NOTES + =========================================================================== + Created by: VMware + Date: 11/17/2017 + Organization: VMware + Blog: http://vmware.com/go/powercli + Twitter: @powercli + =========================================================================== + + .SYNOPSIS + Returns SDDC Version + .DESCRIPTION + Returns Version of the SDDC + .EXAMPLE + Get-VMCSDDCVersion -Name -Org +#> + Param ( + [Parameter(Mandatory=$True)]$Org, + [Parameter(Mandatory=$false)]$Name + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + if ($PSBoundParameters.ContainsKey("Org")){ + $orgs = Get-VMCOrg -Name $Org + } else { + $orgs = Get-VMCOrg + } + + foreach ($org in $orgs) { + $orgID = $org.ID + $sddcService = Get-VMCService com.vmware.vmc.orgs.sddcs + if ($PSBoundParameters.ContainsKey("Name")){ + ($sddcService.list($OrgID) | Where {$_.name -match $Name}).resource_config.sddc_manifest | Select *version + } Else { + ($sddcService.list($OrgID)).resource_config.sddc_manifest | Select *version + } + } + } +} +Function Get-VMCFirewallRule { + <# + .NOTES + =========================================================================== + Created by: William Lam + Date: 11/19/2017 + Organization: VMware + Blog: https://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Retruns VMC Firewall Rules for a given Gateway (MGW or CGW) + .DESCRIPTION + Retruns VMC Firewall Rules for a given Gateway (MGW or CGW) + .EXAMPLE + Get-VMCFirewallRule -OrgName -SDDCName -GatewayType + .EXAMPLE + Get-VMCFirewallRule -OrgName -SDDCName -GatewayType -ShowAll + #> + param( + [Parameter(Mandatory=$false)][String]$SDDCName, + [Parameter(Mandatory=$false)][String]$OrgName, + [Parameter(Mandatory=$false)][Switch]$ShowAll, + [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType + ) + + if($GatewayType -eq "MGW") { + $EdgeId = "edge-1" + } else { + $EdgeId = "edge-2" + } + + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + + $firewallConfigService = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.edges.firewall.config + + $firewallRules = ($firewallConfigService.get($orgId, $sddcId, $EdgeId)).firewall_rules.firewall_rules + if(-not $ShowAll) { + $firewallRules = $firewallRules | where { $_.rule_type -ne "default_policy" -and $_.rule_type -ne "internal_high" -and $_.name -ne "vSphere Cluster HA" -and $_.name -ne "Outbound Access" } | Sort-Object -Property rule_tag + } else { + $firewallRules = $firewallRules | Sort-Object -Property rule_tag + } + + $results = @() + foreach ($firewallRule in $firewallRules) { + if($firewallRule.source.ip_address.Count -ne 0) { + $source = $firewallRule.source.ip_address + } else { $source = "ANY" } + + if($firewallRule.application.service.protocol -ne $null) { + $protocol = $firewallRule.application.service.protocol + } else { $protocol = "ANY" } + + if($firewallRule.application.service.port -ne $null) { + $port = $firewallRule.application.service.port + } else { $port = "ANY" } + + $tmp = [pscustomobject] @{ + ID = $firewallRule.rule_id; + Name = $firewallRule.name; + Type = $firewallRule.rule_type; + Action = $firewallRule.action; + Protocol = $protocol; + Port = $port; + SourceAddress = $source + DestinationAddress = $firewallRule.destination.ip_address; + } + $results+=$tmp + } + $results + } +Function Export-VMCFirewallRule { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 11/19/2017 + Organization: VMware + Blog: https://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Exports all "customer" created VMC Firewall Rules to JSON file + .DESCRIPTION + Exports all "customer" created VMC Firewall Rules to JSON file + .EXAMPLE + Export-VMCFirewallRule -OrgName -SDDCName -GatewayType -Path "C:\Users\lamw\Desktop\VMCFirewallRules.json" + #> + param( + [Parameter(Mandatory=$false)][String]$SDDCName, + [Parameter(Mandatory=$false)][String]$OrgName, + [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType, + [Parameter(Mandatory=$false)][String]$Path + ) + + if (-not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; break } + + if($GatewayType -eq "MGW") { + $EdgeId = "edge-1" + } else { + $EdgeId = "edge-2" + } + + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + + if(-not $orgId) { + Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" + break + } + if(-not $sddcId) { + Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" + break + } + + $firewallConfigService = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.edges.firewall.config + + $firewallRules = ($firewallConfigService.get($orgId, $sddcId, $EdgeId)).firewall_rules.firewall_rules + if(-not $ShowAll) { + $firewallRules = $firewallRules | where { $_.rule_type -ne "default_policy" -and $_.rule_type -ne "internal_high" -and $_.name -ne "vSphere Cluster HA" -and $_.name -ne "Outbound Access" } | Sort-Object -Property rule_tag + } else { + $firewallRules = $firewallRules | Sort-Object -Property rule_tag + } + + $results = @() + $count = 0 + foreach ($firewallRule in $firewallRules) { + if($firewallRule.source.ip_address.Count -ne 0) { + $source = $firewallRule.source.ip_address + } else { + $source = "ANY" + } + + $tmp = [pscustomobject] @{ + Name = $firewallRule.name; + Action = $firewallRule.action; + Protocol = $firewallRule.application.service.protocol; + Port = $firewallRule.application.service.port; + SourcePort = $firewallRule.application.service.source_port; + ICMPType = $firewallRule.application.service.icmp_type; + SourceAddress = $firewallRule.source.ip_address; + DestinationAddress = $firewallRule.destination.ip_address; + Enabled = $firewallRule.enabled; + Logging = $firewallRule.logging_enabled; + } + $count+=1 + $results+=$tmp + } + if($Path) { + Write-Host -ForegroundColor Green "Exporting $count VMC Firewall Rules to $Path ..." + $results | ConvertTo-Json | Out-File $Path + } else { + $results | ConvertTo-Json + } +} +Function Import-VMCFirewallRule { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 11/19/2017 + Organization: VMware + Blog: https://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Imports VMC Firewall Rules from exported JSON configuration file + .DESCRIPTION + Imports VMC Firewall Rules from exported JSON configuration file + .EXAMPLE + Import-VMCFirewallRule -OrgName -SDDCName -GatewayType -Path "C:\Users\lamw\Desktop\VMCFirewallRules.json" + #> + param( + [Parameter(Mandatory=$false)][String]$SDDCName, + [Parameter(Mandatory=$false)][String]$OrgName, + [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType, + [Parameter(Mandatory=$false)][String]$Path + ) + + if (-not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; break } + + if($GatewayType -eq "MGW") { + $EdgeId = "edge-1" + } else { + $EdgeId = "edge-2" + } + + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + + if(-not $orgId) { + Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" + break + } + if(-not $sddcId) { + Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" + break + } + + $firewallService = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.edges.firewall.config.rules + + $vmcFirewallRulesJSON = Get-Content -Raw $Path | ConvertFrom-Json + + # Create top level Firewall Rules Object + $firewallRules = $firewallService.Help.add.firewall_rules.Create() + # Create top top level Firewall Rule Spec which will be an array of individual Firewall rules as we process them in next section + $ruleSpec = $firewallService.Help.add.firewall_rules.firewall_rules.Create() + + foreach ($vmcFirewallRule in $vmcFirewallRulesJSON) { + # Create Individual Firewall Rule Element Spec + $ruleElementSpec = $firewallService.Help.add.firewall_rules.firewall_rules.Element.Create() + + # AppSpec + $appSpec = $firewallService.Help.add.firewall_rules.firewall_rules.Element.application.Create() + # ServiceSpec + $serviceSpec = $firewallService.Help.add.firewall_rules.firewall_rules.Element.application.service.Element.Create() + + $protocol = $null + if($vmcFirewallRule.Protocol -ne $null) { + $protocol = $vmcFirewallRule.Protocol + } + $serviceSpec.protocol = $protocol + + # Process ICMP Type from JSON + $icmpType = $null + if($vmcFirewallRule.ICMPType -ne $null) { + $icmpType = $vmcFirewallRule.ICMPType + } + $serviceSpec.icmp_type = $icmpType + + # Process Source Ports from JSON + $sourcePorts = @() + if($vmcFirewallRule.SourcePort -eq "any" -or $vmcFirewallRule.SourcePort -ne $null) { + foreach ($port in $vmcFirewallRule.SourcePort) { + $sourcePorts+=$port + } + } else { + $sourcePorts = @("any") + } + $serviceSpec.source_port = $sourcePorts + + # Process Ports from JSON + $ports = @() + if($vmcFirewallRule.Port -ne "null") { + foreach ($port in $vmcFirewallRule.Port) { + $ports+=$port + } + } + $serviceSpec.port = $ports + $addSpec = $appSpec.service.Add($serviceSpec) + + # Create Source Spec + $srcSpec = $firewallService.Help.add.firewall_rules.firewall_rules.Element.source.Create() + $srcSpec.exclude = $false + # Process Source Address from JSON + $sourceAddess = @() + if($vmcFirewallRule.SourceAddress -ne "null") { + foreach ($address in $vmcFirewallRule.SourceAddress) { + $sourceAddess+=$address + } + } + $srcSpec.ip_address = $sourceAddess; + + # Create Destination Spec + $destSpec = $firewallService.Help.add.firewall_rules.firewall_rules.Element.destination.Create() + $destSpec.exclude = $false + # Process Destination Address from JSON + $destinationAddess = @() + if($vmcFirewallRule.DestinationAddress -ne "null") { + foreach ($address in $vmcFirewallRule.DestinationAddress) { + $destinationAddess+=$address + } + } + $destSpec.ip_address = $destinationAddess + + # Add various specs + if($vmcFirewallRule.Protocol -ne $null -and $vmcFirewallRule.port -ne $null) { + $ruleElementSpec.application = $appSpec + } + + $ruleElementSpec.source = $srcSpec + $ruleElementSpec.destination = $destSpec + $ruleElementSpec.rule_type = "user" + + # Process Enabled from JSON + $fwEnabled = $false + if($vmcFirewallRule.Enabled -eq "true") { + $fwEnabled = $true + } + $ruleElementSpec.enabled = $fwEnabled + + # Process Logging from JSON + $loggingEnabled = $false + if($vmcFirewallRule.Logging -eq "true") { + $loggingEnabled = $true + } + $ruleElementSpec.logging_enabled = $loggingEnabled + + $ruleElementSpec.action = $vmcFirewallRule.Action + $ruleElementSpec.name = $vmcFirewallRule.Name + + # Add the individual FW rule spec into our overall firewall rules array + Write-host "Creating VMC Firewall Rule Spec:" $vmcFirewallRule.Name "..." + $ruleSpecAdd = $ruleSpec.Add($ruleElementSpec) + } + $firewallRules.firewall_rules = $ruleSpec + + Write-host "Adding VMC Firewall Rules ..." + $firewallRuleAdd = $firewallService.add($orgId,$sddcId,$EdgeId,$firewallRules) +} +Function Remove-VMCFirewallRule { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 11/19/2017 + Organization: VMware + Blog: https://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Removes VMC Firewall Rule given Rule Id + .DESCRIPTION + Removes VMC Firewall Rule given Rule Id + .EXAMPLE + Remove-VMCFirewallRule -OrgName -SDDCName -GatewayType -RuleId + #> + param( + [Parameter(Mandatory=$false)][String]$SDDCName, + [Parameter(Mandatory=$false)][String]$OrgName, + [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType, + [Parameter(Mandatory=$false)][String]$RuleId + ) + + if (-not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; break } + + if($GatewayType -eq "MGW") { + $EdgeId = "edge-1" + } else { + $EdgeId = "edge-2" + } + + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + + if(-not $orgId) { + Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" + break + } + if(-not $sddcId) { + Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" + break + } + + $firewallService = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.edges.firewall.config.rules + Write-Host "Removing VMC Firewall Rule Id $RuleId ..." + $firewallService.delete($orgId,$sddcId,$EdgeId,$RuleId) +} +Function Get-VMCLogicalNetwork { + <# + .NOTES + =========================================================================== + Created by: Kyle Ruddy + Date: 03/06/2018 + Organization: VMware + Blog: https://thatcouldbeaproblem.com + Twitter: @kmruddy + =========================================================================== + + .SYNOPSIS + Retruns VMC Logical Networks for a given SDDC + .DESCRIPTION + Retruns VMC Logical Networks for a given SDDC + .EXAMPLE + Get-VMCLogicalNetwork -OrgName -SDDCName + .EXAMPLE + Get-VMCLogicalNetwork -OrgName -SDDCName -LogicalNetworkName + #> + param( + [Parameter(Mandatory=$true)][String]$SDDCName, + [Parameter(Mandatory=$true)][String]$OrgName, + [Parameter(Mandatory=$false)][String]$LogicalNetworkName + + ) + + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + + if(-not $orgId) { + Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" + break + } + if(-not $sddcId) { + Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" + break + } + + # @LucD22 - 21/10/18 - Fix for issue #176 VMware.VMC module only lists firts 20 Logical networks + # Loop until entries (total_count) are returned + + $index = [long]0 + + $logicalNetworks = do{ + $netData = $logicalNetworkService.get_0($orgId,$sddcId,$pagesize,$index) + $netData.data | Sort-Object -Property id + $index = $index + $netdata.paging_info.page_size + } + until($index -ge $netData.paging_info.total_count) + + if($LogicalNetworkName) { + $logicalNetworks = $logicalNetworks | Where-Object {$_.Name -eq $LogicalNetworkName} + } + + $results = @() + foreach ($logicalNetwork in $logicalNetworks) { + $tmp = [pscustomobject] @{ + ID = $logicalNetwork.id; + Name = $logicalNetwork.name; + SubnetMask = $logicalNetwork.subnets.address_groups.prefix_length; + Gateway = $logicalNetwork.subnets.address_groups.primary_address; + DHCPipRange = $logicalNetwork.dhcp_configs.ip_pools.ip_range; + DHCPdomain = $logicalNetwork.dhcp_configs.ip_pools.domain_name; + CGatewayID = $logicalNetwork.cgw_id; + CGateway = $logicalNetwork.cgw_name; + } + $results+=$tmp + } + $results +} +Function Remove-VMCLogicalNetwork { + <# + .NOTES + =========================================================================== + Created by: Kyle Ruddy + Date: 03/06/2018 + Organization: VMware + Blog: https://thatcouldbeaproblem.com + Twitter: @kmruddy + =========================================================================== + + .SYNOPSIS + Removes Logical Network given ID + .DESCRIPTION + Removes Logical Network given ID + .EXAMPLE + Remove-VMCLogicalNetwork -OrgName -SDDCName -LogicalNetworkName + #> + [cmdletbinding(SupportsShouldProcess = $true,ConfirmImpact='High')] + param( + [Parameter(Mandatory=$true)][String]$SDDCName, + [Parameter(Mandatory=$true)][String]$OrgName, + [Parameter(Mandatory=$true)][String]$LogicalNetworkName + ) + + if (-not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; break } + + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + $lsId = (Get-VMCLogicalNetwork -OrgName $OrgName -SDDCName $SDDCName -LogicalNetworkName $LogicalNetworkName).Id + + if(-not $orgId) { + Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" + break + } + if(-not $sddcId) { + Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" + break + } + if(-not $lsId) { + Write-Host -ForegroundColor red "Unable to find SDDC $LogicalNetworkName, please verify input" + break + } + + $logicalNetworkService = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.logical + $logicalNetworkService.delete($orgId,$sddcId,$lsId) +} +Function New-VMCLogicalNetwork { +<# + .NOTES + =========================================================================== + Created by: Kyle Ruddy + Date: 03/06/2018 + Organization: VMware + Blog: https://thatcouldbeaproblem.com + Twitter: @kmruddy + =========================================================================== + + .SYNOPSIS + Creates a new Logical Network + .DESCRIPTION + Creates a new Logical Network + .EXAMPLE + New-VMCLogicalNetwork -OrgName -SDDCName -LogicalNetworkName -SubnetMask -Gateway +#> + [cmdletbinding(SupportsShouldProcess = $true,ConfirmImpact='High')] + param( + [Parameter(Mandatory=$true)][String]$SDDCName, + [Parameter(Mandatory=$true)][String]$OrgName, + [Parameter(Mandatory=$true)][String]$LogicalNetworkName, + [Parameter(Mandatory=$true)][String]$SubnetMask, + [Parameter(Mandatory=$true)][String]$Gateway + ) + + if (-not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; break } + + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + + if(-not $orgId) { + Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" + break + } + if(-not $sddcId) { + Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" + break + } + + $logicalNetworkService = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.logical + $logicalNetworkSpec = $logicalNetworkService.Help.create.sddc_network.Create() + $logicalNetworkSpec.name = $LogicalNetworkName + $logicalNetworkSpec.cgw_id = "edge-2" + $logicalNetworkSpec.cgw_name = "SDDC-CGW-1" + $logicalNetworkAddressGroupSpec = $logicalNetworkService.Help.create.sddc_network.subnets.address_groups.Element.Create() + $logicalNetworkAddressGroupSpec.prefix_length = $SubnetMask + $logicalNetworkAddressGroupSpec.primary_address = $Gateway + + $logicalNetworkSpec.subnets.address_groups.Add($logicalNetworkAddressGroupSpec) | Out-Null + $logicalNetworkService.create($orgId, $sddcId, $logicalNetworkSpec) + Get-VMCLogicalNetwork -OrgName $OrgName -SDDCName $SDDCName -LogicalNetworkName $LogicalNetworkName +} +Function Get-VMCSDDCSummary { + <# + .NOTES + =========================================================================== + Created by: VMware + Date: 09/04/18 + Organization: VMware + Blog: https://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Returns a number of useful informational data about a given SDDC within VMC Org + .DESCRIPTION + Returns Version, Create/Expiration Date, Deployment Type, Region, AZ, Instance Type, VPC CIDR & NSX-T + .EXAMPLE + Get-VMCSDDCSummary -Name -Org + #> + Param ( + [Parameter(Mandatory=$True)]$OrgName, + [Parameter(Mandatory=$True)]$SDDCName + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + $orgId = (Get-VMCOrg -Name $Org).Id + $sddcId = (Get-VMCSDDC -Name $Name -Org $Org).Id + + $sddcService = Get-VmcService "com.vmware.vmc.orgs.sddcs" + $sddc = $sddcService.get($orgId,$sddcId) + + $results = [pscustomobject] @{ + Version = $sddc.resource_config.sddc_manifest.vmc_version; + CreateDate = $sddc.created; + ExpirationDate = $sddc.expiration_date; + DeploymentType = $sddc.resource_config.deployment_type; + Region = $sddc.resource_config.region; + AvailabilityZone = $sddc.resource_config.availability_zones; + InstanceType = $sddc.resource_config.sddc_manifest.esx_ami.instance_type; + VpcCIDR = $sddc.resource_config.vpc_info.vpc_cidr; + NSXT = $sddc.resource_config.nsxt; + } + $results + } +} +Function Get-VMCPublicIP { + <# + .NOTES + =========================================================================== + Created by: William Lam + Date: 09/12/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Retrieves all public IP Addresses for a given SDDC + .DESCRIPTION + This cmdlet retrieves all public IP Address for a given SDDC + .EXAMPLE + Get-VMCPublicIP -OrgName $OrgName -SDDCName $SDDCName + #> + Param ( + [Parameter(Mandatory=$True)]$OrgName, + [Parameter(Mandatory=$True)]$SDDCName + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + + $publicIPService = Get-VmcService "com.vmware.vmc.orgs.sddcs.publicips" + $publicIPs = $publicIPService.list($orgId,$sddcId) + + $publicIPs | select public_ip, name, allocation_id + } +} + +Function New-VMCPublicIP { + <# + .NOTES + =========================================================================== + Created by: William Lam + Date: 09/12/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Request a new public IP Address for a given SDDC + .DESCRIPTION + This cmdlet requests a new public IP Address for a given SDDC + .EXAMPLE + New-VMCPublicIP -OrgName $OrgName -SDDCName $SDDCName -Description "Test for Randy" + #> + Param ( + [Parameter(Mandatory=$True)]$OrgName, + [Parameter(Mandatory=$True)]$SDDCName, + [Parameter(Mandatory=$False)]$Description + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + + $publicIPService = Get-VmcService "com.vmware.vmc.orgs.sddcs.publicips" + + $publicIPSpec = $publicIPService.Help.create.spec.Create() + $publicIPSpec.count = 1 + $publicIPSpec.names = @($Description) + + Write-Host "Requesting a new public IP Address for your SDDC ..." + $results = $publicIPService.create($orgId,$sddcId,$publicIPSpec) + } +} + +Function Remove-VMCPublicIP { + <# + .NOTES + =========================================================================== + Created by: William Lam + Date: 09/12/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Removes a specific public IP Addresses for a given SDDC + .DESCRIPTION + This cmdlet removes a specific public IP Address for a given SDDC + .EXAMPLE + Remove-VMCPublicIP -OrgName $OrgName -SDDCName $SDDCName -AllocationId "eipalloc-0567acf34e436c01f" + #> + Param ( + [Parameter(Mandatory=$True)]$OrgName, + [Parameter(Mandatory=$True)]$SDDCName, + [Parameter(Mandatory=$True)]$AllocationId + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + + $publicIPService = Get-VmcService "com.vmware.vmc.orgs.sddcs.publicips" + + Write-Host "Deleting public IP Address with ID $AllocationId ..." + $results = $publicIPService.delete($orgId,$sddcId,$AllocationId) + } +} + +Function Set-VMCSDDC { + <# + .NOTES + =========================================================================== + Created by: William Lam + Date: 01/12/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Rename an SDDC + .DESCRIPTION + This cmdlet renames an SDDC + .EXAMPLE + Set-VMCSDDC -SDDC $SDDCName -OrgName $OrgName -Name $NewSDDCName + #> + Param ( + [Parameter(Mandatory=$True)]$SDDCName, + [Parameter(Mandatory=$True)]$OrgName, + [Parameter(Mandatory=$True)]$Name + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + $sddc = Get-VMCSDDC -Org $OrgName -Name $SDDCName + if($sddc) { + $sddcService = Get-VmcService com.vmware.vmc.orgs.sddcs + $renameSpec = $sddcService.help.patch.sddc_patch_request.Create() + $renameSpec.name = $Name + + Write-Host "`nRenaming SDDC `'$SDDCName`' to `'$Name`' ...`n" + $results = $sddcService.patch($sddc.org_id,$sddc.id,$renameSpec) + } + } +} + +Function New-VMCPublicIP { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 09/12/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Request a new public IP Address for a given SDDC + .DESCRIPTION + This cmdlet requests a new public IP Address for a given SDDC + .EXAMPLE + New-VMCPublicIP -OrgName $OrgName -SDDCName $SDDCName -Description "Test for Randy" +#> + Param ( + [Parameter(Mandatory=$True)]$OrgName, + [Parameter(Mandatory=$True)]$SDDCName, + [Parameter(Mandatory=$False)]$Description + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + + $publicIPService = Get-VmcService "com.vmware.vmc.orgs.sddcs.publicips" + + $publicIPSpec = $publicIPService.Help.create.spec.Create() + $publicIPSpec.count = 1 + $publicIPSpec.names = @($Description) + + Write-Host "Requesting a new public IP Address for your SDDC ..." + $results = $publicIPService.create($orgId,$sddcId,$publicIPSpec) + } +} + +Function Remove-VMCPublicIP { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 09/12/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Removes a specific public IP Addresses for a given SDDC + .DESCRIPTION + This cmdlet removes a specific public IP Address for a given SDDC + .EXAMPLE + Remove-VMCPublicIP -OrgName $OrgName -SDDCName $SDDCName -AllocationId "eipalloc-0567acf34e436c01f" +#> + Param ( + [Parameter(Mandatory=$True)]$OrgName, + [Parameter(Mandatory=$True)]$SDDCName, + [Parameter(Mandatory=$True)]$AllocationId + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + + $publicIPService = Get-VmcService "com.vmware.vmc.orgs.sddcs.publicips" + + Write-Host "Deleting public IP Address with ID $AllocationId ..." + $results = $publicIPService.delete($orgId,$sddcId,$AllocationId) + } +} + +Function Get-VMCEdge { +<# +.NOTES +=========================================================================== +Created by: Luc Dekens +Date: 23/10/2018 +Organization: Community +Blog: http://lucd.info +Twitter: @LucD22 +=========================================================================== + +.SYNOPSIS + Returns all the VMC Edges +.DESCRIPTION + Returns all the VMC Edges +.EXAMPLE + Get-VMCEdge -OrgName $orgName -SddcName $SDDCName -EdgeType gatewayServices +#> + Param ( + [Parameter(Mandatory=$True)] + [string]$OrgName, + [Parameter(Mandatory=$True)] + [string]$SDDCName, + [ValidateSet('gatewayServices','distributedRouter')] + [string]$EdgeType = '' + ) + + If (-Not $global:DefaultVMCServers) { + Write-error "No VMC Connection found, please use the Connect-VMC to connect" + } + Else { + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + + $edgeService = Get-VmcService -Name 'com.vmware.vmc.orgs.sddcs.networks.edges' + $index = [long]0 + $edges = do{ + $edgeData = $edgeService.get($orgId,$sddcId,$EdgeType,'',$index) + $edgeData.edge_page.data | Sort-Object -Property id + $index = $index + $edgeData.edge_page.paging_info.page_size + } + until($index -ge $edgeData.paging_info.total_count) + $edges | %{ + [pscustomobject]@{ + Name = $_.Name + Id = $_.id + Type = $_.edge_type + State = $_.state + Status = $_.edge_status + VNics = $_.number_of_connected_vnics + TenantId = $_.tenant_id + } + } + } +} + +Function Get-VMCEdgeStatus { +<# +.NOTES +=========================================================================== +Created by: Luc Dekens +Date: 23/10/2018 +Organization: Community +Blog: http://lucd.info +Twitter: @LucD22 +=========================================================================== + +.SYNOPSIS + Returns the status of the gateway +.DESCRIPTION + Retrieve the status of the specified management or compute gateway (NSX Edge). +.EXAMPLE + Get-VMCEdgeStatus -OrgName $orgName -SddcName $SDDCName -Edge $EdgeName +#> + Param ( + [Parameter(Mandatory=$True)] + [string]$OrgName, + [Parameter(Mandatory=$True)] + [string]$SDDCName, + [Parameter(Mandatory=$True)] + [string]$EdgeName + ) + + If (-Not $global:DefaultVMCServers) { + Write-error "No VMC Connection found, please use the Connect-VMC to connect" + } + Else { + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + $edgeId = Get-VMCEdge -SDDCName $SDDCName -Org $OrgName | where{$_.Name -eq $EdgeName} | select -ExpandProperty Id + + $statusService = Get-VmcService -Name 'com.vmware.vmc.orgs.sddcs.networks.edges.status' + $status = $statusService.get($orgId,$sddcId,$edgeId) + + $vmStatus = $status.edge_vm_status | %{ + [pscustomobject]@{ + Name = $_.name + State = $_.edge_VM_status + HAState = $_.ha_state + Index = $_.index + } + } + $featureStatus = $status.feature_statuses | %{ + [pscustomobject]@{ + Service = $_.service + Status = $_.status + } + } + [pscustomobject]@{ + Time = [timezone]::CurrentTimeZone.ToLocalTime(([datetime]'1/1/1970').AddSeconds($status.timestamp/1000)) + Status = $status.edge_status + PublishStatus = $status.publish_status + SystemStatus = $_.system_status + NicInUse = $status.ha_vnic_in_use + } + } +} + +Function Get-VMCEdgeNic { +<# +.NOTES +=========================================================================== +Created by: Luc Dekens +Date: 23/10/2018 +Organization: Community +Blog: http://lucd.info +Twitter: @LucD22 +=========================================================================== + +.SYNOPSIS + Returns all interfaces for the gateway +.DESCRIPTION + Retrieve all interfaces for the specified management or compute gateway (NSX Edge). +.EXAMPLE + Get-VMCEdgeNic -OrgName $orgName -SddcName $SDDCName -Edge $EdgeName +#> + Param ( + [Parameter(Mandatory=$True)] + [string]$OrgName, + [Parameter(Mandatory=$True)] + [string]$SDDCName, + [Parameter(Mandatory=$True)] + [string]$EdgeName + ) + + If (-Not $global:DefaultVMCServers) { + Write-error "No VMC Connection found, please use the Connect-VMC to connect" + } + Else { + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + $edgeId = Get-VMCEdge -SDDCName $SDDCName -Org $OrgName | where{$_.Name -eq $EdgeName} | select -ExpandProperty Id + + $vnicService = Get-VmcService -Name 'com.vmware.vmc.orgs.sddcs.networks.edges.vnics' + $vnicService.get($orgId,$sddcId,$edgeId) | select -ExpandProperty vnics | %{ + [pscustomobject]@{ + Label = $_.label + Name = $_.Name + Type = $_.type + Index = $_.index + IsConnected = $_.is_connected + Portgroup = $_.portgroup_name + } + } + } +} + +Function Get-VMCEdgeNicStat { +<# +.NOTES +=========================================================================== +Created by: Luc Dekens +Date: 23/10/2018 +Organization: Community +Blog: http://lucd.info +Twitter: @LucD22 +=========================================================================== + +.SYNOPSIS + Returns statistics for the gateway interfaces +.DESCRIPTION + Retrieve interface statistics for a management or compute gateway (NSX Edge). +.EXAMPLE + Get-VMCEdgeNicStat -OrgName $orgName -SddcName $SDDCName -Edge $EdgeName +#> + [CmdletBinding(DefaultParameterSetName='Default')] + Param ( + [Parameter(Mandatory=$True)] + [string]$OrgName, + [Parameter(Mandatory=$True)] + [string]$SDDCName, + [Parameter(Mandatory=$True)] + [string]$EdgeName +# [DateTime]$Start, +# [DateTime]$Finish + ) + + If (-Not $global:DefaultVMCServers) { + Write-error "No VMC Connection found, please use the Connect-VMC to connect" + } + Else { + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + $edgeId = Get-VMCEdge -SDDCName $SDDCName -Org $OrgName | where{$_.Name -eq $EdgeName} | select -ExpandProperty Id + +# $epoch = Get-Date 01/01/1970 +# +# if($start){ +# $startEpoch = (New-TimeSpan -Start $epoch -End $Start.ToUniversalTime()).TotalMilliseconds +# } +# if($Finish){ +# $finishEpoch = (New-TimeSpan -Start $epoch -End $Finish.ToUniversalTime()).TotalMilliseconds +# } + + $vnicStatService = Get-VmcService -Name 'com.vmware.vmc.orgs.sddcs.networks.edges.statistics.interfaces' +# $stats = $vnicStatService.get($orgId,$sddcId,$edgeId,[long]$startEpoch,[long]$finishEpoch) + $stats = $vnicStatService.get($orgId,$sddcId,$edgeId) + + $stats.data_dto | Get-Member -MemberType NoteProperty | where{$_.Name -ne 'Help'} | %{$_.Name} | %{ + $stats.data_dto."$_" | %{ + [pscustomobject]@{ + vNIC = $_.vnic + Timestamp = [timezone]::CurrentTimeZone.ToLocalTime(([datetime]'1/1/1970').AddSeconds($_.timestamp)) + In = $_.in + Out = $_.out + Unit = 'Kbps' + Interval = $stats.meta_dto.interval + } + } + } + } +} + +Function Get-VMCEdgeUplinkStat { +<# +.NOTES +=========================================================================== +Created by: Luc Dekens +Date: 23/10/2018 +Organization: Community +Blog: http://lucd.info +Twitter: @LucD22 +=========================================================================== + +.SYNOPSIS + Returns statistics for the uplink interfaces +.DESCRIPTION + Retrieve uplink interface statistics for a management or compute gateway (NSX Edge). +.EXAMPLE + Get-VMCEdgeUplinkStat -OrgName $orgName -SddcName $SDDCName -Edge $EdgeName +#> + Param ( + [Parameter(Mandatory=$True)] + [string]$OrgName, + [Parameter(Mandatory=$True)] + [string]$SDDCName, + [Parameter(Mandatory=$True)] + [string]$EdgeName +# [DateTime]$Start, +# [DateTime]$Finish + ) + + If (-Not $global:DefaultVMCServers) { + Write-error "No VMC Connection found, please use the Connect-VMC to connect" + } + Else { + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + $edgeId = Get-VMCEdge -SDDCName $SDDCName -Org $OrgName | where{$_.Name -eq $EdgeName} | select -ExpandProperty Id + +# $epoch = Get-Date 01/01/1970 +# +# if($start){ +# $startEpoch = (New-TimeSpan -Start $epoch -End $Start.ToUniversalTime()).TotalMilliseconds +# } +# if($Finish){ +# $finishEpoch = (New-TimeSpan -Start $epoch -End $Finish.ToUniversalTime()).TotalMilliseconds +# } + + $uplinkStatService = Get-VmcService -Name 'com.vmware.vmc.orgs.sddcs.networks.edges.statistics.interfaces.uplink' +# $stats = $uplinkStatService.get($orgId,$sddcId,$edgeId,[long]$startEpoch,[long]$finishEpoch) + $stats = $uplinkStatService.get($orgId,$sddcId,$edgeId) + + $stats.data_dto | Get-Member -MemberType NoteProperty | where{$_.Name -ne 'Help'} | %{$_.Name} | %{ + if($stats.data_dto."$_".Count -ne 0){ + $stats.data_dto."$_" | %{ + [pscustomobject]@{ + vNIC = $_.vnic + Timestamp = [timezone]::CurrentTimeZone.ToLocalTime(([datetime]'1/1/1970').AddSeconds($_.timestamp)) + In = $_.in + Out = $_.out + Unit = 'Kbps' + Interval = $stats.meta_dto.interval + } + } + } + } + } +} + +Export-ModuleMember -Function 'Get-VMCCommand', 'Connect-VMCVIServer', 'Get-VMCOrg', 'Get-VMCSDDC', + 'Get-VMCTask', 'Get-VMCSDDCDefaultCredential', 'Get-VMCSDDCPublicIP', 'Get-VMCVMHost', + 'Get-VMCSDDCVersion', 'Get-VMCFirewallRule', 'Export-VMCFirewallRule', 'Import-VMCFirewallRule', + 'Remove-VMCFirewallRule', 'Get-VMCLogicalNetwork', 'Remove-VMCLogicalNetwork', 'New-VMCLogicalNetwork', + 'Get-VMCSDDCSummary', 'Get-VMCPublicIP', 'New-VMCPublicIP', 'Remove-VMCPublicIP', 'Set-VMCSDDC', + 'Get-VMCEdge', 'Get-VMCEdgeNic', 'Get-VMCEdgeStatus', 'Get-VMCEdgeNicStat', 'Get-VMCEdgeUplinkStat' + diff --git a/Modules/vCenterCEIP/vCenterCEIP.psm1 b/Modules/vCenterCEIP/vCenterCEIP.psm1 new file mode 100755 index 0000000..3d5e903 --- /dev/null +++ b/Modules/vCenterCEIP/vCenterCEIP.psm1 @@ -0,0 +1,74 @@ +Function Get-VCenterCEIP { + <# + .NOTES + =========================================================================== + Created by: William Lam + Date: 01/23/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Retrieves the the Customer Experience Improvement Program (CEIP) setting for vCenter Server + .DESCRIPTION + This cmdlet retrieves the the CEIP setting for vCenter Server + .EXAMPLE + Get-VCenterCEIP + #> + If (-Not $global:DefaultVIServer.IsConnected) { Write-error "No valid VC Connection found, please use the Connect-VIServer to connect"; break } Else { + $ceipSettings = (Get-AdvancedSetting -Entity $global:DefaultVIServer -Name VirtualCenter.DataCollector.ConsentData).Value.toString() | ConvertFrom-Json + $ceipEnabled = $ceipSettings.consentConfigurations[0].consentAccepted + + $tmp = [pscustomobject] @{ + VCENTER = $global:DefaultVIServer.Name; + CEIP = $ceipEnabled; + } + $tmp + } +} +Function Set-VCenterCEIP { + <# + .NOTES + =========================================================================== + Created by: William Lam + Date: 01/23/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Enables or Disables the Customer Experience Improvement Program (CEIP) setting for vCenter Server + .DESCRIPTION + This cmdlet enables or disables the CEIP setting for vCenter Server + .EXAMPLE + Set-VCenterCEIP -Enabled + .EXAMPLE + Set-VCenterCEIP -Disabled + #> + Param ( + [Switch]$Enabled, + [Switch]$Disabled + ) + If (-Not $global:DefaultVIServer.IsConnected) { Write-error "No valid VC Connection found, please use the Connect-VIServer to connect"; break } Else { + $ceipSettings = (Get-AdvancedSetting -Entity $global:DefaultVIServer -Name VirtualCenter.DataCollector.ConsentData).Value.toString() | ConvertFrom-Json + If($Enabled) { + $originalVersion = $ceipSettings.version + $ceipSettings.version = [int]$originalVersion + 1 + $ceipSettings.consentConfigurations[0].consentAccepted = $True + $ceipSettings.consentConfigurations[1].consentAccepted = $True + $updatedceipSettings = $ceipSettings | ConvertTo-Json + Write-Host "Enabling Customer Experience Improvement Program (CEIP) ..." + Get-AdvancedSetting -Entity $global:DefaultVIServer -Name VirtualCenter.DataCollector.ConsentData | Set-AdvancedSetting -Value $updatedceipSettings -Confirm:$false + } else { + $originalVersion = $ceipSettings.version + $ceipSettings.version = [int]$originalVersion + 1 + $ceipSettings.consentConfigurations[0].consentAccepted = $False + $ceipSettings.consentConfigurations[1].consentAccepted = $False + $updatedceipSettings = $ceipSettings | ConvertTo-Json + Write-Host "Disablng Customer Experience Improvement Program (CEIP) ..." + Get-AdvancedSetting -Entity $global:DefaultVIServer -Name VirtualCenter.DataCollector.ConsentData | Set-AdvancedSetting -Value $updatedceipSettings -Confirm:$false + } + } +} diff --git a/Scripts/Set-NetworkAdapterOpaqueNetwork.ps1 b/Scripts/Set-NetworkAdapterOpaqueNetwork.ps1 new file mode 100644 index 0000000..1310734 --- /dev/null +++ b/Scripts/Set-NetworkAdapterOpaqueNetwork.ps1 @@ -0,0 +1,50 @@ +function Set-NetworkAdapterOpaqueNetwork { +param( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, Position = 1)] + [VMware.VimAutomation.Types.NetworkAdapter] + $NetworkAdapter, + + [Parameter(Mandatory = $true, Position = 2)] + [string] + $OpaqueNetworkName, + + [Parameter()] + [switch] + $Connected, + + [Parameter()] + [switch] + $StartConnected +) +process { + $opaqueNetwork = Get-View -ViewType OpaqueNetwork | ? {$_.Name -eq $OpaqueNetworkName} + if (-not $opaqueNetwork) { + throw "'$OpaqueNetworkName' network not found." + } + + $opaqueNetworkBacking = New-Object VMware.Vim.VirtualEthernetCardOpaqueNetworkBackingInfo + $opaqueNetworkBacking.OpaqueNetworkId = $opaqueNetwork.Summary.OpaqueNetworkId + $opaqueNetworkBacking.OpaqueNetworkType = $opaqueNetwork.Summary.OpaqueNetworkType + + $device = $NetworkAdapter.ExtensionData + $device.Backing = $opaqueNetworkBacking + + if ($StartConnected) { + $device.Connectable.StartConnected = $true + } + + if ($Connected) { + $device.Connectable.Connected = $true + } + + $spec = New-Object VMware.Vim.VirtualDeviceConfigSpec + $spec.Operation = [VMware.Vim.VirtualDeviceConfigSpecOperation]::edit + $spec.Device = $device + $configSpec = New-Object VMware.Vim.VirtualMachineConfigSpec + $configSpec.DeviceChange = @($spec) + $NetworkAdapter.Parent.ExtensionData.ReconfigVM($configSpec) + + # Output + Get-NetworkAdapter -Id $NetworkAdapter.Id + } +}