In this recipe, we will explore the full spectrum of the Orchestrator/vRA integration. You will learn how to create custom resources and actions and how to integrate and use them.
In order to add an Orchestrator workflow as a vRA Catalog item, you should have the following vRA items configured:
- Entitlements
- Services
- Business groups
To configure these items, please refer to the link shown in the introduction of this chapter or take a look at the official VMware documentation for vRA.
The Design tab must be activated as shown in the Integrating Orchestrator workflows as XaaS Blueprints recipe in this chapter.
You also have to add the AD endpoint as shown in the Adding an Orchestrator endpoint recipe in this chapter, and the AD endpoint needs to be configured with SSL for this recipe to work.
We have split this recipe into multiple sections. Work though them one after another.
We will first need to create a custom resource, which makes it possible for vRA users to manage their resources:
- Log in to vRA with a user that is a XaaS Architect.
- Navigate to Design | XaaS | Custom Resources and click on New.
- Start typing
AD:Userin the Orchestrator Type field. You will see how the field's selection is reduced. Click on AD:User. This is the Orchestrator variable type we will add to vRA. - Give this resource a name under which it will be shown in vRA, such as AD User, and then click on Next.
- The Details Form shows all attributes of the variable type we just defined. We need to delete the Category name attribute as it can't be used in vRA. Hover the mouse to the right on the Category Name field and click on the red X sign.
- Finish the setup by clicking on Finish.
Next, we will create the service Blueprint to create a new AD user:
- Follow the Integrating Orchestrator workflows as XaaS Blueprints recipe in this chapter to add a service Blueprint with the following changes.
- Use the workflow by navigating to Library | Microsoft | Active Directory | User | Create a user with a password in a group.
- In the Provisioned Resource tab, select the custom resource (AD User) that you have created.
Don't forget to add the Blueprint to the catalog.
We will now create a resource action and bind it to an entitlement:
- Navigate to Design | XaaS | Resource Actions and click on New.
- Select the workflow by navigating to Library | Microsoft | Active Directory | User | Change a user password and click on Next.
- As Resource type, select the custom resource that you created, as Input parameter, select user.
- In the Details screen, you can just accept the default settings by clicking on Next.
- You can now change the form with which a user will interact. Click on Add and finish creating this action.
- Now, publish this action by clicking on Publish.
- Navigate to Administration | Catalog Management | Entitlements.
- Click on your entitlement and edit it.
- Under Items & Approvals in Entitled Actions, add the custom action you have just created. Click on Finish.
We will now start a test run to see what we have achieved and how it works:
- Go to your vRA catalog and request the service Blueprint that you have created.
- Wait a minute until it is finished.
- Click on Items and you will find a new item: the user you have just created.
- Click on the user and select Actions. You will find the custom action you created here:
This example shows how powerful the Orchestrator integration in vRealize Automation has become.
A custom resource is simply an Orchestrator plugin type that you reuse as a resource and that can be managed and worked with using custom actions. Please note that the request and approval mechanism of vRA can also be used to regulate the use of custom actions and Blueprints.
You can leverage any Orchestrator plugin type to manage its life cycle from vRA or you can create your own type using the Orchestrator Dynamic Types.