Not a moment too soon into 2021 and vRA Cloud has been updated with some essential functionality, the ability to secure values being used within ABX scripts.
To date, this omission has made ABX an insecure feature, unless an on-premise installation of vRA 8.x was in place and the ‘Lifecycle Manager Locker’ could be used to hold credentials.
In this short post I will show you how to create credentials and call them from within an action.
Creating secure values
Within Extensibility > Actions, there is now a new box named ‘Manage Action Secrets.
Clicking this box will take you to the Action Secrets Page;
Click ‘New Action Secret’ and enter the relevant details, noting that the name given will be needed to call the credential set within your action(s).
Using secrets in Actions
Within a new action, you can see that a new tickbox has been added to the interface, aptly named ‘Secret’.
Clicking this box provides a dropdown with a list of all the secrets configured in the system. In this example I have chosen my supersecretpassword from the dropdown.
Now this input is available for use within your scripts. At this stage I was hoping the password was encrypted and as such, this would not return my plain text password of ‘I_am_the_password’
…and fortunately the returned secret is encrypted rather than my plaintext password.
To decrypt credentials for use within scripts simply run…
cred_to_use = context.getSecret(inputs["supersecretpassword"])
This is really simple to use but really has enhanced the cloud offering of vRA.