VMware Validated Solutions VMware Cloud Foundation

VMware Validated Solutions – Feb 2023 Update

Welcome to the February 2023 update for VMware Validate Solutions. Highlights for this update include:

  • Added enhancements to Cloud-Based Intelligent Operations for VMware Cloud Foundation
  • Added enhancements to Cloud-Based Automation for VMware Cloud Foundation

Cloud-Based Intelligent Operations for VMware Cloud Foundation

Detailed Design

Updates to the following design decisions:

Design Decisions on Identity Management

  • CBO-IAM-SEC-003 – Assign vRealize Operations Cloud service roles to designated users. (NEW)

Design Decisions on Password Policies

  • CBO-CDP-SEC-001 – Configure the local user password expiration policy for each Cloud Proxy instance. (NEW)
  • CBO-CDP-SEC-002 – Configure the local user password complexity policy for each Cloud Proxy instance. (NEW)
  • CBO-CDP-SEC-003 – Configure the local user account lockout policy for each Cloud Proxy instance. (NEW)

Implementation

Added PowerShell automation to the following procedures:

  • Assign SDDC Manager Role to a Service Account for VMware Cloud Foundation Integration for Cloud-Based Intelligent Operations (Add-SddcManagerRole)
  • Define a Custom Role in vSphere for vRealize Operations Cloud and VMware Cloud Foundation Integration for Cloud-Based Intelligent Operations (Add-vSphereRole)
  • Assign vCenter Server Role to a Service Account for VMware Cloud Foundation Integration for Cloud-Based Intelligent Operations (Add-vCenterGlobalPermission)
  • Create a Virtual Machine and Template Folder for Cloud Proxy Appliances for Cloud-Based Intelligent Operations (Add-VMFolder)
  • Configure vSphere Anti-Affinity Rules for the Cloud Proxy Appliances for Cloud-Based Intelligent Operations (Add-AntiAffinityRule)
  • Add the Cloud Proxy Appliances to the First Availability Zone VM Group for Cloud-Based Intelligent Operations (Add-VmGroup)

Operational Guidance

Added the following procedures:

  • Personas in Cloud-Based Intelligent Operations for VMware Cloud Foundation
  • Configure the Local User Password Expiration Policy of the Cloud Proxy Appliance for Cloud-Based Intelligent Operations
  • Configure the Local User Password Complexity Policy for the Cloud Proxy Appliance for Cloud-Based Intelligent Operations
  • Configure the Local User Account Lockout Policy for the Cloud Proxy Appliance for Cloud-Based Intelligent Operations
  • Dashboard Management for Cloud-Based Intelligent Operations for VMware Cloud Foundation

Cloud-Based Automation for VMware Cloud Foundation

Detailed Design

Updates to the following design decisions:

Design Decisions on Password Policies

  • CBA-CDP-SEC-001 – Configure the local user password expiration policy for each Cloud Proxy instance. (NEW)
  • CBA-CDP-SEC-002 – Configure the local user password complexity policy for each Cloud Proxy instance. (NEW)
  • CBA-CDP-SEC-003 – Configure the local user account lockout policy for each Cloud Proxy instance. (NEW)
  • CBA-CEP-SEC-001 – Configure the local user password expiration policy for each Cloud Extensibility Proxy instance. (NEW)
  • CBA-CEP-SEC-002 – Configure the local user password complexity policy for each Cloud Extensibility Proxy instance. (NEW)
  • CBA-CEP-SEC-003 – Configure the local user account lockout policy for each Cloud Extensibility Proxy instance. (NEW)

Operational Guidance

Added the following procedures:

  • Personas in Cloud-Based Automation for VMware Cloud Foundation.
  • Configure the Local User Password Expiration Policy of the Cloud Proxy and Cloud Extensibility Proxy Appliances for Cloud-Based Automation
  • Configure the Local User Password Complexity Policy for the Cloud Proxy and Cloud Extensibility Proxy Appliances for Cloud-Based Automation
  • Configure the Local User Account Lockout Policy for the Cloud Proxy and Cloud Extensibility Proxy Appliances for Cloud-Based Automation

General Availability of PowerValidatedSolutions v2.0.1

Release of PowerValidatedSolutions v2.0.1, which is a PowerShell module that we have developed to not only accelerate the implementation of Validated Solutions, but ensure consistency and robustness. Here’s a list of what’s changed (this and previous updates can be tracked by reading the CHANGELOG.md file stored in the Git Hub repository):

  • Added Convert-CssClassStyle cmdlet to modify the CSS Style in the HTML output.
  • Fixed Publish-* cmdlets to use Convert-CssClassStyle rather than Convert-CssClass which is part of VMware Cloud Foundation reporting module.
  • Added cbl-vsphere-integration.role role file to support adding the vRealize Log Insight Cloud to vSphere Integration role in vCenter Server.
  • Added cbo-vsphere-integration.role role file to support adding the vRealize Operations Cloud to vSphere Integration role in vCenter Server.

__________________________________________________________________________

Gary Blake

Senior Staff Solutions Architect. Focused on Solution Engineering for VMware Cloud Foundation and technical lead for VMware Validated Solutions within the VCF Division at VMware by Broadcom. Follow Gary on…

Related Articles