diff --git a/Tenant_onboarding/Tenant Onboarding with AD.json b/Tenant_onboarding/Tenant Onboarding with AD.json index 4ebb84e..3167f63 100644 --- a/Tenant_onboarding/Tenant Onboarding with AD.json +++ b/Tenant_onboarding/Tenant Onboarding with AD.json @@ -1 +1 @@ -{"status":{},"contains_secrets":true,"product_version":"3.6.2","spec":{"description":"","resources":{"endpoints_information":[],"endpoint_definition_list":[],"client_attrs":{},"credential_definition_list":[],"runbook":{"task_definition_list":[{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[{"kind":"app_task","name":"Precheck Validation"},{"kind":"app_task","name":"Generate Tenant UID"},{"kind":"app_task","name":"Configure AD"},{"kind":"app_task","name":"Create Categories"},{"kind":"app_task","name":"Create External Subnet"},{"kind":"app_task","name":"Create VPC"},{"kind":"app_task","name":"Create Overlay Subnet"},{"kind":"app_task","name":"Create Project"},{"kind":"app_task","name":"Create Tunnel for VPC"},{"kind":"app_task","name":"Set Quota"},{"kind":"app_task","name":"Create Environment"},{"kind":"app_task","name":"Update Project"},{"kind":"app_task","name":"Create Protection Policy"}],"name":"8ee0af0e_dag","attrs":{"edges":[{"from_task_reference":{"kind":"app_task","name":"Precheck Validation"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Generate Tenant UID"}},{"from_task_reference":{"kind":"app_task","name":"Create External Subnet"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create VPC"}},{"from_task_reference":{"kind":"app_task","name":"Create VPC"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create Overlay Subnet"}},{"from_task_reference":{"kind":"app_task","name":"Generate Tenant UID"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create Categories"}},{"from_task_reference":{"kind":"app_task","name":"Create Environment"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Update Project"}},{"from_task_reference":{"kind":"app_task","name":"Set Quota"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create Environment"}},{"from_task_reference":{"kind":"app_task","name":"Create Tunnel for VPC"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Set Quota"}},{"from_task_reference":{"kind":"app_task","name":"Configure AD"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create External Subnet"}},{"from_task_reference":{"kind":"app_task","name":"Generate Tenant UID"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Configure AD"}},{"from_task_reference":{"kind":"app_task","name":"Create Project"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create Tunnel for VPC"}},{"from_task_reference":{"kind":"app_task","name":"Create Overlay Subnet"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create Project"}},{"from_task_reference":{"kind":"app_task","name":"Update Project"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create Protection Policy"}}],"type":""},"timeout_secs":"0","type":"DAG","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Precheck Validation","attrs":{"exit_status":[],"script":"# script\n\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"@@{PC_IP}@@\".strip()\npc_username = \"@@{prism_central_username}@@\".strip()\npc_password = \"@@{prism_central_passwd}@@\".strip()\nmgmt_pc_username = \"@@{prism_central_username}@@\".strip()\nmgmt_pc_password = \"@@{management_pc_password}@@\".strip()\nskip_delete = False\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef _get_cluster_details(cluster_name):\n payload = {\"kind\": \"cluster\"}\n url = _build_url(scheme=\"https\",\n resource_type=\"\/clusters\/list\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if data.ok:\n for _cluster in data.json()['entities']:\n if _cluster['status']['name'] == cluster_name:\n print(\"cluster_uuid={}\".format(_cluster['metadata']['uuid']))\n return str(_cluster['metadata']['uuid'])\n print(\"Input Error :- Given cluster %s not present on %s\"%(cluster_name, PC_IP))\n exit(1)\n else:\n print(\"Error while fetching %s cluster info\"%cluster_name)\n print(data.json().get('message_list',data.json().get('error_detail', data.json())))\n exit(1)\n \ndef _get_virtual_switch_uuid(virtual_switch_name, cluster_uuid): \n payload = {\"entity_type\": \"distributed_virtual_switch\", \n \"filter\": \"name==%s\"%virtual_switch_name}\n url = _build_url(scheme=\"https\",\n resource_type=\"\/groups\") \n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n verify=False)\n if data.ok:\n _uuid = data.json()['group_results'][0]['entity_results'][0]['entity_id']\n _url = \"https:\/\/%s:9440\/api\/networking\/v2.a1\/dvs\/virtual-switches\/%s?proxyClusterUuid=%s\"%(PC_IP,\n _uuid,\n cluster_uuid)\n _data = requests.get(_url, auth=HTTPBasicAuth(pc_username, pc_password),verify=False)\n if _data.json()['data']['name'] == virtual_switch_name:\n print(\"virtual switch uuid ----> \",_uuid)\n return str(_uuid)\n else:\n print(\"Input Error :- %s virtual switch not present on %s\"%(virtual_switch_name, PC_IP))\n exit(1)\n else:\n print(\"Error while fetching virtual switch details :- \",data.json().get('message_list',\n data.json().get('error_detail', \n data.json())))\n\ndef _get_subnet_uuid(subnet, delete=False):\n global skip_delete\n url = _build_url(scheme=\"https\",resource_type=\"\/subnets\/list\")\n data = requests.post(url, json={\"kind\":\"subnet\", \"filter\":\"name==%s\"%subnet},\n auth=HTTPBasicAuth(pc_username, \n pc_password),\n timeout=None, verify=False)\n if data.ok:\n if data.json()['metadata']['total_matches'] == 0:\n print(\"%s not present on %s\"%(subnet, PC_IP))\n skip_delete = True\n if not delete:\n exit(1)\n elif data.json()['metadata']['total_matches'] > 1:\n print(\"There are more than one subnets with name - %s on - %s\"%(subnet, PC_IP))\n print(\"Please delete it manually before executing runbook.\")\n exit(1)\n else:\n skip_delete = False\n return data.json()['entities'][0]['metadata']['uuid']\n else:\n print(\"Error while fetching subnet details :- \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\n \ndef get_subnet_details(_uuid):\n url = _build_url(scheme=\"https\",resource_type=\"\/subnets\/%s\"%_uuid)\n data = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n if not data.ok:\n print(\"Error while fetching project subnet details.\")\n print(data.json().get('message_list',\\\n data.json().get('error_detail', data.json())))\n exit(1)\n else:\n print(\"project_subnet_address={}\".format(data.json()['spec']\\\n ['resources']['ip_config']['pool_list'][0]['range'].split( )[-1]))\n \ndef _get_vpc_uuid(vpc_name):\n global skip_delete\n url = _build_url(scheme=\"https\",resource_type=\"\/vpcs\/list\")\n data = requests.post(url, json={\"kind\":\"vpc\", \"filter\":\"name==%s\"%vpc_name},\n auth=HTTPBasicAuth(pc_username, \n pc_password),\n timeout=None, verify=False)\n if data.ok:\n if data.json()['metadata']['total_matches'] == 0:\n print(\"%s not present on %s\"%(vpc_name, PC_IP))\n skip_delete = True\n elif data.json()['metadata']['total_matches'] > 1:\n print(\"There are more than one VPC's with name - %s on - %s\"%(vpc_name, PC_IP))\n print(\"Please delete it manually before executing runbook.\")\n exit(1)\n else:\n skip_delete = False\n return data.json()['entities'][0]['metadata']['uuid']\n else:\n print(\"Error while fetching VPC details :- \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\n \ndef _get_project_uuid(project_name):\n global skip_delete\n url = _build_url(scheme=\"https\",resource_type=\"\/projects\/list\", host = \"localhost\")\n data = requests.post(url, json={\"kind\":\"project\", \"filter\":\"name==%s\"%project_name},\n auth=HTTPBasicAuth(mgmt_pc_username, \n mgmt_pc_password),\n timeout=None, verify=False)\n if data.ok:\n if data.json()['metadata']['total_matches'] == 0:\n print(\"%s not present on %s\"%(project_name, \"Management PC\"))\n skip_delete = True\n elif data.json()['metadata']['total_matches'] > 1:\n print(\"There are more than one projects with name - %s on - %s\"%(project_name, \"Management PC\"))\n print(\"Please delete it manually before executing runbook.\")\n exit(1)\n else:\n skip_delete = False\n return data.json()['entities'][0]['metadata']['uuid']\n else:\n print(\"Error while fetching project details :- \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\n\ndef _get_tunnel_uuid(tunnel_name):\n global skip_delete\n tunnel_state = [\"CONNECTING\",\"NOT_VALIDATED\" ]\n url = _build_url(scheme=\"https\",resource_type=\"\/tunnels\/list\",host=\"localhost\")\n data = requests.post(url, json={\"kind\": \"tunnel\",\"filter\":\"name==%s\"%tunnel_name},\n auth=HTTPBasicAuth(mgmt_pc_username, \n mgmt_pc_password),\n timeout=None, verify=False)\n if data.ok:\n if data.json()['metadata']['total_matches'] == 0:\n print(\"%s does not exist\"%(tunnel_name))\n skip_delete = True\n elif data.json()['metadata']['total_matches'] > 1:\n print(\"There are more than one tunnel with name - %s\"%(tunnel_name))\n print(\"Please delete it manually before executing runbook.\")\n exit(1)\n elif data.json()['entities'][0]['status']['state'] in tunnel_state:\n print(\"tunnel is in NOT_VALIDATED,Please delete it manually before executing runbook.\")\n exit(1)\n else:\n skip_delete = False\n tunnel_uuid = data.json()['entities'][0]['status']['resources']['uuid']\n return tunnel_uuid\n else:\n print(\"Error while fetching tunnel details :- \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\n\ndef _get_network_group_uuid(tunnel_name):\n global skip_delete\n url = _build_url(scheme=\"https\",resource_type=\"\/network_groups\/list\",host=\"localhost\")\n data = requests.post(url, json={\"kind\": \"network_group\",\"filter\":\"name==%s\"%tunnel_name},\n auth=HTTPBasicAuth(mgmt_pc_username, \n mgmt_pc_password),\n timeout=None, verify=False)\n if data.ok:\n if data.json()['metadata']['total_matches'] == 0:\n print(\"%s does not exist\"%(tunnel_name))\n skip_delete = True\n else:\n skip_delete = False\n group_uuid = data.json()['entities'][0]['status']['resources']['uuid']\n return group_uuid\n else:\n print(\"Error while fetching network group details :- \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\n\ndef delete_project_environment(project_name):\n print(\"Fetching project environments information...\")\n project_name = project_name.strip()\n url = _build_url(scheme=\"https\", host=\"localhost\",resource_type=\"\/environments\/list\")\n data = requests.post(url, json={\"kind\":\"environment\"},\n auth=HTTPBasicAuth(mgmt_pc_username, \n mgmt_pc_password),\n timeout=None, verify=False)\n uuid_list = []\n if data.ok:\n if data.json()[\"metadata\"] > 0:\n for _env in data.json()[\"entities\"]:\n if \"project_reference\" in _env[\"metadata\"].keys():\n if _env[\"metadata\"][\"project_reference\"][\"name\"] == project_name:\n uuid_list.append(_env[\"metadata\"][\"uuid\"])\n else:\n print(\"Info : No environment found on localhost\")\n else:\n print(\"Failed to fetch environment details.\")\n print(data.json().get('message_list',data.json().get('error_detail', data.json())))\n exit(1)\n \n for _uuid in uuid_list:\n url = _build_url(scheme=\"https\", host=\"localhost\",resource_type=\"\/environments\/%s\"%_uuid)\n data = requests.delete(url,auth=HTTPBasicAuth(mgmt_pc_username, \n mgmt_pc_password),\n timeout=None, verify=False)\n if data.ok:\n if \"Environment with uuid %s deleted\"%_uuid not in data.json()[\"description\"]:\n print(\"Failed to project environment.\",data.json())\n exit(1)\n else:\n print(\"Error while deleting project environment.\")\n print(data.json().get('message_list',data.json().get('error_detail', data.json())))\n exit(1)\n \n if uuid_list != []:\n print(\"%s Project environment with %s uuid's deleted successfully.\"%(project_name, uuid_list))\n\ndef wait_for_completion(data):\n if data.ok:\n state = data.json().get('status', None).get('state', None)\n while state == \"DELETE_PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if responce.json().get('status', None) in ['DELETE_PENDING']:\n state = 'DELETE_PENDING'\n sleep(5) \n elif responce.json().get('status', None) == 'FAILED':\n print(\"Got Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\" \n else:\n print(\"Got Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n \ndef _get_ip(IP):\n ip_list = IP.split(\".\")\n gatewat_digit = int(ip_list[-1]) + 1\n start_digit = gatewat_digit + 1\n end_digit = start_digit + 50\n gateway_ip = ip_list[:3]\n gateway_ip.append(str(gatewat_digit))\n gateway_ip = \".\".join(gateway_ip)\n start_ip = ip_list[:3]\n start_ip.append(str(start_digit))\n start_ip = \".\".join(start_ip)\n end_ip = ip_list[:3]\n end_ip.append(str(end_digit))\n end_ip = \".\".join(end_ip)\n return (gateway_ip, start_ip, end_ip)\n \nexternal_subnet_items = {}\nvpc_items = {}\noverlay_subnet_items = {}\nproject_items = {}\nAD_items = {}\naccount_items = {}\ntunnel_items = {}\n\ntenant = \"@@{tenant_name}@@\".strip()\ncluster = \"@@{cluster_name}@@\".strip()\ncluter_uuid = _get_cluster_details(cluster)\nexternal_subnet = \"@@{external_subnet_ip}@@\".strip()\nexternal_subnet_ip, external_subnet_prefix= external_subnet.split(\"\/\")\nexternal_subnet_items['name'] = \"@@{tenant_name}@@_External_Subnet\"\nexternal_subnet_items['cluster'] = cluster\nexternal_subnet_items['enable_nat'] = @@{external_subnet_nat}@@\nexternal_subnet_items['virtual_switch_name'] = \"@@{virtual_switch}@@\".strip()\n_uuid = _get_virtual_switch_uuid(external_subnet_items['virtual_switch_name'], cluter_uuid)\nexternal_subnet_items['gateway_ip'] = \"@@{external_subnet_gateway_ip}@@\".strip()\nexternal_subnet_items['network_ip'] = external_subnet_ip\nexternal_subnet_items['prefix'] = int(external_subnet_prefix)\nIP_POOL = \"@@{external_subnet_ip_pool}@@\".strip().split(\"-\")\nexternal_subnet_items['ip_pools'] = {\"range\":\"%s %s\"%(IP_POOL[0],IP_POOL[1])}\n\nvpc_items['name'] = \"@@{tenant_name}@@_VPC\"\nvpc_items['external_subnet_name'] = external_subnet_items['name']\ntunnel_items['name'] = \"@@{tenant_name}@@_VPC_Tunnel\"\n\noverlay_subnet = \"@@{overlay_subnet_ip}@@\".strip()\noverlay_subnet_ip, overlay_subnet_prefix = overlay_subnet.split(\"\/\")\noverlay_subnet_items['subnet_name'] = \"@@{tenant_name}@@_Overlay_Subnet\"\noverlay_subnet_items['vpc_name'] = vpc_items['name']\noverlay_subnet_items['network_ip'] = overlay_subnet_ip\noverlay_subnet_items['prefix'] = int(overlay_subnet_prefix)\noverlay_subnet_items['gateway_ip'] = \"@@{overlay_subnet_gateway_ip}@@\".strip()\nIP = _get_ip(overlay_subnet_ip)\noverlay_subnet_items['ip_pool'] = [{\"ip_pools_start_ip\":IP[1], \n \"ip_pools_end_ip\":IP[2]}]\nprint(\"project_subnet_address={}\".format(IP[2]))\n\nAD_items['name'] = \"Tenant_{}_AD\".format(tenant)\nAD_items['directory_url'] = \"@@{active_directory_url}@@\".strip()\nAD_items['domain_name'] = \"@@{active_directory_domain}@@\".strip()\nAD_items['directory_type'] = \"ACTIVE_DIRECTORY\"\nAD_items['service_account_username'] = \"@@{active_directory_user}@@\".strip()\nAD_items['service_account_password'] = \"@@{active_directory_password}@@\".strip()\nfor x in ['directory_url', 'domain_name', 'directory_type' , \n 'service_account_username', 'service_account_password']:\n if (AD_items[x] == \"NA\") or (AD_items[x] == \"\"):\n print(\"Input Error :- All Active Directory config parameters are mandatory. \"\\\n \"Even if Active Directory alredy created, Need all AD details to \"\\\n \"whitelist correct active directory for Project.\")\n print(\"AD Parameters :- Active Directory URL, Active Directory Domain Name, \"\\\n \"Active Directory Username, Active Directory Password.\")\n exit(1)\n \nadmin_user = \"@@{project_admin_user}@@\".strip()\nproject_subnet_uuid = \"\"\nproject_items['name'] = \"{}_project\".format(tenant)\nproject_items['tenant_users'] = [{\"admin\": [\"{}\".format(admin_user)]}]\nproject_items['accounts'] = \"@@{account_name}@@\".strip()\nproject_items['allow_collaboration'] = False\n#project_subnet = \"@@{project_subnet_uuid}@@\"\n#get_subnet_details(project_subnet)\n#print(\"project_subnet_uuid={}\".format(project_subnet))\n#project_items['subnets'] = [\"{}\".format(project_subnet)]\nproject_items['quotas'] = [{'storage_gb':@@{project_disk_size}@@,\n 'mem_gb':@@{project_memory}@@,\n 'vcpu':@@{project_vcpu}@@}]\n\naccount_items['cluster'] = cluster\naccount_items['quotas'] = [{'storage_gb':@@{project_disk_size}@@,\n 'mem_gb':@@{project_memory}@@,\n 'vcpu':@@{project_vcpu}@@}]\n\nprint(\"external_subnet_items={}\".format(external_subnet_items))\nprint(\"vpc_items={}\".format(vpc_items))\nprint(\"overlay_subnet_items={}\".format(overlay_subnet_items))\nprint(\"project_items={}\".format(project_items))\nprint(\"AD_items={}\".format(AD_items))\nprint(\"account_items={}\".format(account_items))\nprint(\"Tunnel_items={}\".format(tunnel_items))\n\ndef _delete(type, uuid, **params):\n if(params.get(\"host\",None)):\n host = params['host']\n else:\n host = PC_IP\n url = _build_url(scheme=\"https\",host=host,resource_type=\"\/%s\/%s\"%(type,uuid))\n if(params.get(\"username\",None)):\n user_name = params['username']\n else:\n user_name = pc_username\n\n if(params.get(\"password\",None)):\n pass_word = params['password']\n else:\n pass_word = pc_password\n \n data = requests.delete(url, auth=HTTPBasicAuth(user_name, pass_word),\n timeout=None, verify=False)\n if not data.ok:\n print(\"Failed to delete existing %s with uuid %s.\"%(type, uuid))\n print(\"Error :- \",data.json())\n exit(1)\n else:\n wait_for_completion(data)\n \nif \"@@{delete_existing}@@\".lower() == \"yes\":\n _group_uuid = _get_network_group_uuid(tunnel_name=tunnel_items['name'])\n _tunnel_uuid = _get_tunnel_uuid(tunnel_name=tunnel_items['name'])\n if skip_delete == False:\n _delete(type=\"network_groups\/{}\/tunnels\".format(_group_uuid),uuid=_tunnel_uuid, username=mgmt_pc_username, password=mgmt_pc_password, host = \"localhost\")\n sleep(5)\n\n _uuid = _get_project_uuid(project_items['name'])\n\n if skip_delete == False:\n delete_project_environment(project_items['name'])\n _delete(type=\"projects\", uuid=_uuid, username=mgmt_pc_username, password=mgmt_pc_password, host = \"localhost\")\n \n _uuid = _get_subnet_uuid(subnet=overlay_subnet_items['subnet_name'], delete=True)\n if skip_delete == False:\n _delete(type=\"subnets\", uuid=_uuid)\n sleep(5)\n \n _uuid = _get_vpc_uuid(vpc_items['name'])\n if skip_delete == False:\n _delete(type=\"vpcs\", uuid=_uuid)\n sleep(5)\n \n _uuid = _get_subnet_uuid(subnet=external_subnet_items['name'], delete=True)\n if skip_delete == False:\n _delete(type=\"subnets\", uuid=_uuid)","eval_variables":["external_subnet_items","vpc_items","overlay_subnet_items","project_items","AD_items","account_items","cluster_uuid","project_subnet_uuid","project_subnet_address"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Generate Tenant UID","attrs":{"exit_status":[],"script":"uid = uuid.uuid4()\nprint(\"UID={}\".format({\"tenant_uuid\":'%s'%uid}))\n","eval_variables":["UID"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Configure AD","attrs":{"exit_status":[],"script":"import requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"localhost\"\npc_username =\"@@{management_pc_username}@@\".strip()\npc_password = \"@@{management_pc_password}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=\"localhost\", **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef _get_default_spec():\n return ({\n \"api_version\": \"3.1.0\",\n \"metadata\": {\n \"kind\": \"directory_service\"\n },\n \"spec\": {\n \"name\": \"\",\n \"resources\": {\n \"url\": \"\",\n \"domain_name\": \"\",\n \"directory_type\": \"\",\n \"service_account\": {\n \"username\": \"string\",\n \"password\": \"string\"\n }\n }\n }\n })\n\ndef _get_spec_acp():\n return ({\n \"api_version\": \"3.1.0\",\n \"metadata\": {\n \"kind\" : \"access_control_policy\"\n },\n \"spec\": {\n \"name\": \"string\",\n \"role_reference\": {\"uuid\": \"\"}\n }\n })\n \ndef create_AD(**params):\n payload = _get_default_spec()\n payload['spec']['name'] = params['name']\n payload['spec']['resources']['url'] = params['directory_url']\n payload['spec']['resources']['domain_name'] = params['domain_name']\n payload['spec']['resources']['directory_type'] = params['directory_type']\n payload['spec']['resources']['service_account']['username'] = \\\n params['service_account_username']\n if params.get('group_search_type', 'None') != 'None':\n payload['spec']['resources']['groupSearchType'] = \\\n params.get('group_search_type', 'NON_RECURSIVE')\n payload['spec']['resources']['service_account']['password'] = \\\n params['service_account_password']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/directory_services\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n if 'DUPLICATE_ENTITY' in str(data.json()):\n url = _build_url(scheme=\"https\",\n resource_type=\"\/directory_services\/list\")\n data = requests.post(url, json={\"kind\":\"directory_service\"},\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n for x in data.json()['entities']:\n if x['status']['resources']['domain_name'] == params['domain_name']:\n print(\"ad_details={}\".format({\"ad_uuid\":x['metadata']['uuid']}))\n else:\n task_uuid = wait_for_completion(data, params['name'])\n print(\"ad_details={}\".format({\"ad_uuid\": data.json()['metadata']['uuid'],\n \"ad_creation_task_uuid\": task_uuid,\n \"name\":params['name']}))\n\ndef wait_for_completion(data, name):\n if data.ok:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Got Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n _url = _build_url(scheme=\"https\",resource_type=\"\/directory_services\/list\")\n _data = requests.post(_url, json={\"kind\":\"directory_service\"},\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n if name in str(_data.json()):\n state = \"COMPLETE\"\n else:\n state = 'PENDING'\n sleep(5) \n else:\n print(\"Got Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n return data.json()['status']['execution_context']['task_uuid']\n\n\nparams = @@{AD_items}@@\nprint(\"##### Configuring Active Directory #####\")\ncreate_AD(**params) ","eval_variables":["ad_details"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create Categories","attrs":{"script":"# script\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"@@{PC_IP}@@\".strip()\npc_password = \"@@{prism_central_passwd}@@\".strip()\npc_username = \"@@{prism_central_username}@@\".strip()\n\ntenant = @@{UID}@@\nCategoryName = \"TenantName\"\nvalue = \"@@{tenant_name}@@\".strip()\ndescription = \"Tenant Onboarding category for %s\"%value\n\nbase_url = 'https:\/\/{}:9440\/api\/nutanix\/v3\/categories'.format(PC_IP)\npayload = {\n \"name\": CategoryName,\n \"description\": description,\n# \"capabilities\": {\n# \"cardinality\": 64\n# }\n }\n\napi_url = base_url + '\/' + CategoryName\n\nr = requests.put(api_url, json=payload, \n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\nif not r.ok:\n print(\"PUT request failed\", r.content)\n exit(1)\n\nbatch_url = \"https:\/\/{}:9440\/api\/nutanix\/v3\/batch\".format(PC_IP)\n\npayload = {\"action_on_failure\":\"CONTINUE\",\n \"execution_order\":\"NON_SEQUENTIAL\",\n \"api_request_list\":[\n {\n \"operation\":\"PUT\",\n \"path_and_params\":\"\/api\/nutanix\/v3\/categories\/{}\/{}\".format(CategoryName, value),\n \"body\":{\n \"value\":value,\n \"description\":description\n }\n }\n ],\n \"api_version\":\"3.0\"}\n\nr = requests.post(batch_url, json=payload, \n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\nif r.ok:\n print(\"Category created: {}\".format(CategoryName))\n print(\"category_details={}\".format(r.content))\nelse:\n print(\"Failed to create category - %s\"%CategoryName)\n print(r.content)","type":"","command_line_args":"","exit_status":[],"script_type":"static"},"timeout_secs":"0","type":"EXEC","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create External Subnet","attrs":{"exit_status":[],"script":"#script\n\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"@@{PC_IP}@@\".strip()\npc_username = \"@@{prism_central_username}@@\".strip()\npc_password = \"@@{prism_central_passwd}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n \ndef _get_cluster_details(cluster_name):\n cluster_details = {'kind':'cluster'}\n payload = {\"kind\": \"cluster\"}\n url = _build_url(scheme=\"https\",\n resource_type=\"\/clusters\/list\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if data.ok:\n for _cluster in data.json()['entities']:\n if _cluster['status']['name'] == cluster_name:\n cluster_details['uuid'] = str(_cluster['metadata']['uuid'])\n return cluster_details\n print(\"Input Error :- Given cluster %s not present on %s\"%(cluster_name, PC_IP))\n exit(1)\n else:\n print(\"Error while fetching %s cluster info\"%cluster_name)\n print(data.json().get('message_list',data.json().get('error_detail', data.json())))\n exit(1)\n \ndef _get_virtual_switch_uuid(virtual_switch_name):\n cluster = \"@@{cluster_name}@@\".strip()\n _cluster = _get_cluster_details(cluster)\n cluster_uuid = _cluster['uuid']\n payload = {\"entity_type\": \"distributed_virtual_switch\", \n \"filter\": \"name==%s\"%virtual_switch_name}\n url = _build_url(scheme=\"https\",\n resource_type=\"\/groups\") \n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n verify=False)\n if data.ok:\n _uuid = data.json()['group_results'][0]['entity_results'][0]['entity_id']\n _url = \"https:\/\/%s:9440\/api\/networking\/v2.a1\/dvs\/virtual-switches\/%s?proxyClusterUuid=%s\"%(PC_IP,\n _uuid,\n cluster_uuid)\n _data = requests.get(_url, auth=HTTPBasicAuth(pc_username, pc_password),verify=False)\n if _data.json()['data']['name'] == virtual_switch_name:\n print(\"virtual switch uuid ----> \",_uuid)\n return str(_uuid)\n else:\n print(\"Input Error :- %s virtual switch not present on %s\"%(virtual_switch_name, PC_IP))\n exit(1)\n else:\n print(\"Error while fetching virtual switch details :- \",data.json().get('message_list',\n data.json().get('error_detail', \n data.json())))\n\ndef _get_default_spec():\n return (\n {\n \"api_version\": \"3.1.0\",\n \"metadata\": {\"kind\": \"subnet\"},\n \"spec\": {\n \"name\": \"\",\n \"resources\": {\n \"ip_config\": {},\n \"subnet_type\": None,\n },\n },\n }\n )\n\ndef _get_ipam_spec(**params):\n ipam_spec = {}\n if params['set_ipam'] == 'yes':\n ipam_spec = _get_default_ipconfig_spec()\n ipam_config = params[\"ipam\"]\n ipam_spec[\"subnet_ip\"] = ipam_config[\"network_ip\"]\n ipam_spec[\"prefix_length\"] = ipam_config[\"network_prefix\"]\n ipam_spec[\"default_gateway_ip\"] = ipam_config[\"gateway_ip\"]\n pools = []\n pools.append(params[\"ip_pools\"])\n ipam_spec[\"pool_list\"] = pools\n return ipam_spec\n\ndef _get_default_ipconfig_spec():\n return (\n {\n \"subnet_ip\": None,\n \"prefix_length\": None,\n \"default_gateway_ip\": None,\n \"pool_list\": [],\n }\n )\n\ndef create_external_subnet(**params):\n params['ipam_spec'] = _get_ipam_spec(**params)\n cluster_details = _get_cluster_details(cluster_name=params['cluster_name'])\n payload = _get_default_spec()\n if params['uuid'] != \"None\":\n payload[\"spec\"]['uuid'] = params['uuid']\n payload[\"spec\"]['name'] = params['name']\n payload[\"spec\"][\"resources\"][\"subnet_type\"] = \"VLAN\"\n payload[\"spec\"][\"resources\"][\"vlan_id\"] = params['vlan_id']\n payload[\"spec\"][\"resources\"][\"ip_config\"] = params['ipam_spec']\n payload[\"spec\"][\"cluster_reference\"] = cluster_details\n if params['enable_nat'] == False:\n switch_details = _get_virtual_switch_uuid(params['virtual_switch_name'])\n payload[\"spec\"][\"resources\"][\"virtual_switch_uuid\"] = switch_details\n payload[\"spec\"][\"resources\"][\"is_external\"] = True\n payload[\"spec\"][\"resources\"][\"enable_nat\"] = params['enable_nat']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/subnets\")\n while True:\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username,pc_password),\n timeout=None, verify=False)\n if data.ok:\n task_uuid = wait_for_completion(data=data, vlan_id=params['vlan_id'])\n if task_uuid == {}:\n _uuid = data.json()['metadata']['uuid']\n _name = params['name']\n else:\n _uuid = task_uuid[\"uuid\"]\n _name = task_uuid[\"name\"]\n return {\"uuid\": _uuid, \"name\": _name}\n\n elif \"subnet exists with vlan id\" in str(data.json()).lower():\n _url = _build_url(scheme=\"https\",resource_type=\"\/subnets\/list\")\n _data = requests.post(_url, json={\"kind\":\"subnet\"},\n auth=HTTPBasicAuth(pc_username,pc_password),\n verify=False)\n if _data.ok:\n if _data.json()['metadata']['total_matches'] > 0:\n for _subnet in _data.json()['entities']:\n if \"vlan_id\" not in _subnet['spec']['resources'].keys():\n continue\n if _subnet['spec']['resources']['vlan_id'] == params['vlan_id']:\n return {\"uuid\":_subnet['metadata']['uuid'], \"name\":_subnet[\"spec\"][\"name\"]}\n print(\"Error :- No subnet found on host with VLAN ID %s\"%params['vlan_id'])\n exit(1)\n else:\n print(\"Error :- No subnet found on host\")\n exit(1)\n else:\n print(\"Error while fetching external subnet details.\")\n print(data.json().get('message_list', data.json().get('error_detail', data.json())))\n exit(1)\n else:\n print(\"Failed to create external subnet ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n\ndef wait_for_completion(data, vlan_id=None):\n if data.ok:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if responce.json()['status'] in ['PENDING', 'RUNNING','QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n if \"subnet exists with vlan id\" in str(responce.json()).lower():\n print(\"Another external subnet exist with sam VLAN ID, fetching details..\")\n _url = _build_url(scheme=\"https\",resource_type=\"\/subnets\/list\")\n _data = requests.post(_url, json={\"kind\":\"subnet\"},\n auth=HTTPBasicAuth(pc_username,pc_password),\n verify=False)\n if _data.ok:\n if _data.json()['metadata']['total_matches'] > 0:\n for _subnet in _data.json()['entities']:\n if \"vlan_id\" not in _subnet['spec']['resources'].keys():\n continue\n if _subnet['spec']['resources']['vlan_id'] == vlan_id:\n return {'uuid':_subnet['metadata']['uuid'],\"name\":_subnet['spec']['name']}\n print(\"Error :- No subnet found on host with VLAN ID %s\"%vlan_id)\n exit(1)\n else:\n print(\"Error :- No subnet found on host\")\n exit(1)\n else:\n print(\"Error while fetching external subnet details.\")\n print(data.json().get('message_list', data.json().get('error_detail', data.json())))\n exit(1)\n else:\n print(\"Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n return {}\n \ndef _get_vlan_id():\n url = _build_url(scheme=\"https\",resource_type=\"\/subnets\/list\")\n data = requests.post(url, json={\"kind\":\"subnet\"},\n auth=HTTPBasicAuth(pc_username, \n pc_password),\n timeout=None, verify=False)\n if data.ok:\n vlan_id = []\n for x in data.json()['entities']:\n print(x['spec']['resources'])\n vlan_id.append(x['spec']['resources'].get('vlan_id', 0))\n id = 10\n while True:\n if id in vlan_id:\n id+=1\n else:\n break\n return id\n else:\n print(\"Error while fetching subnet list :- \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\ndef set_params():\n params_dict = @@{external_subnet_items}@@\n params['name'] = params_dict['name']\n params['uuid'] = params_dict.get('uuid', \"None\")\n params['enable_nat'] = params_dict.get('enable_nat', False)\n params['cluster_name'] = params_dict.get('cluster', \"None\")\n params['vlan_id'] = @@{external_vlan_id}@@\n params['virtual_switch_name'] = params_dict.get('virtual_switch_name', \"None\")\n params['ipam'] = {}\n params['set_ipam'] = \"yes\"\n params['ipam']['network_ip'] = params_dict.get('network_ip', 'None')\n params['ipam']['network_prefix'] = params_dict.get('prefix', 'None')\n params['ipam']['gateway_ip'] = params_dict['gateway_ip']\n params['ip_pools'] = params_dict['ip_pools']\n\nparams = {}\nset_params()\nsubnet = create_external_subnet(**params)\nprint(\"external_subnet_details={}\".format(subnet))","eval_variables":["external_subnet_details"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create VPC","attrs":{"exit_status":[],"script":"#script\n\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"@@{PC_IP}@@\".strip()\npc_username = \"@@{prism_central_username}@@\".strip()\npc_password = \"@@{prism_central_passwd}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef _get_default_spec():\n return(\n {\n \"api_version\": \"3.1.0\",\n \"metadata\": {\"kind\": \"vpc\", \"categories\": {}},\n \"spec\": {\n \"name\": None,\n \"resources\": {\n \"external_subnet_list\": []\n },\n },\n })\n\ndef create_vpc(**params):\n payload = _get_default_spec()\n if params['uuid'] != \"None\":\n payload[\"spec\"]['uuid'] = params['uuid']\n payload[\"spec\"]['name'] = params['name']\n if params.get(\"common_domain_name_server_ip_list\", \"None\") != \"None\":\n payload[\"spec\"][\"resources\"][\"common_domain_name_server_ip_list\"] = \\\n params[\"common_domain_name_server_ip_list\"]\n payload[\"spec\"][\"resources\"][\"external_subnet_list\"] = \\\n params[\"external_subnet_list\"]\n if params.get(\"externally_routable_prefix_list\", \"None\") != \"None\":\n payload[\"spec\"][\"resources\"][\"externally_routable_prefix_list\"] = \\\n params[\"externally_routable_prefix_list\"]\n url = _build_url(scheme=\"https\",\n resource_type=\"\/vpcs\") \n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password ),\n timeout=None, verify=False)\n \n if not data.ok:\n print(\"Got Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n else:\n task_uuid = wait_for_completion(data)\n vpc = {\"name\": params['name'], \n \"uuid\":data.json()['metadata']['uuid'],\n \"create_vpc_task_uuid\": task_uuid}\n create_static_route(vpc[\"uuid\"])\n return vpc\n \ndef _get_route_spec(vpc_uuid, subnet_uuid,subnet_name):\n ip_prefix = \"0.0.0.0\/0\"\n url = _build_url(scheme=\"https\",\n resource_type=\"\/vpcs\/%s\/route_tables\"%vpc_uuid)\n data = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password), verify=False)\n if data.ok:\n responce = data.json()\n del responce[\"status\"]\n for x in [\"last_update_time\",\"creation_time\",\"spec_hash\",\"categories_mapping\",\"owner_reference\",\"categories\"]:\n if x in responce[\"metadata\"].keys():\n del responce[\"metadata\"][x]\n else:\n print(\"Error while fetching VPCs static route details.\")\n exit(1)\n static_route = {\"nexthop\": {\n \"external_subnet_reference\": {\n \"kind\": \"subnet\",\n \"name\": subnet_name,\n \"uuid\": subnet_uuid\n }\n },\n \"destination\": ip_prefix}\n responce[\"spec\"][\"resources\"][\"static_routes_list\"].append(static_route)\n return responce\n\ndef create_static_route(vpc_uuid):\n subnet = @@{external_subnet_details}@@\n subnet_uuid = subnet[\"uuid\"]\n subnet_name = subnet[\"name\"]\n payload = _get_route_spec(vpc_uuid, subnet_uuid, subnet_name)\n url = _build_url(scheme=\"https\",\n resource_type=\"\/vpcs\/%s\/route_tables\"%vpc_uuid)\n data = requests.put(url, json=payload, \n auth=HTTPBasicAuth(pc_username, pc_password), verify=False)\n wait_for_completion(data)\n \ndef wait_for_completion(data):\n if data.status_code in [200, 202]:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Got Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n print(\"Got Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n return data.json()['status']['execution_context']['task_uuid']\n\ndef set_params():\n params = {}\n print(\"##### creating VPC #####\")\n params_dict = @@{vpc_items}@@\n ext_subnet = @@{external_subnet_details}@@\n params['name'] = params_dict['name']\n params['uuid'] = params_dict.get('uuid', \"None\")\n if params_dict.get(\"dns_servers\", \"None\") != \"None\":\n params[\"common_domain_name_server_ip_list\"] = [{}]\n params[\"common_domain_name_server_ip_list\"][0]['ip'] = \\\n params_dict.get('dns_servers', 'None')\n params[\"external_subnet_list\"] = [{}]\n if params_dict.get(\"externally_routable_ip\", \"None\") != \"None\":\n params[\"externally_routable_prefix_list\"] = [{}]\n params[\"externally_routable_prefix_list\"][0][\"ip\"] = \\\n params_dict[\"externally_routable_ip\"]\n params[\"externally_routable_prefix_list\"][0][\"prefix_length\"] = \\\n params_dict[\"externally_routable_ip_prefix\"]\n \n if params_dict.get(\"external_subnet_name\", \"None\") != \"None\":\n params[\"external_subnet_list\"][0][\"external_subnet_reference\"] = {}\n params[\"external_subnet_list\"][0][\"external_subnet_reference\"][\"kind\"] = \"subnet\"\n params[\"external_subnet_list\"][0][\"external_subnet_reference\"][\"name\"] = \\\n params_dict[\"external_subnet_name\"]\n params[\"external_subnet_list\"][0][\"external_subnet_reference\"][\"uuid\"] = ext_subnet[\"uuid\"]\n \n if params_dict.get(\"external_subnet_uuid\", \"None\") != \"None\":\n params[\"external_subnet_list\"][0][\"external_subnet_reference\"][\"uuid\"] = \\\n params_dict['external_subnet_uuid']\n return params\nparams = set_params()\nvpc_details = create_vpc(**params)\nprint(\"vpc_details={}\".format(vpc_details))","eval_variables":["vpc_details"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create Overlay Subnet","attrs":{"exit_status":[],"script":"#script\n\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"@@{PC_IP}@@\".strip()\npc_username = \"@@{prism_central_username}@@\".strip()\npc_password = \"@@{prism_central_passwd}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef _get_default_spec():\n return (\n {\n \"api_version\": \"3.1.0\",\n \"metadata\": {\"kind\": \"subnet\"},\n \"spec\": {\n \"name\": \"\",\n \"resources\": {\n \"ip_config\": {},\n \"subnet_type\": None,\n },\n },\n }\n )\n\ndef _get_ipam_spec(**params):\n ipam_spec = {}\n if params['set_ipam'] == 'yes':\n ipam_spec = _get_default_ipconfig_spec()\n ipam_config = params[\"ipam\"]\n ipam_spec[\"subnet_ip\"] = ipam_config[\"network_ip\"]\n ipam_spec[\"prefix_length\"] = ipam_config[\"network_prefix\"]\n ipam_spec[\"default_gateway_ip\"] = ipam_config[\"gateway_ip\"]\n pools = []\n for ip_pools in params['ip_pool']:\n pools.append({\"range\": \"%s %s\"%(ip_pools['ip_pools_start_ip'], \n ip_pools['ip_pools_end_ip'])}) \n ipam_spec[\"pool_list\"] = pools\n if \"dhcp_options\" in ipam_config:\n dhcp_spec = _get_default_dhcp_spec()\n dhcp_config = ipam_config[\"dhcp_options\"]\n if dhcp_config['domain_name_server_list'] != 'None': \n dhcp_spec[\"domain_name_server_list\"] = dhcp_config[\"domain_name_server_list\"]\n if dhcp_config[\"domain_search_list\"] != 'None':\n dhcp_spec[\"domain_search_list\"] = dhcp_config[\"domain_search_list\"]\n if dhcp_config[\"domain_name\"] != 'None':\n dhcp_spec[\"domain_name\"] = dhcp_config[\"domain_name\"]\n if dhcp_config[\"boot_file_name\"] != 'None':\n dhcp_spec[\"boot_file_name\"] = dhcp_config[\"boot_file_name\"]\n if dhcp_config[\"tftp_server_name\"] != 'None':\n dhcp_spec[\"tftp_server_name\"] = dhcp_config[\"tftp_server_name\"]\n ipam_spec[\"dhcp_options\"] = dhcp_spec\n return ipam_spec\n\ndef _get_default_ipconfig_spec():\n return (\n {\n \"subnet_ip\": None,\n \"prefix_length\": None,\n \"default_gateway_ip\": None,\n \"pool_list\": [],\n }\n )\n\ndef _get_default_dhcp_spec():\n return (\n {\n \"domain_name_server_list\": [],\n \"domain_search_list\": [],\n \"domain_name\": \"\",\n \"boot_file_name\": \"\",\n \"tftp_server_name\": \"\",\n }\n )\n\ndef wait_for_completion(data):\n if data.status_code in [200, 202]:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Got Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n print(\"Got Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n return data.json()['status']['execution_context']['task_uuid'] \n \ndef create_overlay_subnet():\n params = {}\n print(\"##### Creating Overlay Subnets #####\")\n params_dict = @@{overlay_subnet_items}@@\n params['vpc_name'] = params_dict.get('vpc_name', 'None')\n params['ipam'] = {}\n params['set_ipam'] = \"yes\"\n params['ipam']['network_ip'] = params_dict.get('network_ip', 'None')\n params['ipam']['network_prefix'] = params_dict.get('prefix', 'None')\n params['ipam']['gateway_ip'] = params_dict.get('gateway_ip', 'None')\n params['ip_pool'] = params_dict['ip_pool']\n params['dhcp'] = params_dict.get('dhcp', 'None')\n params['ipam']['dhcp_options'] = {}\n params['ipam']['dhcp_options']['domain_name_server_list'] = params_dict.get('dns_servers', 'None')\n params['ipam']['dhcp_options']['domain_search_list'] = params_dict.get('domain_search', 'None')\n params['ipam']['dhcp_options']['domain_name'] = params_dict.get('domain_name', 'None')\n params['ipam']['dhcp_options']['boot_file_name'] = params_dict.get('boot_file', \"None\")\n params['ipam']['dhcp_options']['tftp_server_name'] = params_dict.get('tftp_server', \"None\")\n \n payload = _get_default_spec()\n if params_dict.get('vpc_name', 'None') != 'None':\n vpc_details = @@{vpc_details}@@\n params['vpc_reference'] = {\"kind\": \"vpc\", \"uuid\": vpc_details[\"uuid\"]}\n payload[\"spec\"][\"resources\"][\"vpc_reference\"] = params['vpc_reference']\n payload[\"spec\"]['name'] = params_dict['subnet_name']\n payload[\"spec\"][\"resources\"][\"subnet_type\"] = \"OVERLAY\"\n \n if params_dict.get('network_ip', 'None') != 'None':\n params['ipam_spec'] = _get_ipam_spec(**params)\n print(\"Overlay Subnet IP range - %s\"%params['ip_pool'])\n payload[\"spec\"][\"resources\"][\"ip_config\"] = params['ipam_spec']\n\n\n url = _build_url(scheme=\"https\",\n resource_type=\"\/subnets\") \n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n task_uuid = wait_for_completion(data)\n details = {\"uuid\":data.json()['metadata']['uuid'],\n \"name\": params_dict['subnet_name'],\n \"create_subnet_task_uuid\": task_uuid}\n print(\"overlay_subnet_details={}\".format(details))\ncreate_overlay_subnet()","eval_variables":["overlay_subnet_details"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create Project","attrs":{"exit_status":[],"script":"# script\n\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nROLE_ADMIN = \"Project Admin\"\nROLE_OPERATOR = \"Operator\"\nROLE_DEVELOPER = \"Developer\"\nROLE_CONSUMER = \"Consumer\"\nROOT_OU = 'tenants'\n\nPC_IP = \"localhost\"\nmanagement_username = \"@@{management_pc_username}@@\".strip()\nmanagement_password = \"@@{management_pc_password}@@\".strip()\n\ndef get_role_uuid(role_name):\n api_url = 'https:\/\/{}:9440\/api\/nutanix\/v3\/roles\/list'.format(PC_IP)\n payload = {\n 'filter': 'name=={}'.format(role_name),\n 'kind': 'role',\n 'offset': 0\n }\n r = requests.post(api_url, json=payload, \n auth=HTTPBasicAuth(management_username, management_password), \n timeout=None, verify=False)\n result = json.loads(r.content)\n if result.get('entities', 'None') != 'None':\n return result['entities'][0]['metadata']['uuid']\n else:\n print(\"Error :- {}\".format(r.content))\n exit(1)\n\ndef get_project_specs(project):\n url = _build_url(scheme=\"https\",\n resource_type=\"\/projects_internal\/{}\".format(project))\n data = requests.get(url,\n auth=HTTPBasicAuth(management_username, management_password),\n timeout=None, verify=False)\n if data.ok:\n return data.json()\n else:\n print(data.json())\n \ndef get_spec(role_uuid,user_uuid,user_name,idp_uuid,account_uuid,subnet_uuid,vpc_uuid,project_name,project_uuid,subnet_name):\n project_specs = get_project_specs(project_uuid)\n collection = \"ALL\"\n if \"@@{allow_collaboration}@@\".lower() == \"false\":\n collection = \"SELF_OWNED\"\n external_network = []\n subnet_reference = []\n if \"@@{account_name}@@\".strip() == \"NTNX_LOCAL_AZ\":\n subnet_reference = [\n {\n \"kind\": \"subnet\",\n \"name\": subnet_name,\n \"uuid\": subnet_uuid\n }\n ]\n else:\n external_network = [\n {\n \"name\": subnet_name,\n \"uuid\": subnet_uuid\n }\n ]\n \n return ({\n \"spec\": {\n \"access_control_policy_list\": [\n {\n \"acp\": {\n \"name\": \"Admin ACP-@@{calm_now}@@\",\n \"resources\": {\n \"role_reference\": {\n \"name\": \"Project Admin\",\n \"uuid\": role_uuid,\n \"kind\": \"role\"\n },\n \"user_group_reference_list\": [],\n \"user_reference_list\": [\n {\n \"name\": user_name,\n \"kind\": \"user\",\n \"uuid\": user_uuid\n }\n ],\n \"filter_list\": {\n \"context_list\": [\n {\n \"scope_filter_expression_list\": [\n {\n \"operator\": \"IN\",\n \"left_hand_side\": \"PROJECT\",\n \"right_hand_side\": {\n \"uuid_list\": [\n project_uuid\n ]\n }\n }\n ],\n \"entity_filter_expression_list\": [\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"ALL\"\n },\n \"right_hand_side\": {\n \"collection\": collection\n }\n }\n ]\n },\n {\n \"entity_filter_expression_list\": [\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"image\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"marketplace_item\"\n },\n \"right_hand_side\": {\n \"collection\": \"SELF_OWNED\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"directory_service\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"role\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"uuid_list\": [\n project_uuid\n ]\n },\n \"left_hand_side\": {\n \"entity_type\": \"project\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"user\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"user_group\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"environment\"\n },\n \"right_hand_side\": {\n \"collection\": \"SELF_OWNED\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"app_icon\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"category\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"app_task\"\n },\n \"right_hand_side\": {\n \"collection\": \"SELF_OWNED\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"app_variable\"\n },\n \"right_hand_side\": {\n \"collection\": \"SELF_OWNED\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"identity_provider\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"vm_recovery_point\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"cluster\"\n },\n \"right_hand_side\": {\n \"uuid_list\": [\"@@{cluster_uuid}@@\"]\n }\n }\n ]\n },\n {\n \"scope_filter_expression_list\": [\n {\n \"operator\": \"IN\",\n \"left_hand_side\": \"PROJECT\",\n \"right_hand_side\": {\n \"uuid_list\": [\n project_uuid\n ]\n }\n }\n ],\n \"entity_filter_expression_list\": [\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"blueprint\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"environment\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"marketplace_item\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n }\n ]\n }\n ]\n }\n },\n \"description\": \"project admin acp @@{calm_now}@@\"\n },\n \"metadata\": {\n \"kind\": \"access_control_policy\"\n },\n \"operation\": \"ADD\"\n }\n ],\n \"project_detail\": {\n \"name\": project_name,\n \"resources\": {\n \"external_network_list\": external_network,\n \"account_reference_list\": [\n {\n \"kind\": \"account\",\n \"uuid\": account_uuid\n }\n ],\n \"user_reference_list\": [\n {\n \"name\": user_name,\n \"kind\": \"user\",\n \"uuid\": user_uuid\n }\n ],\n \"default_subnet_reference\": {\n \"kind\": \"subnet\",\n \"uuid\": subnet_uuid\n },\n \"vpc_reference_list\": [\n {\n \"kind\": \"vpc\",\n \"uuid\": vpc_uuid\n }\n ],\n \"tunnel_reference_list\": [],\n \"external_user_group_reference_list\": [],\n \"subnet_reference_list\": subnet_reference,\n \"resource_domain\": {},\n \"cluster_reference_list\": [\n {\n \"kind\": \"cluster\",\n \"uuid\": \"@@{cluster_uuid}@@\"\n }\n ],\n \"environment_reference_list\": []\n },\n \"description\": \"Tenant Onboarding Project\"\n },\n \"user_list\": [\n {\n \"metadata\": {\n \"kind\": \"user\",\n \"uuid\": user_uuid\n },\n \"user\": {\n \"resources\": {\n \"directory_service_user\": {\n \"user_principal_name\": user_name,\n \"directory_service_reference\": {\n \"uuid\": idp_uuid,\n \"kind\": \"directory_service\"\n }\n }\n }\n },\n \"operation\": \"ADD\"\n }\n ],\n \"user_group_list\": []\n },\n \"api_version\": project_specs[\"api_version\"],\n \"metadata\": {\n \"kind\": \"project\",\n \"uuid\":project_uuid,\n \"spec_version\":project_specs[\"metadata\"][\"spec_version\"]\n }})\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef _get_default_spec():\n return (\n {\n \"api_version\": \"3.1.0\",\n \"metadata\": {\"kind\": \"project\"},\n \"spec\": {\n \"project_detail\" : {\n \"name\": \"\",\n \"resources\": {}\n }\n }\n }\n )\n \ndef _get_user_spec():\n return ({\n \"api_version\": \"3.1.0\",\n \"metadata\": {\n \"kind\" : \"user\"\n },\n \"spec\": {\n \"resources\": {}\n }\n })\n \ndef get_user_uuid(user, **params):\n payload = _get_user_spec() \n ad = @@{ad_details}@@\n payload['spec']['resources']['directory_service_user'] = {}\n payload['spec']['resources']['directory_service_user']\\\n ['user_principal_name'] = user.strip()\n\n payload['spec']['resources']['directory_service_user']\\\n ['directory_service_reference'] = {}\n payload['spec']['resources']['directory_service_user']\\\n ['directory_service_reference']['kind'] = \"directory_service\"\n payload['spec']['resources']['directory_service_user']\\\n ['directory_service_reference']['uuid'] = ad[\"ad_uuid\"]\n \n url = _build_url(scheme=\"https\",resource_type=\"\/users\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(management_username, \n management_password),\n timeout=None, verify=False) \n \n wait_for_completion(data)\n\n if not data.ok:\n if \"DUPLICATE\" in str(data.json()):\n _url = _build_url(scheme=\"https\",resource_type=\"\/users\/list\") \n _data = requests.post(_url, json={\"kind\":\"user\", \"length\":9999},\n auth=HTTPBasicAuth(management_username, \n management_password),\n timeout=None, verify=False) \n if user in str(_data.json()):\n for new_data in _data.json()['entities']:\n if new_data['status']['name'] == user:\n return new_data['metadata']['uuid']\n else:\n print(\"Error while Fetching user details----> \",data.json())\n exit(1)\n else:\n return data.json()['metadata']['uuid']\n \n url = _build_url(scheme=\"https\",\n resource_type=\"\/idempotence_identifiers\/salted\")\n payload = {\"name_list\":[user]}\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(management_username, management_password),\n timeout=None, verify=False) \n if data.ok:\n _uuid = data.json()[\"name_uuid_list\"][0][user]\n print(\"user_uuid----> %s\"%_uuid)\n return _uuid\n else:\n print(\"Error while fetching user details :- \",data.json())\n exit(1)\n \ndef create_empty_project(project_name):\n payload = {\n \"api_version\": \"3.0\",\n \"metadata\": {\n \"kind\": \"project\"\n },\n \"spec\": {\n \"project_detail\": {\n \"name\": project_name,\n \"resources\": {}\n },\n \"user_list\": [],\n \"user_group_list\": [],\n \"access_control_policy_list\": []\n }\n }\n \n url = _build_url(scheme=\"https\",resource_type=\"\/projects_internal\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(management_username, management_password),\n timeout=None, verify=False)\n \n if data.ok:\n wait_for_completion(data)\n else:\n print(\"Failed with Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n \n return data.json()[\"metadata\"][\"uuid\"]\n \ndef build_project(**params): \n vpc_details = @@{vpc_details}@@\n admin_role_uuid = get_role_uuid(ROLE_ADMIN)\n operator_role_uuid = get_role_uuid(ROLE_OPERATOR)\n developer_role_uuid = get_role_uuid(ROLE_DEVELOPER)\n consumer_role_uuid = get_role_uuid(ROLE_CONSUMER)\n print('ROLE_ADMIN_UUID={}'.format(admin_role_uuid))\n print('ROLE_OPERATOR_UUID={}'.format(operator_role_uuid))\n print('ROLE_DEVELOPER_UUID={}'.format(developer_role_uuid))\n print('ROLE_CONSUMER_UUID={}'.format(consumer_role_uuid))\n \n overlay_subnets = @@{overlay_subnet_details}@@\n subnet_uuid = overlay_subnets[\"uuid\"]\n subnet_name = overlay_subnets[\"name\"]\n \n account_uuid = \"\"\n if params.get('accounts', 'None') != \"None\":\n url = _build_url(scheme=\"https\",resource_type=\"\/accounts\/list\")\n data = requests.post(url, json={\"kind\":\"account\", \"filter\":\"name==%s\"%params['accounts']},\n auth=HTTPBasicAuth(management_username, management_password),\n timeout=None, verify=False) \n if params['accounts'] in str(data.json()):\n for new_data in data.json()['entities']:\n if new_data['metadata']['name'] == params['accounts']: \n account_uuid = new_data['metadata']['uuid']\n print(\"account_details={}\".format({\"uuid\": account_uuid}))\n else:\n print(\"Error : %s account not present on %s\"%(params['accounts'],PC_IP))\n exit(1) \n \n user_details = []\n all_users = []\n user = \"@@{project_admin_user}@@\".strip()\n user_uuid = get_user_uuid(user, **params)\n if user_uuid != \"None\":\n user_details.append({'name':user, 'uuid':user_uuid})\n print(\"user_details={}\".format(user_details))\n \n idp_uuid = @@{ad_details}@@\n print(\"group_details={}\".format([]))\n vpc_uuid = @@{vpc_details}@@\n project_uuid = create_empty_project(project_name=params['name'])\n payload = get_spec(role_uuid=admin_role_uuid, \n user_uuid=user_details[0][\"uuid\"], \n user_name=user_details[0][\"name\"], \n idp_uuid=idp_uuid[\"ad_uuid\"], \n account_uuid=account_uuid, \n subnet_uuid=subnet_uuid,\n vpc_uuid=vpc_uuid[\"uuid\"],\n project_name=params['name'],\n project_uuid=project_uuid,\n subnet_name=subnet_name)\n \n if params.get(\"quotas\", \"None\") != \"None\":\n payload[\"spec\"][\"project_detail\"][\"resources\"][\"resource_domain\"] = {} \n resources = []\n for resource in params['quotas']:\n if resource.get(\"mem_gb\", 0) != 0:\n mem_gb = resource[\"mem_gb\"] * 1024 * 1024 * 1024\n resources.append({\"resource_type\":\"MEMORY\", \"limit\":mem_gb})\n if resource.get(\"storage_gb\", 0) != 0:\n storage_gb = resource['storage_gb'] * 1024 * 1024 * 1024\n resources.append({\"resource_type\":\"STORAGE\", \"limit\":storage_gb})\n if resource.get(\"vcpu\", 0) != 0:\n resources.append({\"resource_type\":\"VCPUS\", \"limit\":resource['vcpu']})\n payload[\"spec\"][\"project_detail\"][\"resources\"][\"resource_domain\"] = {\"resources\": resources}\n \n url = _build_url(scheme=\"https\",resource_type=\"\/projects_internal\/%s\"%project_uuid)\n data = requests.put(url, json=payload,\n auth=HTTPBasicAuth(management_username, management_password),\n timeout=None, verify=False)\n\n if data.ok:\n wait_for_completion(data)\n else:\n print(\"Failed with Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n \n if 'status' not in data.json():\n print(\"Project %s not created successfully.\"%params['name'])\n print(data.json())\n exit(1)\n task_uuid = data.json()['status']['execution_context']['task_uuid']\n if 'metadata' in data.json():\n print(\"project_details={}\".format({\"uuid\":data.json()['metadata']['uuid'],\n \"name\": params['name'],\n \"create_project_task_uuid\": task_uuid}))\n else:\n print(\"Project not created successfully, Check inputs and payload\")\n print(data.json())\n exit(1)\n \ndef wait_for_completion(data):\n if data.ok:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(management_username,management_password), \n verify=False) \n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Got Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n state = data.json().get('state')\n if \"DUPLICATE_ENTITY\" not in str(data.json()):\n print(\"Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n\nprint(\"##### Creating a Project #####\")\nparams = @@{project_items}@@\nbuild_project(**params) ","eval_variables":["project_details","account_details","user_details","group_details","ROLE_DEVELOPER_UUID","ROLE_ADMIN_UUID","ROLE_OPERATOR_UUID","ROLE_CONSUMER_UUID"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create Tunnel for VPC","attrs":{"script":"#script\n\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"localhost\"\npc_user = \"@@{management_pc_username}@@\".strip()\npc_password = \"@@{management_pc_password}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef get_account_uuid():\n account = \"@@{account_name}@@\".strip()\n url = _build_url(scheme=\"https\",resource_type=\"\/accounts\/list\")\n data = requests.post(url, json={\"kind\":\"account\", \"filter\":\"name==%s\"%account},\n auth=HTTPBasicAuth(pc_user, pc_password),\n timeout=None, verify=False) \n if account in str(data.json()):\n for new_data in data.json()['entities']:\n if new_data['metadata']['name'] == account: \n account_uuid = new_data['metadata']['uuid']\n return account_uuid\n else:\n print(\"Error : %s account not present on %s\"%(account,PC_IP))\n exit(1) \n \ndef get_spec(**params):\n url = _build_url(scheme=\"https\",\n resource_type=\"\/idempotence_identifiers\")\n data = requests.post(url, json={\"count\": 1,\"valid_duration_in_minutes\": 527040},\n auth=HTTPBasicAuth(pc_user, pc_password),\n timeout=None, verify=False) \n if data.ok:\n _uuid = data.json()['uuid_list'][0]\n else:\n print(\"Error :- Failed to generate Idempotence UUID.\")\n exit(1)\n \n #account_uuid = get_account_uuid()\n \n return (\n {\"api_version\": \"3.1.0\",\n \"metadata\": {\n \"kind\": \"network_group_tunnel\"\n },\n \"spec\": {\n \"resources\": {\n \"platform_vpc_uuid_list\": [\n params[\"vpc_uuid\"]\n ],\n \"tunnel_reference\": {\n \"kind\": \"tunnel\",\n \"uuid\": _uuid,\n \"name\": params[\"tunnel_name\"]\n },\n \"account_reference\": {\n \"kind\": \"account\",\n \"uuid\": params[\"account_uuid\"]\n },\n \"tunnel_vm_spec\": {\n \"vm_name\": params[\"tunnel_name\"]+\"_\"+params[\"vpc_name\"]+\"_TunnelVM\",\n \"subnet_uuid\": params[\"overlay_subnet_uuid\"],\n \"cluster_uuid\": params[\"cluster_uuid\"]\n }\n },\n \"name\": params[\"tunnel_name\"]\n }\n })\n\ndef create_tunnel(**params):\n payload = get_spec(**params)\n url = _build_url(scheme=\"https\",\n resource_type=\"network_groups\/tunnels\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_user,pc_password),\n timeout=None, verify=False)\n wait_for_completion(data)\n \ndef wait_for_completion(data):\n if data.ok:\n state = 'PENDING'\n while state == \"PENDING\":\n _uuid = data.json()[\"request_id\"]\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_user, pc_password),\n verify=False) \n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Error occured ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', \n responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"SUCCEEDED\"\n else:\n print(\"Error occured ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n\nvpc = @@{vpc_details}@@\n#account = @@{account_details}@@\noverlay_subnet = @@{overlay_subnet_details}@@\nparams = {\"vpc_name\" : vpc[\"name\"],\n \"vpc_uuid\" : vpc[\"uuid\"],\n \"account_name\" : \"@@{account_name}@@\".strip(),\n \"account_uuid\" : get_account_uuid(),\n \"overlay_subnet_uuid\" : overlay_subnet[\"uuid\"],\n \"cluster_uuid\" : \"@@{cluster_uuid}@@\",\n \"tunnel_name\" : \"@@{tenant_name}@@_VPC_Tunnel\"\n }\ncreate_tunnel(**params)","type":"","command_line_args":"","exit_status":[],"script_type":"static"},"timeout_secs":"0","type":"EXEC","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Set Quota","attrs":{"script":"# script\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"localhost\"\npc_username = \"@@{management_pc_username}@@\".strip()\npc_password = \"@@{management_pc_password}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef cluster_details(cluster=None):\n cluster_name = \"@@{cluster_name}@@\".strip()\n if cluster != None:\n cluster_name = cluster\n payload = {\"kind\": \"cluster\"}\n url = _build_url(scheme=\"https\",\n resource_type=\"\/clusters\/list\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if data.ok:\n for _cluster in data.json()['entities']:\n if _cluster['status']['name'] == cluster_name:\n return(str(_cluster['metadata']['uuid']))\n print(\"Input Error :- Given cluster %s not present on %s\"%(cluster_name, PC_IP))\n exit(1)\n else:\n print(\"Error while fetching %s cluster info\"%cluster_name)\n print(data.json().get('message_list',data.json().get('error_detail', data.json())))\n exit(1)\n \ndef add_quotas(account,**params):\n if params.get(\"quotas\", \"None\") != \"None\":\n memory = 0\n disk = 0\n vcpus = 0\n for resource in params['quotas']:\n if resource.get(\"mem_gb\", 0) != 0:\n mem_gb = resource[\"mem_gb\"] * 1024 * 1024 * 1024\n memory = mem_gb\n if resource.get(\"storage_gb\", 0) != 0:\n storage_gb = resource['storage_gb'] * 1024 * 1024 * 1024\n disk = storage_gb\n if resource.get(\"vcpu\", 0) != 0:\n vcpus = resource['vcpu']\n \n cluster_uuid = \"@@{cluster_uuid}@@\"\n project_details = @@{project_details}@@\n account_details = @@{account_details}@@\n entities = {}\n entities[\"account\"]=account_details['uuid']\n entities[\"cluster\"]=cluster_uuid\n entities[\"project\"]=project_details['uuid']\n\n if not account:\n entities = {\"project\": project_details['uuid']}\n \n url = _build_url(scheme=\"https\",\n resource_type=\"\/idempotence_identifiers\")\n data = requests.post(url, json={\"count\": 1,\"valid_duration_in_minutes\": 527040},\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n _uuid = data.json()['uuid_list'][0]\n payload = ({\n \"metadata\": {\n \"kind\": \"quota\",\n \"project_reference\": {\n \"kind\": \"project\",\n \"name\": project_details['name'],\n \"uuid\": project_details['uuid']\n },\n \"uuid\": _uuid\n },\n \"spec\": {\n \"resources\": {\n \"data\": {\n \"disk\": disk,\n \"vcpu\": vcpus,\n \"memory\": memory\n },\n \"entities\": entities,\n \"metadata\": {},\n \"uuid\": _uuid\n }\n }})\n \n url = \"https:\/\/{}:9440\/api\/calm\/v3.0\/quotas\".format(PC_IP)\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, \n pc_password),\n timeout=None, verify=False)\n wait_for_completion(data) \n else:\n print(\"Quota not set for project %s\"%project_details['name'])\n \n enable_quota_state(account_details['uuid'], project_details['uuid'])\n \ndef enable_quota_state(account, project):\n payload = {\"spec\":{\n \"resources\":{\n \"entities\":{\n \"project\":project},\n \"state\":\"enabled\"\n }\n }\n }\n \n url = \"https:\/\/{}:9440\/api\/calm\/v3.0\/quotas\/update\/state\".format(PC_IP)\n data = requests.put(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n wait_for_completion(data) \n \n payload = {\"spec\":{\n \"resources\":{\n \"entities\":{\n \"account\":account,\n \"project\":project},\n \"state\":\"enabled\"\n }\n }\n }\n \n url = \"https:\/\/{}:9440\/api\/calm\/v3.0\/quotas\/update\/state\".format(PC_IP)\n data = requests.put(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n wait_for_completion(data) \n \ndef wait_for_completion(data):\n if data.status_code in [200, 202]:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_username,pc_username), \n verify=False) \n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Got Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n print(\"Got Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n\nif (@@{project_vcpu}@@ != 0) or (@@{project_memory}@@ != 0) or (@@{project_disk_size}@@ != 0):\n params = @@{project_items}@@\n add_quotas(account=False,**params)\n params = @@{account_items}@@\n add_quotas(account=True,**params)\nelse:\n print(\"Info : Not setting Projects Quota, All Quota values are zero.\")","type":"","command_line_args":"","exit_status":[],"script_type":"static"},"timeout_secs":"0","type":"EXEC","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create Environment","attrs":{"exit_status":[],"script":"# script\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"@@{PC_IP}@@\".strip()\npc_username = \"@@{prism_central_username}@@\".strip()\npc_password = \"@@{prism_central_passwd}@@\".strip()\n\nmanagement_username = \"@@{management_pc_username}@@\".strip()\nmanagement_password = \"@@{management_pc_password}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n \ndef get_cluster_account_uuid():\n cluster_name = \"@@{cluster_name}@@\".strip()\n account_name = \"@@{account_name}@@\".strip()\n url = _build_url(scheme=\"https\",host=\"localhost\",resource_type=\"\/accounts\/list\")\n data = requests.post(url, json={\"kind\":\"account\",\"length\": 250},\n auth=HTTPBasicAuth(management_username, management_password),\n timeout=None, verify=False)\n if not data.ok:\n print(\"Error while fetching account details. -->\", data.json())\n exit(1)\n \n if account_name in str(data.json()):\n for new_data in data.json()['entities']:\n if new_data['metadata']['name'] == account_name:\n for _cluster in new_data[\"status\"][\"resources\"][\"data\"][\"cluster_account_reference_list\"]:\n if _cluster[\"resources\"][\"data\"][\"cluster_name\"] == cluster_name:\n return _cluster[\"uuid\"]\n print(\"Error : %s account not present on %s\"%(account_name,PC_IP))\n exit(1)\n else:\n print(\"Error : %s account not present on %s\"%(account_name,PC_IP))\n exit(1)\n \ndef _get_spec():\n tenantuuid = \"@@{tenant_uuid}@@\"\n account = get_cluster_account_uuid()\n print(\"Cluster account uuid : \",account)\n project_account = @@{account_details}@@\n project = @@{project_details}@@\n vpc_details = @@{vpc_details}@@\n project_subnet = @@{overlay_subnet_details}@@\n env_memory = (@@{project_memory}@@ \/ 2) * 1024\n subnet_references = []\n \n connection_type = \"POWERSHELL\"\n connection_port = 5985\n connection_protocol = \"http\"\n if \"@@{environment_os}@@\" == \"Linux\":\n connection_type = \"SSH\"\n connection_port = 22\n connection_protocol = \"\"\n \n nic_list = []\n nics = {}\n nics['subnet_reference'] = {'uuid': project_subnet[\"uuid\"]}\n subnet_references.append({'uuid': project_subnet[\"uuid\"]})\n nic_list.append(nics)\n \n url = _build_url(scheme=\"https\",\n resource_type=\"\/idempotence_identifiers\")\n data = requests.post(url, json={\"count\": 2,\"valid_duration_in_minutes\": 527040},\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n creds_uuid = \"\"\n substrate_uuid = \"\"\n if data.ok:\n creds_uuid = data.json()['uuid_list'][0]\n substrate_uuid = data.json()['uuid_list'][1]\n\n _creds_type = \"@@{credential_type}@@\"\n credential_definition_list = [\n \t\t{\n \t\t\"name\": \"@@{tenant_name}@@_cred\",\n \t\t\"type\": _creds_type,\n \t\t\"username\": \"@@{credential_username}@@\".strip(),\n \t\t\"secret\": {\n \t\t\"attrs\": {\n \t\t\"is_secret_modified\": True,\n \t\"secret_reference\" : {}\n \t\t},\n \t\t\"value\": \"\"\"@@{password_or_key}@@\"\"\"\n \t\t},\n \t\t\"uuid\": creds_uuid\n \t\t}]\n \n if _creds_type == \"KEY\":\n _pass = {\"passphrase\": {\n \"attrs\": {\n \"is_secret_modified\": True,\n },\n \"value\": \"@@{prism_central_passwd}@@\".strip()\n }\n }\n credential_definition_list[0].update(_pass)\n\n gpu_list = []\n disk_list = []\n boot_type = \"LEGACY\"\n boot_adapter = \"SCSI\"\n image_uuid = \"\"\n boot_index = 0\n boot_adapter = \"SCSI\"\n url = _build_url(scheme=\"https\",host=\"@@{PC_IP}@@\".strip(), resource_type=\"\/images\/list\")\n data = requests.post(url, json={\"kind\":\"image\", \"filter\":\"name==%s\"%\"@@{image_name}@@\".strip()},\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n if data.ok:\n if data.json()[\"metadata\"][\"total_matches\"] == 1:\n image_uuid = data.json()['entities'][0]['metadata']['uuid']\n else:\n print(\"There are '%s' total images with name - @@{image_name}@@\"%(\\\n data.json()[\"metadata\"][\"total_matches\"]))\n exit(1)\n else:\n print(\"Error -- %s Image not present on %s\"%(\"@@{image_name}@@\", PC_IP))\n disk_list.append({\n \"data_source_reference\": {\n \"kind\": \"image\",\n \"name\": \"@@{image_name}@@\".strip(),\n \"uuid\": image_uuid\n },\n \"device_properties\": {\n \"device_type\": \"DISK\",\n \"disk_address\": {\n \"device_index\": 0,\n \"adapter_type\": \"SCSI\"\n }\n }\n })\n\n serial_port = []\n serial_port.append({\"index\": 0, \"is_connected\": True})\n \n return ({\n \t\t\"api_version\": \"3.0\",\n \t\t\"metadata\": {\n \t\t\"kind\": \"environment\",\n \t\t\"project_reference\": {\n \t\t\"kind\": \"project\",\n \t\t\"name\": project['name'],\n \t\t\"uuid\": project['uuid']\n \t\t}\n \t\t},\n \t\t\"spec\": {\n \t\t\"name\": project['name']+\"_Environment\",\n \t\t\"description\": tenantuuid+project['name'],\n \t\t\"resources\": {\n \t\t\"substrate_definition_list\": [\n \t\t{\n \t\t\"variable_list\": [],\n \t\t\"type\": \"AHV_VM\",\n \t\t\"os_type\": \"@@{environment_os}@@\",\n \t\t\"action_list\": [],\n \t\t\"create_spec\": {\n \t\t\"name\": project['name']+\"_VM_@@{calm_random}@@\",\n \"categories\": {},\n \"cluster_reference\": {\n \"kind\": \"cluster\",\n \"name\": \"@@{cluster_name}@@\".strip(),\n \"uuid\": \"@@{cluster_uuid}@@\".strip()\n },\n \t\t\"resources\": {\n \t\t\"disk_list\": disk_list,\n \"gpu_list\": gpu_list,\n \"serial_port_list\": serial_port,\n \t\t\"nic_list\": nic_list,\n #\"power_state\": \"ON\",\n \t\t\"boot_config\": {\n \t\t\"boot_device\": {\n \t\t\"disk_address\": {\n \t\t\"device_index\": boot_index,\n \t\t\"adapter_type\": boot_adapter\n \t\t}\n \t\t},\n \t\t\"boot_type\": boot_type\n \t\t},\n \t\t\"num_sockets\": 2,\n \t\t\"num_vcpus_per_socket\": 1,\n \t\t\"memory_size_mib\": env_memory,\n \t\t\"account_uuid\": account\n \n \t\t},\n \t\t\"categories\": {\"TenantName\":\"@@{tenant_name}@@\".strip()}\n \t\t},\n \t\t\"readiness_probe\": {\n \t\t\"disable_readiness_probe\": True,\n \t\t\"connection_type\": connection_type,\n \t\t\"connection_port\": connection_port,\n \"connection_protocol\": connection_protocol,\n \"delay_secs\": \"5\",\n \t\t\"login_credential_local_reference\": {\n \t\t\"kind\": \"app_credential\",\n \t\t\"uuid\": creds_uuid\n \t\t},\n \"address\": \"\"\n \t\t},\n \t\t\"name\": \"@@{tenant_name}@@\".strip(),\n \"uuid\": substrate_uuid\n \t\t}\n \t\t],\n \t\t\"credential_definition_list\": credential_definition_list,\n \t\t\"infra_inclusion_list\": [\n \t\t{\n \t\t\"account_reference\": {\n \t\t\"uuid\": project_account['uuid'],\n \t\t\"kind\": \"account\"\n \t\t},\n \t\t\"type\": \"nutanix_pc\",\n \t\t\"subnet_references\": subnet_references,\n \t\t\"default_subnet_reference\": subnet_references[0],\n \"vpc_references\": [{\"uuid\":vpc_details[\"uuid\"]}],\n \"cluster_references\": [{\"uuid\":\"@@{cluster_uuid}@@\"}]\n \t\t}\n \t\t]\n \t\t}\n \t\t}})\n\ndef create_env():\n payload = _get_spec()\n guest_customization = {}\n if \"\"\"@@{guest_customization_script}@@\"\"\".lower() not in [\"\".strip(), \"none\", \"na\"]:\n if \"@@{environment_os}@@\" == \"Windows\":\n guest_customization = {\"sysprep\":{\"install_type\": 'FRESH',\n \"unattend_xml\": \"\"\"@@{guest_customization_script}@@\"\"\"}}\n else:\n guest_customization = {\"cloud_init\":{\"user_data\": \"\"\"@@{guest_customization_script}@@\"\"\"}}\n payload['spec']['resources']['substrate_definition_list'][0]['create_spec']\\\n ['resources']['guest_customization'] = guest_customization\n \n url = _build_url(scheme=\"https\",host=\"localhost\", resource_type=\"\/environments\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(management_username,management_password),\n timeout=None, verify=False)\n if not data.ok:\n print(\"Error while creating environment ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n return {\"uuid\": data.json()['metadata']['uuid'],\n \t\t\t\"name\":payload['spec']['name'],\n \"default\": True}\nenvironment = {}\nif \"@@{create_environment}@@\".lower() == \"yes\":\n environment = create_env()\nprint(\"environment_details={}\".format(environment))","eval_variables":["environment_details"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Update Project","attrs":{"script":"# script\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"localhost\"\npc_username = \"@@{management_pc_username}@@\".strip()\npc_password = \"@@{management_pc_password}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n \ndef _get_spec(project):\n url = _build_url(scheme=\"https\",\n resource_type=\"\/projects_internal\/{}\".format(project))\n data = requests.get(url,\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n return data.json()\n \ndef update_project(**params):\n project = @@{project_details}@@\n project_items = @@{project_items}@@\n payload = _get_spec(project['uuid'])\n for x in ['categories', 'categories_mapping', 'creation_time', 'last_update_time', 'owner_reference']:\n del payload['metadata'][x]\n del payload['status']\n payload['spec']['access_control_policy_list'][0]['operation'] = \"UPDATE\"\n #payload['spec']['access_control_policy_list'][0]['acp']\\\n # ['resources']['filter_list']['context_list'][0]\\\n # ['scope_filter_expression_list'][0]['right_hand_side']['uuid_list'] = [project['uuid']]\n \n #payload['spec']['access_control_policy_list'][0]['acp']['resources']\\\n # ['filter_list']['context_list'][1]['entity_filter_expression_list']\\\n # [4]['right_hand_side']['uuid_list'] = [project['uuid']]\n \n \n #payload['spec']['access_control_policy_list'][0]['acp']['resources']\\\n # ['filter_list']['context_list'][2]['scope_filter_expression_list']\\\n # [0]['right_hand_side']['uuid_list'] = [project['uuid']]\n \n environment_details = @@{environment_details}@@\n payload['spec']['project_detail']['resources']['environment_reference_list'] = []\n if \"@@{create_environment}@@\".lower() == \"yes\":\n payload['spec']['project_detail']['resources']\\\n ['environment_reference_list'].append({\"kind\":\"environment\",\n \"uuid\":environment_details['uuid']})\n payload['spec']['project_detail']['resources']\\\n [\"default_environment_reference\"] = {\"kind\":\"environment\",\n \"uuid\":environment_details['uuid']}\n \n url = _build_url(scheme=\"https\",\n resource_type=\"\/projects_internal\/{}\".format(project['uuid']))\n data = requests.put(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n if data.ok:\n task = wait_for_completion(data) \n print(\"Project %s updated successfully\"%project['name'])\n else:\n print(\"Error while updating project : %s\"%data.json())\n exit(1)\n \ndef wait_for_completion(data):\n if data.ok:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(\n pc_username, pc_password),\n verify=False)\n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Error in project update ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n state = data.json().get('state')\n print(\"Error in project update ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n\nparams = @@{project_items}@@\nupdate_project(**params)","type":"","command_line_args":"","exit_status":[],"script_type":"static"},"timeout_secs":"0","type":"EXEC","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create Protection Policy","attrs":{"script":"# script\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"localhost\"\npc_username = \"@@{management_pc_username}@@\".strip()\npc_password = \"@@{management_pc_password}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef get_policy_spec(**params):\n url = _build_url(scheme=\"https\",\n resource_type=\"\/idempotence_identifiers\")\n data = requests.post(url, json={\"count\": 1,\"valid_duration_in_minutes\": 527040},\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False) \n _uuid = \"\"\n if data.ok:\n _uuid = data.json()['uuid_list'][0]\n else:\n print(\"Error :- Failed to generate UUID for app_protection_rule\")\n exit(1)\n return (\n {\n \"api_version\": \"3.0\",\n \"metadata\": {\n \"kind\": \"app_protection_policy\",\n \"project_reference\": {\n \"kind\": \"project\",\n \"uuid\": params['project_uuid']\n }\n },\n \"spec\": {\n \"name\": \"Snapshot_Policy_@@{tenant_name}@@\",\n \"description\": \"\",\n \"resources\": {\n \"is_default\": True,\n \"ordered_availability_site_list\": [\n {\n \"environment_reference\": {\n \"kind\": \"environment\",\n \"uuid\": params['environment']\n },\n \"infra_inclusion_list\": {\n \"type\": \"nutanix_pc\",\n \"account_reference\": {\n \"kind\": \"account\",\n \"uuid\": params['account_uuid']\n },\n \"cluster_references\": [\n {\n \"kind\": \"cluster\",\n \"uuid\": params['cluster_uuid']\n }\n ]\n }\n }\n ],\n \"app_protection_rule_list\": [\n {\n \"name\": \"Protection_rule_@@{tenant_name}@@\",\n \"enabled\": True,\n \"local_snapshot_retention_policy\": {\n \"snapshot_expiry_policy\": {\n \"multiple\": 0\n }\n },\n \"first_availability_site_index\": 0,\n \"second_availability_site_index\": 0,\n \"uuid\": _uuid\n }\n ]\n }\n }\n })\n\ndef protection_policy(**params):\n payload = get_policy_spec(**params)\n url = \"https:\/\/%s:9440\/api\/calm\/v3.0\/app_protection_policies\"%PC_IP\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username,pc_password),\n timeout=None, verify=False)\n #print(\"protection_policy_uuid={}\".format(data.json()[\"metadata\"][\"uuid\"]))\n #print(\"protection_rule_uuid={}\".format(data.json()[\"spec\"]\\\n # [\"resources\"][\"app_protection_rule_list\"][0][\"uuid\"]))\n wait_for_completion(data)\n \ndef wait_for_completion(data):\n if data.ok:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(\n pc_username, pc_password),\n verify=False)\n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Failed to create Snapshot Policy ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n state = data.json().get('state')\n print(\"Failed to create Snapshot Policy ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n \nparams = {}\nproject = @@{project_details}@@\nenvironment = @@{environment_details}@@\naccount = @@{account_details}@@\n\nparams['project_uuid'] = project['uuid']\nparams['environment'] = environment.get('uuid', None)\nparams['account_uuid'] = account['uuid']\nparams['cluster_uuid'] = \"@@{cluster_uuid}@@\"\n\nif environment:\n protection_policy(**params)\n print(\"Snapshot Policy Created Successfully.\")\nelse:\n print(\"Add environments to start creating snapshot policies.\")","type":"","command_line_args":"","exit_status":[],"script_type":"static"},"timeout_secs":"0","type":"EXEC","variable_list":[]}],"description":"","name":"a4e81cce_runbook","main_task_local_reference":{"kind":"app_task","name":"8ee0af0e_dag"},"variable_list":[{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"management_pc_username","value":"admin","label":"Management PC Username","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"SECRET","name":"management_pc_password","value":"YdadLuD85gUXq+wBkj1iEm\/37Mn09rlz8xOBFtyj\/3VO0wZe0Ko29i2ygA==:utf-8","label":"Management PC Password","attrs":{"is_secret_modified":false,"secret_reference":{},"type":"SECRET"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":""},"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"tenant_name","value":"uat1","label":"Tenant Name","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"Click \"yes\" to cleanup any previous failed setup.","data_type":"BASE","type":"LOCAL","name":"delete_existing","value":"Yes","label":"Delete Existing setup","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":["Yes","No"]}},{"val_type":"STRING","is_mandatory":true,"description":"Example :- 10.44.46.56","data_type":"BASE","type":"LOCAL","name":"PC_IP","value":"10.44.76.167","label":"Workload PC IP","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^.*$"},"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"SECRET","name":"prism_central_username","value":"plVECCufHsiAw+TY8cLobbfK5Am7NOe6XBzztEekYjz5wygV\/A==:utf-8","label":"Workload PC Username","attrs":{"is_secret_modified":false,"secret_reference":{},"type":"SECRET"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"SECRET","name":"prism_central_passwd","value":"GXwvHLJ9a7HdiKXeE9rpwRLttLluc1mQYpuMGMV2oGBE7khIGOL4gPfkrA==:utf-8","label":"Workload PC Password","attrs":{"is_secret_modified":false,"secret_reference":{},"type":"SECRET"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"Example :- ldap:\/\/10.46.8.66:389","data_type":"BASE","type":"LOCAL","name":"active_directory_url","value":"ldap:\/\/10.46.8.66:389","label":"Active Directory URL","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"Example :- corp.company.ca","data_type":"BASE","type":"LOCAL","name":"active_directory_domain","value":"qa.nucalm.io","label":"Active Directory Domain Name","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"SECRET","name":"active_directory_user","value":"ztjdeHPCjpcz4vZvZm+w6wdUcaJ2Llgurub776AKmaVJOJa1gT4tZJRwSbIKJPSTqj9BYwPxzxDY7w==:utf-8","label":"Active Directory Username","attrs":{"is_secret_modified":false,"secret_reference":{},"type":"SECRET"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"SECRET","name":"active_directory_password","value":"iYWZhZ8Eua2RTwZzZfQxhzjFW05WILA6Z1NvGgUtmUQPiwB7BoCgfJz2:utf-8","label":"Active Directory Password","attrs":{"is_secret_modified":false,"secret_reference":{},"type":"SECRET"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"Example :- pjadmin@corp.company.ca","data_type":"BASE","type":"LOCAL","name":"project_admin_user","value":"ssptest1@qa.nucalm.io","label":"Project Admin","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"cluster_name","value":"auto_cluster_prod_f38da47d51f4","label":"Cluster Name","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"virtual_switch","value":"vs0","label":"Virtual Switch Name","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^[\\d]*$"},"val_type":"INT","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"external_vlan_id","value":"49","label":"External VLAN ID","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"Example :- 10.20.30.0\/24","data_type":"BASE","type":"LOCAL","name":"external_subnet_ip","value":"10.44.44.0\/24","label":"External Subnet IP with Prefix","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"Enter Start IP followed by End IP. Example :- 10.20.30.2-10.20.30.10","data_type":"BASE","type":"LOCAL","name":"external_subnet_ip_pool","value":"10.44.44.2-10.44.44.10","label":"External Subnet IP Pool Range","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"Example :- 10.20.30.1","data_type":"BASE","type":"LOCAL","name":"external_subnet_gateway_ip","value":"10.44.44.1","label":"External Subnet Gateway IP","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"external_subnet_nat","value":"True","label":"External Subnet NAT","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":["True","False"]}},{"val_type":"STRING","is_mandatory":true,"description":"Example :- 10.10.10.0\/24","data_type":"BASE","type":"LOCAL","name":"overlay_subnet_ip","value":"10.20.10.0\/24","label":"Overlay Subnet IP With Prefix","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"overlay_subnet_gateway_ip","value":"10.20.10.1","label":"Overlay Subnet Gateway IP","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"account_name","value":"policy_account","label":"Account Name","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^[\\d]*$"},"val_type":"INT","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"project_vcpu","value":"6","label":"Quota : vCPUs ","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^[\\d]*$"},"val_type":"INT","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"project_memory","value":"12","label":"Quota : Memory in GB","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^[\\d]*$"},"val_type":"INT","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"project_disk_size","value":"50","label":"Quota : Disk Size in GB","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"allow_collaboration","value":"True","label":"Allow Project Collaboration","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":["True","False"]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"create_environment","value":"Yes","label":"Create Project Environment with Default Values","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":["Yes","No"]}},{"val_type":"STRING","is_mandatory":true,"description":"Required only if creating environment with default values.","data_type":"BASE","type":"LOCAL","name":"environment_os","value":"Linux","label":"Environment operating system","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":["Linux","Windows"]}},{"val_type":"STRING","is_mandatory":true,"description":"Required only if creating environment with default values.","data_type":"BASE","type":"LOCAL","name":"image_name","value":"Centos7HadoopMaster","label":"Image Name","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^(.|\\n)*$"},"val_type":"MULTILINE_STRING","is_mandatory":false,"description":"Should be base64 encoded for Linux and XML for Windows.","data_type":"BASE","type":"LOCAL","name":"guest_customization_script","value":"I2Nsb3VkLWNvbmZpZwp1c2VyczoKICAtIG5hbWU6IG51dGFuaXgKICAgIHNzaC1hdXRob3JpemVkLWtleXM6CiAgICAgIC0gc3NoLXJzYSBLRVkKICAgIHN1ZG86IFsnQUxMPShBTEwpIE5PUEFTU1dEOkFMTCddCiAgICBncm91cHM6IHN1ZG8KICAgIHNoZWxsOiAvYmluL2Jhc2gKCnBhY2thZ2VzOgogIC0gaHR0cGQ=","label":"Guest Customization Script","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"credential_username","value":"root","label":"Environment Credential Username","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"credential_type","value":"KEY","label":"Credential Type","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":["PASSWORD","KEY"]}},{"regex":{"should_validate":false,"value":"^(.|\\n)*$"},"val_type":"MULTILINE_STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"password_or_key","value":"-----BEGIN OPENSSH PRIVATE KEY-----\nb3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS\n1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQR9WZPeBSvixkhjQOh9yCXXlEx5CN9M\nyh94CJJ1rigf8693gc90HmahIR5oMGHwlqMoS7kKrRw+4KpxqsF7LGvxAAAAqJZtgRuWbY\nEbAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH1Zk94FK+LGSGNA\n6H3IJdeUTHkI30zKH3gIknWuKB\/zr3eBz3QeZqEhHmgwYfCWoyhLuQqtHD7gqnGqwXssa\/\nEAAAAgBzKpRmMyXZ4jnSt3ARz0ul6R79AXAr5gQqDAmoFeEKwAAAAOYWpAYm93aWUubG9j\nYWwBAg==\n-----END OPENSSH PRIVATE KEY-----","label":"Password Or Key","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}}]}},"name":"Tenant Onboarding with AD_merge"},"api_version":"3.0","metadata":{"last_update_time":"1688635410235879","kind":"runbook","spec_version":36,"creation_time":"1688561383279539","name":"Tenant Onboarding with AD_merge"}} \ No newline at end of file +{"status":{},"contains_secrets":true,"product_version":"3.7.2.1","spec":{"description":"","resources":{"endpoints_information":[],"endpoint_definition_list":[],"client_attrs":{},"credential_definition_list":[],"runbook":{"task_definition_list":[{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[{"kind":"app_task","name":"Precheck Validation"},{"kind":"app_task","name":"Generate Tenant UID"},{"kind":"app_task","name":"Create Categories"},{"kind":"app_task","name":"Configure AD"},{"kind":"app_task","name":"Create External Subnet"},{"kind":"app_task","name":"Create VPC"},{"kind":"app_task","name":"Create Overlay Subnet"},{"kind":"app_task","name":"Create Project"},{"kind":"app_task","name":"Create Tunnel for VPC"},{"kind":"app_task","name":"Set Quota"},{"kind":"app_task","name":"Create Environment"},{"kind":"app_task","name":"Update Project"},{"kind":"app_task","name":"Create Protection Policy"}],"name":"8ee0af0e_dag","attrs":{"edges":[{"from_task_reference":{"kind":"app_task","name":"Precheck Validation"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Generate Tenant UID"}},{"from_task_reference":{"kind":"app_task","name":"Create External Subnet"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create VPC"}},{"from_task_reference":{"kind":"app_task","name":"Create VPC"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create Overlay Subnet"}},{"from_task_reference":{"kind":"app_task","name":"Generate Tenant UID"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create Categories"}},{"from_task_reference":{"kind":"app_task","name":"Create Environment"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Update Project"}},{"from_task_reference":{"kind":"app_task","name":"Set Quota"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create Environment"}},{"from_task_reference":{"kind":"app_task","name":"Create Tunnel for VPC"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Set Quota"}},{"from_task_reference":{"kind":"app_task","name":"Configure AD"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create External Subnet"}},{"from_task_reference":{"kind":"app_task","name":"Generate Tenant UID"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Configure AD"}},{"from_task_reference":{"kind":"app_task","name":"Create Project"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create Tunnel for VPC"}},{"from_task_reference":{"kind":"app_task","name":"Create Overlay Subnet"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create Project"}},{"from_task_reference":{"kind":"app_task","name":"Update Project"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create Protection Policy"}}],"type":""},"timeout_secs":"0","type":"DAG","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Precheck Validation","attrs":{"exit_status":[],"script":"# script\n\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"@@{PC_IP}@@\".strip()\npc_username = \"@@{prism_central_username}@@\".strip()\npc_password = \"@@{prism_central_passwd}@@\".strip()\nmgmt_pc_username = \"@@{prism_central_username}@@\".strip()\nmgmt_pc_password = \"@@{management_pc_password}@@\".strip()\nskip_delete = False\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef _get_cluster_details(cluster_name):\n payload = {\"kind\": \"cluster\"}\n url = _build_url(scheme=\"https\",\n resource_type=\"\/clusters\/list\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if data.ok:\n for _cluster in data.json()['entities']:\n if _cluster['status']['name'] == cluster_name:\n print(\"cluster_uuid={}\".format(_cluster['metadata']['uuid']))\n return str(_cluster['metadata']['uuid'])\n print(\"Input Error :- Given cluster %s not present on %s\"%(cluster_name, PC_IP))\n exit(1)\n else:\n print(\"Error while fetching %s cluster info\"%cluster_name)\n print(data.json().get('message_list',data.json().get('error_detail', data.json())))\n exit(1)\n \ndef _get_virtual_switch_uuid(virtual_switch_name, cluster_uuid): \n payload = {\"entity_type\": \"distributed_virtual_switch\", \n \"filter\": \"name==%s\"%virtual_switch_name}\n url = _build_url(scheme=\"https\",\n resource_type=\"\/groups\") \n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n verify=False)\n if data.ok:\n _uuid = data.json()['group_results'][0]['entity_results'][0]['entity_id']\n _url = \"https:\/\/%s:9440\/api\/networking\/v2.a1\/dvs\/virtual-switches\/%s?proxyClusterUuid=%s\"%(PC_IP,\n _uuid,\n cluster_uuid)\n _data = requests.get(_url, auth=HTTPBasicAuth(pc_username, pc_password),verify=False)\n if _data.json()['data']['name'] == virtual_switch_name:\n print(\"virtual switch uuid ----> \",_uuid)\n return str(_uuid)\n else:\n print(\"Input Error :- %s virtual switch not present on %s\"%(virtual_switch_name, PC_IP))\n exit(1)\n else:\n print(\"Error while fetching virtual switch details :- \",data.json().get('message_list',\n data.json().get('error_detail', \n data.json())))\n\ndef _get_subnet_uuid(subnet, delete=False):\n global skip_delete\n url = _build_url(scheme=\"https\",resource_type=\"\/subnets\/list\")\n data = requests.post(url, json={\"kind\":\"subnet\", \"filter\":\"name==%s\"%subnet},\n auth=HTTPBasicAuth(pc_username, \n pc_password),\n timeout=None, verify=False)\n if data.ok:\n if data.json()['metadata']['total_matches'] == 0:\n print(\"%s not present on %s\"%(subnet, PC_IP))\n skip_delete = True\n if not delete:\n exit(1)\n elif data.json()['metadata']['total_matches'] > 1:\n print(\"There are more than one subnets with name - %s on - %s\"%(subnet, PC_IP))\n print(\"Please delete it manually before executing runbook.\")\n exit(1)\n else:\n skip_delete = False\n return data.json()['entities'][0]['metadata']['uuid']\n else:\n print(\"Error while fetching subnet details :- \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\n \ndef get_subnet_details(_uuid):\n url = _build_url(scheme=\"https\",resource_type=\"\/subnets\/%s\"%_uuid)\n data = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n if not data.ok:\n print(\"Error while fetching project subnet details.\")\n print(data.json().get('message_list',\\\n data.json().get('error_detail', data.json())))\n exit(1)\n else:\n print(\"project_subnet_address={}\".format(data.json()['spec']\\\n ['resources']['ip_config']['pool_list'][0]['range'].split( )[-1]))\n \ndef _get_vpc_uuid(vpc_name):\n global skip_delete\n url = _build_url(scheme=\"https\",resource_type=\"\/vpcs\/list\")\n data = requests.post(url, json={\"kind\":\"vpc\", \"filter\":\"name==%s\"%vpc_name},\n auth=HTTPBasicAuth(pc_username, \n pc_password),\n timeout=None, verify=False)\n if data.ok:\n if data.json()['metadata']['total_matches'] == 0:\n print(\"%s not present on %s\"%(vpc_name, PC_IP))\n skip_delete = True\n elif data.json()['metadata']['total_matches'] > 1:\n print(\"There are more than one VPC's with name - %s on - %s\"%(vpc_name, PC_IP))\n print(\"Please delete it manually before executing runbook.\")\n exit(1)\n else:\n skip_delete = False\n return data.json()['entities'][0]['metadata']['uuid']\n else:\n print(\"Error while fetching VPC details :- \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\n \ndef _get_project_uuid(project_name):\n global skip_delete\n url = _build_url(scheme=\"https\",resource_type=\"\/projects\/list\", host = \"localhost\")\n data = requests.post(url, json={\"kind\":\"project\", \"filter\":\"name==%s\"%project_name},\n auth=HTTPBasicAuth(mgmt_pc_username, \n mgmt_pc_password),\n timeout=None, verify=False)\n if data.ok:\n if data.json()['metadata']['total_matches'] == 0:\n print(\"%s not present on %s\"%(project_name, \"Management PC\"))\n skip_delete = True\n elif data.json()['metadata']['total_matches'] > 1:\n print(\"There are more than one projects with name - %s on - %s\"%(project_name, \"Management PC\"))\n print(\"Please delete it manually before executing runbook.\")\n exit(1)\n else:\n skip_delete = False\n return data.json()['entities'][0]['metadata']['uuid']\n else:\n print(\"Error while fetching project details :- \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\n\ndef _get_tunnel_uuid(tunnel_name):\n global skip_delete\n tunnel_state = [\"CONNECTING\",\"NOT_VALIDATED\" ]\n url = _build_url(scheme=\"https\",resource_type=\"\/tunnels\/list\",host=\"localhost\")\n data = requests.post(url, json={\"kind\": \"tunnel\",\"filter\":\"name==%s\"%tunnel_name},\n auth=HTTPBasicAuth(mgmt_pc_username, \n mgmt_pc_password),\n timeout=None, verify=False)\n if data.ok:\n if data.json()['metadata']['total_matches'] == 0:\n print(\"%s does not exist\"%(tunnel_name))\n skip_delete = True\n elif data.json()['metadata']['total_matches'] > 1:\n print(\"There are more than one tunnel with name - %s\"%(tunnel_name))\n print(\"Please delete it manually before executing runbook.\")\n exit(1)\n elif data.json()['entities'][0]['status']['state'] in tunnel_state:\n print(\"tunnel is in NOT_VALIDATED,Please delete it manually before executing runbook.\")\n exit(1)\n else:\n skip_delete = False\n tunnel_uuid = data.json()['entities'][0]['status']['resources']['uuid']\n return tunnel_uuid\n else:\n print(\"Error while fetching tunnel details :- \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\n\ndef _get_network_group_uuid(tunnel_name):\n global skip_delete\n url = _build_url(scheme=\"https\",resource_type=\"\/network_groups\/list\",host=\"localhost\")\n data = requests.post(url, json={\"kind\": \"network_group\",\"filter\":\"name==%s\"%tunnel_name},\n auth=HTTPBasicAuth(mgmt_pc_username, \n mgmt_pc_password),\n timeout=None, verify=False)\n if data.ok:\n if data.json()['metadata']['total_matches'] == 0:\n print(\"%s does not exist\"%(tunnel_name))\n skip_delete = True\n else:\n skip_delete = False\n group_uuid = data.json()['entities'][0]['status']['resources']['uuid']\n return group_uuid\n else:\n print(\"Error while fetching network group details :- \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\n\ndef delete_project_environment(project_name):\n print(\"Fetching project environments information...\")\n project_name = project_name.strip()\n url = _build_url(scheme=\"https\", host=\"localhost\",resource_type=\"\/environments\/list\")\n data = requests.post(url, json={\"kind\":\"environment\"},\n auth=HTTPBasicAuth(mgmt_pc_username, \n mgmt_pc_password),\n timeout=None, verify=False)\n uuid_list = []\n if data.ok:\n if data.json()[\"metadata\"] > 0:\n for _env in data.json()[\"entities\"]:\n if \"project_reference\" in _env[\"metadata\"].keys():\n if _env[\"metadata\"][\"project_reference\"][\"name\"] == project_name:\n uuid_list.append(_env[\"metadata\"][\"uuid\"])\n else:\n print(\"Info : No environment found on localhost\")\n else:\n print(\"Failed to fetch environment details.\")\n print(data.json().get('message_list',data.json().get('error_detail', data.json())))\n exit(1)\n \n for _uuid in uuid_list:\n url = _build_url(scheme=\"https\", host=\"localhost\",resource_type=\"\/environments\/%s\"%_uuid)\n data = requests.delete(url,auth=HTTPBasicAuth(mgmt_pc_username, \n mgmt_pc_password),\n timeout=None, verify=False)\n if data.ok:\n if \"Environment with uuid %s deleted\"%_uuid not in data.json()[\"description\"]:\n print(\"Failed to project environment.\",data.json())\n exit(1)\n else:\n print(\"Error while deleting project environment.\")\n print(data.json().get('message_list',data.json().get('error_detail', data.json())))\n exit(1)\n \n if uuid_list != []:\n print(\"%s Project environment with %s uuid's deleted successfully.\"%(project_name, uuid_list))\n\ndef wait_for_completion(data):\n if data.ok:\n state = data.json().get('status', None).get('state', None)\n while state == \"DELETE_PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if responce.json().get('status', None) in ['DELETE_PENDING']:\n state = 'DELETE_PENDING'\n sleep(5) \n elif responce.json().get('status', None) == 'FAILED':\n print(\"Got Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\" \n else:\n print(\"Got Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n \ndef _get_ip(IP):\n ip_list = IP.split(\".\")\n gatewat_digit = int(ip_list[-1]) + 1\n start_digit = gatewat_digit + 1\n end_digit = start_digit + 50\n gateway_ip = ip_list[:3]\n gateway_ip.append(str(gatewat_digit))\n gateway_ip = \".\".join(gateway_ip)\n start_ip = ip_list[:3]\n start_ip.append(str(start_digit))\n start_ip = \".\".join(start_ip)\n end_ip = ip_list[:3]\n end_ip.append(str(end_digit))\n end_ip = \".\".join(end_ip)\n return (gateway_ip, start_ip, end_ip)\n \nexternal_subnet_items = {}\nvpc_items = {}\noverlay_subnet_items = {}\nproject_items = {}\nAD_items = {}\naccount_items = {}\ntunnel_items = {}\n\ntenant = \"@@{tenant_name}@@\".strip()\ncluster = \"@@{cluster_name}@@\".strip()\ncluter_uuid = _get_cluster_details(cluster)\nexternal_subnet = \"@@{external_subnet_ip}@@\".strip()\nexternal_subnet_ip, external_subnet_prefix= external_subnet.split(\"\/\")\nexternal_subnet_items['name'] = \"@@{tenant_name}@@_External_Subnet\"\nexternal_subnet_items['cluster'] = cluster\nexternal_subnet_items['enable_nat'] = @@{external_subnet_nat}@@\nexternal_subnet_items['virtual_switch_name'] = \"@@{virtual_switch}@@\".strip()\n_uuid = _get_virtual_switch_uuid(external_subnet_items['virtual_switch_name'], cluter_uuid)\nexternal_subnet_items['gateway_ip'] = \"@@{external_subnet_gateway_ip}@@\".strip()\nexternal_subnet_items['network_ip'] = external_subnet_ip\nexternal_subnet_items['prefix'] = int(external_subnet_prefix)\nIP_POOL = \"@@{external_subnet_ip_pool}@@\".strip().split(\"-\")\nexternal_subnet_items['ip_pools'] = {\"range\":\"%s %s\"%(IP_POOL[0],IP_POOL[1])}\n\nvpc_items['name'] = \"@@{tenant_name}@@_VPC\"\nvpc_items['external_subnet_name'] = external_subnet_items['name']\ntunnel_items['name'] = \"@@{tenant_name}@@_VPC_Tunnel\"\n\noverlay_subnet = \"@@{overlay_subnet_ip}@@\".strip()\noverlay_subnet_ip, overlay_subnet_prefix = overlay_subnet.split(\"\/\")\noverlay_subnet_items['subnet_name'] = \"@@{tenant_name}@@_Overlay_Subnet\"\noverlay_subnet_items['vpc_name'] = vpc_items['name']\noverlay_subnet_items['network_ip'] = overlay_subnet_ip\noverlay_subnet_items['prefix'] = int(overlay_subnet_prefix)\noverlay_subnet_items['gateway_ip'] = \"@@{overlay_subnet_gateway_ip}@@\".strip()\nIP = _get_ip(overlay_subnet_ip)\noverlay_subnet_items['ip_pool'] = [{\"ip_pools_start_ip\":IP[1], \n \"ip_pools_end_ip\":IP[2]}]\nprint(\"project_subnet_address={}\".format(IP[2]))\n\nAD_items['name'] = \"Tenant_{}_AD\".format(tenant)\nAD_items['directory_url'] = \"@@{active_directory_url}@@\".strip()\nAD_items['domain_name'] = \"@@{active_directory_domain}@@\".strip()\nAD_items['directory_type'] = \"ACTIVE_DIRECTORY\"\nAD_items['service_account_username'] = \"@@{active_directory_user}@@\".strip()\nAD_items['service_account_password'] = \"@@{active_directory_password}@@\".strip()\nfor x in ['directory_url', 'domain_name', 'directory_type' , \n 'service_account_username', 'service_account_password']:\n if (AD_items[x] == \"NA\") or (AD_items[x] == \"\"):\n print(\"Input Error :- All Active Directory config parameters are mandatory. \"\\\n \"Even if Active Directory alredy created, Need all AD details to \"\\\n \"whitelist correct active directory for Project.\")\n print(\"AD Parameters :- Active Directory URL, Active Directory Domain Name, \"\\\n \"Active Directory Username, Active Directory Password.\")\n exit(1)\n \nadmin_user = \"@@{project_admin_user}@@\".strip()\nproject_subnet_uuid = \"\"\nproject_items['name'] = \"{}_project\".format(tenant)\nproject_items['tenant_users'] = [{\"admin\": [\"{}\".format(admin_user)]}]\nproject_items['accounts'] = \"@@{account_name}@@\".strip()\nproject_items['allow_collaboration'] = False\n#project_subnet = \"@@{project_subnet_uuid}@@\"\n#get_subnet_details(project_subnet)\n#print(\"project_subnet_uuid={}\".format(project_subnet))\n#project_items['subnets'] = [\"{}\".format(project_subnet)]\nproject_items['quotas'] = [{'storage_gb':@@{project_disk_size}@@,\n 'mem_gb':@@{project_memory}@@,\n 'vcpu':@@{project_vcpu}@@}]\n\naccount_items['cluster'] = cluster\naccount_items['quotas'] = [{'storage_gb':@@{project_disk_size}@@,\n 'mem_gb':@@{project_memory}@@,\n 'vcpu':@@{project_vcpu}@@}]\n\nprint(\"external_subnet_items={}\".format(external_subnet_items))\nprint(\"vpc_items={}\".format(vpc_items))\nprint(\"overlay_subnet_items={}\".format(overlay_subnet_items))\nprint(\"project_items={}\".format(project_items))\nprint(\"AD_items={}\".format(AD_items))\nprint(\"account_items={}\".format(account_items))\nprint(\"Tunnel_items={}\".format(tunnel_items))\n\ndef _delete(type, uuid, **params):\n if(params.get(\"host\",None)):\n host = params['host']\n else:\n host = PC_IP\n url = _build_url(scheme=\"https\",host=host,resource_type=\"\/%s\/%s\"%(type,uuid))\n if(params.get(\"username\",None)):\n user_name = params['username']\n else:\n user_name = pc_username\n\n if(params.get(\"password\",None)):\n pass_word = params['password']\n else:\n pass_word = pc_password\n \n data = requests.delete(url, auth=HTTPBasicAuth(user_name, pass_word),\n timeout=None, verify=False)\n if not data.ok:\n print(\"Failed to delete existing %s with uuid %s.\"%(type, uuid))\n print(\"Error :- \",data.json())\n exit(1)\n else:\n wait_for_completion(data)\n \nif \"@@{delete_existing}@@\".lower() == \"yes\":\n _group_uuid = _get_network_group_uuid(tunnel_name=tunnel_items['name'])\n _tunnel_uuid = _get_tunnel_uuid(tunnel_name=tunnel_items['name'])\n if skip_delete == False:\n _delete(type=\"network_groups\/{}\/tunnels\".format(_group_uuid),uuid=_tunnel_uuid, username=mgmt_pc_username, password=mgmt_pc_password, host = \"localhost\")\n sleep(5)\n\n _uuid = _get_project_uuid(project_items['name'])\n\n if skip_delete == False:\n delete_project_environment(project_items['name'])\n _delete(type=\"projects\", uuid=_uuid, username=mgmt_pc_username, password=mgmt_pc_password, host = \"localhost\")\n \n _uuid = _get_subnet_uuid(subnet=overlay_subnet_items['subnet_name'], delete=True)\n if skip_delete == False:\n _delete(type=\"subnets\", uuid=_uuid)\n sleep(5)\n \n _uuid = _get_vpc_uuid(vpc_items['name'])\n if skip_delete == False:\n _delete(type=\"vpcs\", uuid=_uuid)\n sleep(5)\n \n _uuid = _get_subnet_uuid(subnet=external_subnet_items['name'], delete=True)\n if skip_delete == False:\n _delete(type=\"subnets\", uuid=_uuid)","eval_variables":["external_subnet_items","vpc_items","overlay_subnet_items","project_items","AD_items","account_items","cluster_uuid","project_subnet_uuid","project_subnet_address"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Generate Tenant UID","attrs":{"exit_status":[],"script":"uid = uuid.uuid4()\nprint(\"UID={}\".format({\"tenant_uuid\":'%s'%uid}))\n","eval_variables":["UID"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create Categories","attrs":{"script":"# script\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"@@{PC_IP}@@\".strip()\npc_password = \"@@{prism_central_passwd}@@\".strip()\npc_username = \"@@{prism_central_username}@@\".strip()\n\ntenant = @@{UID}@@\nCategoryName = \"TenantName\"\nvalue = \"@@{tenant_name}@@\".strip()\ndescription = \"Tenant Onboarding category for %s\"%value\n\nbase_url = 'https:\/\/{}:9440\/api\/nutanix\/v3\/categories'.format(PC_IP)\npayload = {\n \"name\": CategoryName,\n \"description\": description,\n# \"capabilities\": {\n# \"cardinality\": 64\n# }\n }\n\napi_url = base_url + '\/' + CategoryName\n\nr = requests.put(api_url, json=payload, \n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\nif not r.ok:\n print(\"PUT request failed\", r.content)\n exit(1)\n\nbatch_url = \"https:\/\/{}:9440\/api\/nutanix\/v3\/batch\".format(PC_IP)\n\npayload = {\"action_on_failure\":\"CONTINUE\",\n \"execution_order\":\"NON_SEQUENTIAL\",\n \"api_request_list\":[\n {\n \"operation\":\"PUT\",\n \"path_and_params\":\"\/api\/nutanix\/v3\/categories\/{}\/{}\".format(CategoryName, value),\n \"body\":{\n \"value\":value,\n \"description\":description\n }\n }\n ],\n \"api_version\":\"3.0\"}\n\nr = requests.post(batch_url, json=payload, \n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\nif r.ok:\n print(\"Category created: {}\".format(CategoryName))\n print(\"category_details={}\".format(r.content))\nelse:\n print(\"Failed to create category - %s\"%CategoryName)\n print(r.content)","type":"","command_line_args":"","exit_status":[],"script_type":"static"},"timeout_secs":"0","type":"EXEC","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Configure AD","attrs":{"exit_status":[],"script":"import requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"localhost\"\npc_username =\"@@{management_pc_username}@@\".strip()\npc_password = \"@@{management_pc_password}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=\"localhost\", **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef _get_default_spec():\n return ({\n \"api_version\": \"3.1.0\",\n \"metadata\": {\n \"kind\": \"directory_service\"\n },\n \"spec\": {\n \"name\": \"\",\n \"resources\": {\n \"url\": \"\",\n \"domain_name\": \"\",\n \"directory_type\": \"\",\n \"service_account\": {\n \"username\": \"string\",\n \"password\": \"string\"\n }\n }\n }\n })\n\ndef _get_spec_acp():\n return ({\n \"api_version\": \"3.1.0\",\n \"metadata\": {\n \"kind\" : \"access_control_policy\"\n },\n \"spec\": {\n \"name\": \"string\",\n \"role_reference\": {\"uuid\": \"\"}\n }\n })\n \ndef create_AD(**params):\n payload = _get_default_spec()\n payload['spec']['name'] = params['name']\n payload['spec']['resources']['url'] = params['directory_url']\n payload['spec']['resources']['domain_name'] = params['domain_name']\n payload['spec']['resources']['directory_type'] = params['directory_type']\n payload['spec']['resources']['service_account']['username'] = \\\n params['service_account_username']\n if params.get('group_search_type', 'None') != 'None':\n payload['spec']['resources']['groupSearchType'] = \\\n params.get('group_search_type', 'NON_RECURSIVE')\n payload['spec']['resources']['service_account']['password'] = \\\n params['service_account_password']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/directory_services\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n if 'DUPLICATE_ENTITY' in str(data.json()):\n url = _build_url(scheme=\"https\",\n resource_type=\"\/directory_services\/list\")\n data = requests.post(url, json={\"kind\":\"directory_service\"},\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n for x in data.json()['entities']:\n if x['status']['resources']['domain_name'] == params['domain_name']:\n print(\"ad_details={}\".format({\"ad_uuid\":x['metadata']['uuid']}))\n else:\n task_uuid = wait_for_completion(data, params['name'])\n print(\"ad_details={}\".format({\"ad_uuid\": data.json()['metadata']['uuid'],\n \"ad_creation_task_uuid\": task_uuid,\n \"name\":params['name']}))\n\ndef wait_for_completion(data, name):\n if data.ok:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Got Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n _url = _build_url(scheme=\"https\",resource_type=\"\/directory_services\/list\")\n _data = requests.post(_url, json={\"kind\":\"directory_service\"},\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n if name in str(_data.json()):\n state = \"COMPLETE\"\n else:\n state = 'PENDING'\n sleep(5) \n else:\n print(\"Got Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n return data.json()['status']['execution_context']['task_uuid']\n\n\nparams = @@{AD_items}@@\nprint(\"##### Configuring Active Directory #####\")\ncreate_AD(**params) ","eval_variables":["ad_details"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create External Subnet","attrs":{"exit_status":[],"script":"#script\n\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"@@{PC_IP}@@\".strip()\npc_username = \"@@{prism_central_username}@@\".strip()\npc_password = \"@@{prism_central_passwd}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n \ndef _get_cluster_details(cluster_name):\n cluster_details = {'kind':'cluster'}\n payload = {\"kind\": \"cluster\"}\n url = _build_url(scheme=\"https\",\n resource_type=\"\/clusters\/list\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if data.ok:\n for _cluster in data.json()['entities']:\n if _cluster['status']['name'] == cluster_name:\n cluster_details['uuid'] = str(_cluster['metadata']['uuid'])\n return cluster_details\n print(\"Input Error :- Given cluster %s not present on %s\"%(cluster_name, PC_IP))\n exit(1)\n else:\n print(\"Error while fetching %s cluster info\"%cluster_name)\n print(data.json().get('message_list',data.json().get('error_detail', data.json())))\n exit(1)\n \ndef _get_virtual_switch_uuid(virtual_switch_name):\n cluster = \"@@{cluster_name}@@\".strip()\n _cluster = _get_cluster_details(cluster)\n cluster_uuid = _cluster['uuid']\n payload = {\"entity_type\": \"distributed_virtual_switch\", \n \"filter\": \"name==%s\"%virtual_switch_name}\n url = _build_url(scheme=\"https\",\n resource_type=\"\/groups\") \n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n verify=False)\n if data.ok:\n _uuid = data.json()['group_results'][0]['entity_results'][0]['entity_id']\n _url = \"https:\/\/%s:9440\/api\/networking\/v2.a1\/dvs\/virtual-switches\/%s?proxyClusterUuid=%s\"%(PC_IP,\n _uuid,\n cluster_uuid)\n _data = requests.get(_url, auth=HTTPBasicAuth(pc_username, pc_password),verify=False)\n if _data.json()['data']['name'] == virtual_switch_name:\n print(\"virtual switch uuid ----> \",_uuid)\n return str(_uuid)\n else:\n print(\"Input Error :- %s virtual switch not present on %s\"%(virtual_switch_name, PC_IP))\n exit(1)\n else:\n print(\"Error while fetching virtual switch details :- \",data.json().get('message_list',\n data.json().get('error_detail', \n data.json())))\n\ndef _get_default_spec():\n return (\n {\n \"api_version\": \"3.1.0\",\n \"metadata\": {\"kind\": \"subnet\"},\n \"spec\": {\n \"name\": \"\",\n \"resources\": {\n \"ip_config\": {},\n \"subnet_type\": None,\n },\n },\n }\n )\n\ndef _get_ipam_spec(**params):\n ipam_spec = {}\n if params['set_ipam'] == 'yes':\n ipam_spec = _get_default_ipconfig_spec()\n ipam_config = params[\"ipam\"]\n ipam_spec[\"subnet_ip\"] = ipam_config[\"network_ip\"]\n ipam_spec[\"prefix_length\"] = ipam_config[\"network_prefix\"]\n ipam_spec[\"default_gateway_ip\"] = ipam_config[\"gateway_ip\"]\n pools = []\n pools.append(params[\"ip_pools\"])\n ipam_spec[\"pool_list\"] = pools\n return ipam_spec\n\ndef _get_default_ipconfig_spec():\n return (\n {\n \"subnet_ip\": None,\n \"prefix_length\": None,\n \"default_gateway_ip\": None,\n \"pool_list\": [],\n }\n )\n\ndef create_external_subnet(**params):\n params['ipam_spec'] = _get_ipam_spec(**params)\n cluster_details = _get_cluster_details(cluster_name=params['cluster_name'])\n payload = _get_default_spec()\n if params['uuid'] != \"None\":\n payload[\"spec\"]['uuid'] = params['uuid']\n payload[\"spec\"]['name'] = params['name']\n payload[\"spec\"][\"resources\"][\"subnet_type\"] = \"VLAN\"\n payload[\"spec\"][\"resources\"][\"vlan_id\"] = params['vlan_id']\n payload[\"spec\"][\"resources\"][\"ip_config\"] = params['ipam_spec']\n payload[\"spec\"][\"cluster_reference\"] = cluster_details\n if params['enable_nat'] == False:\n switch_details = _get_virtual_switch_uuid(params['virtual_switch_name'])\n payload[\"spec\"][\"resources\"][\"virtual_switch_uuid\"] = switch_details\n payload[\"spec\"][\"resources\"][\"is_external\"] = True\n payload[\"spec\"][\"resources\"][\"enable_nat\"] = params['enable_nat']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/subnets\")\n while True:\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username,pc_password),\n timeout=None, verify=False)\n if data.ok:\n task_uuid = wait_for_completion(data=data, vlan_id=params['vlan_id'])\n if task_uuid == {}:\n _uuid = data.json()['metadata']['uuid']\n _name = params['name']\n else:\n _uuid = task_uuid[\"uuid\"]\n _name = task_uuid[\"name\"]\n return {\"uuid\": _uuid, \"name\": _name}\n\n elif \"subnet exists with vlan id\" in str(data.json()).lower():\n _url = _build_url(scheme=\"https\",resource_type=\"\/subnets\/list\")\n _data = requests.post(_url, json={\"kind\":\"subnet\"},\n auth=HTTPBasicAuth(pc_username,pc_password),\n verify=False)\n if _data.ok:\n if _data.json()['metadata']['total_matches'] > 0:\n for _subnet in _data.json()['entities']:\n if \"vlan_id\" not in _subnet['spec']['resources'].keys():\n continue\n if _subnet['spec']['resources']['vlan_id'] == params['vlan_id']:\n return {\"uuid\":_subnet['metadata']['uuid'], \"name\":_subnet[\"spec\"][\"name\"]}\n print(\"Error :- No subnet found on host with VLAN ID %s\"%params['vlan_id'])\n exit(1)\n else:\n print(\"Error :- No subnet found on host\")\n exit(1)\n else:\n print(\"Error while fetching external subnet details.\")\n print(data.json().get('message_list', data.json().get('error_detail', data.json())))\n exit(1)\n else:\n print(\"Failed to create external subnet ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n\ndef wait_for_completion(data, vlan_id=None):\n if data.ok:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if responce.json()['status'] in ['PENDING', 'RUNNING','QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n if \"subnet exists with vlan id\" in str(responce.json()).lower():\n print(\"Another external subnet exist with sam VLAN ID, fetching details..\")\n _url = _build_url(scheme=\"https\",resource_type=\"\/subnets\/list\")\n _data = requests.post(_url, json={\"kind\":\"subnet\"},\n auth=HTTPBasicAuth(pc_username,pc_password),\n verify=False)\n if _data.ok:\n if _data.json()['metadata']['total_matches'] > 0:\n for _subnet in _data.json()['entities']:\n if \"vlan_id\" not in _subnet['spec']['resources'].keys():\n continue\n if _subnet['spec']['resources']['vlan_id'] == vlan_id:\n return {'uuid':_subnet['metadata']['uuid'],\"name\":_subnet['spec']['name']}\n print(\"Error :- No subnet found on host with VLAN ID %s\"%vlan_id)\n exit(1)\n else:\n print(\"Error :- No subnet found on host\")\n exit(1)\n else:\n print(\"Error while fetching external subnet details.\")\n print(data.json().get('message_list', data.json().get('error_detail', data.json())))\n exit(1)\n else:\n print(\"Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n return {}\n \ndef _get_vlan_id():\n url = _build_url(scheme=\"https\",resource_type=\"\/subnets\/list\")\n data = requests.post(url, json={\"kind\":\"subnet\"},\n auth=HTTPBasicAuth(pc_username, \n pc_password),\n timeout=None, verify=False)\n if data.ok:\n vlan_id = []\n for x in data.json()['entities']:\n print(x['spec']['resources'])\n vlan_id.append(x['spec']['resources'].get('vlan_id', 0))\n id = 10\n while True:\n if id in vlan_id:\n id+=1\n else:\n break\n return id\n else:\n print(\"Error while fetching subnet list :- \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\ndef set_params():\n params_dict = @@{external_subnet_items}@@\n params['name'] = params_dict['name']\n params['uuid'] = params_dict.get('uuid', \"None\")\n params['enable_nat'] = params_dict.get('enable_nat', False)\n params['cluster_name'] = params_dict.get('cluster', \"None\")\n params['vlan_id'] = @@{external_vlan_id}@@\n params['virtual_switch_name'] = params_dict.get('virtual_switch_name', \"None\")\n params['ipam'] = {}\n params['set_ipam'] = \"yes\"\n params['ipam']['network_ip'] = params_dict.get('network_ip', 'None')\n params['ipam']['network_prefix'] = params_dict.get('prefix', 'None')\n params['ipam']['gateway_ip'] = params_dict['gateway_ip']\n params['ip_pools'] = params_dict['ip_pools']\n\nparams = {}\nset_params()\nsubnet = create_external_subnet(**params)\nprint(\"external_subnet_details={}\".format(subnet))","eval_variables":["external_subnet_details"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create VPC","attrs":{"exit_status":[],"script":"#script\n\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"@@{PC_IP}@@\".strip()\npc_username = \"@@{prism_central_username}@@\".strip()\npc_password = \"@@{prism_central_passwd}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef _get_default_spec():\n return(\n {\n \"api_version\": \"3.1.0\",\n \"metadata\": {\"kind\": \"vpc\", \"categories\": {}},\n \"spec\": {\n \"name\": None,\n \"resources\": {\n \"external_subnet_list\": []\n },\n },\n })\n\ndef create_vpc(**params):\n payload = _get_default_spec()\n if params['uuid'] != \"None\":\n payload[\"spec\"]['uuid'] = params['uuid']\n payload[\"spec\"]['name'] = params['name']\n if params.get(\"common_domain_name_server_ip_list\", \"None\") != \"None\":\n payload[\"spec\"][\"resources\"][\"common_domain_name_server_ip_list\"] = \\\n params[\"common_domain_name_server_ip_list\"]\n payload[\"spec\"][\"resources\"][\"external_subnet_list\"] = \\\n params[\"external_subnet_list\"]\n if params.get(\"externally_routable_prefix_list\", \"None\") != \"None\":\n payload[\"spec\"][\"resources\"][\"externally_routable_prefix_list\"] = \\\n params[\"externally_routable_prefix_list\"]\n url = _build_url(scheme=\"https\",\n resource_type=\"\/vpcs\") \n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password ),\n timeout=None, verify=False)\n \n if not data.ok:\n print(\"Got Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n else:\n task_uuid = wait_for_completion(data)\n vpc = {\"name\": params['name'], \n \"uuid\":data.json()['metadata']['uuid'],\n \"create_vpc_task_uuid\": task_uuid}\n create_static_route(vpc[\"uuid\"])\n return vpc\n \ndef _get_route_spec(vpc_uuid, subnet_uuid,subnet_name):\n ip_prefix = \"0.0.0.0\/0\"\n url = _build_url(scheme=\"https\",\n resource_type=\"\/vpcs\/%s\/route_tables\"%vpc_uuid)\n data = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password), verify=False)\n if data.ok:\n responce = data.json()\n del responce[\"status\"]\n for x in [\"last_update_time\",\"creation_time\",\"spec_hash\",\"categories_mapping\",\"owner_reference\",\"categories\"]:\n if x in responce[\"metadata\"].keys():\n del responce[\"metadata\"][x]\n else:\n print(\"Error while fetching VPCs static route details.\")\n exit(1)\n static_route = {\"nexthop\": {\n \"external_subnet_reference\": {\n \"kind\": \"subnet\",\n \"name\": subnet_name,\n \"uuid\": subnet_uuid\n }\n },\n \"destination\": ip_prefix}\n responce[\"spec\"][\"resources\"][\"static_routes_list\"].append(static_route)\n return responce\n\ndef create_static_route(vpc_uuid):\n subnet = @@{external_subnet_details}@@\n subnet_uuid = subnet[\"uuid\"]\n subnet_name = subnet[\"name\"]\n payload = _get_route_spec(vpc_uuid, subnet_uuid, subnet_name)\n url = _build_url(scheme=\"https\",\n resource_type=\"\/vpcs\/%s\/route_tables\"%vpc_uuid)\n data = requests.put(url, json=payload, \n auth=HTTPBasicAuth(pc_username, pc_password), verify=False)\n wait_for_completion(data)\n \ndef wait_for_completion(data):\n if data.status_code in [200, 202]:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Got Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n print(\"Got Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n return data.json()['status']['execution_context']['task_uuid']\n\ndef set_params():\n params = {}\n print(\"##### creating VPC #####\")\n params_dict = @@{vpc_items}@@\n ext_subnet = @@{external_subnet_details}@@\n params['name'] = params_dict['name']\n params['uuid'] = params_dict.get('uuid', \"None\")\n if params_dict.get(\"dns_servers\", \"None\") != \"None\":\n params[\"common_domain_name_server_ip_list\"] = [{}]\n params[\"common_domain_name_server_ip_list\"][0]['ip'] = \\\n params_dict.get('dns_servers', 'None')\n params[\"external_subnet_list\"] = [{}]\n if params_dict.get(\"externally_routable_ip\", \"None\") != \"None\":\n params[\"externally_routable_prefix_list\"] = [{}]\n params[\"externally_routable_prefix_list\"][0][\"ip\"] = \\\n params_dict[\"externally_routable_ip\"]\n params[\"externally_routable_prefix_list\"][0][\"prefix_length\"] = \\\n params_dict[\"externally_routable_ip_prefix\"]\n \n if params_dict.get(\"external_subnet_name\", \"None\") != \"None\":\n params[\"external_subnet_list\"][0][\"external_subnet_reference\"] = {}\n params[\"external_subnet_list\"][0][\"external_subnet_reference\"][\"kind\"] = \"subnet\"\n params[\"external_subnet_list\"][0][\"external_subnet_reference\"][\"name\"] = \\\n params_dict[\"external_subnet_name\"]\n params[\"external_subnet_list\"][0][\"external_subnet_reference\"][\"uuid\"] = ext_subnet[\"uuid\"]\n \n if params_dict.get(\"external_subnet_uuid\", \"None\") != \"None\":\n params[\"external_subnet_list\"][0][\"external_subnet_reference\"][\"uuid\"] = \\\n params_dict['external_subnet_uuid']\n return params\nparams = set_params()\nvpc_details = create_vpc(**params)\nprint(\"vpc_details={}\".format(vpc_details))","eval_variables":["vpc_details"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create Overlay Subnet","attrs":{"exit_status":[],"script":"#script\n\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"@@{PC_IP}@@\".strip()\npc_username = \"@@{prism_central_username}@@\".strip()\npc_password = \"@@{prism_central_passwd}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef _get_default_spec():\n return (\n {\n \"api_version\": \"3.1.0\",\n \"metadata\": {\"kind\": \"subnet\"},\n \"spec\": {\n \"name\": \"\",\n \"resources\": {\n \"ip_config\": {},\n \"subnet_type\": None,\n },\n },\n }\n )\n\ndef _get_ipam_spec(**params):\n ipam_spec = {}\n if params['set_ipam'] == 'yes':\n ipam_spec = _get_default_ipconfig_spec()\n ipam_config = params[\"ipam\"]\n ipam_spec[\"subnet_ip\"] = ipam_config[\"network_ip\"]\n ipam_spec[\"prefix_length\"] = ipam_config[\"network_prefix\"]\n ipam_spec[\"default_gateway_ip\"] = ipam_config[\"gateway_ip\"]\n pools = []\n for ip_pools in params['ip_pool']:\n pools.append({\"range\": \"%s %s\"%(ip_pools['ip_pools_start_ip'], \n ip_pools['ip_pools_end_ip'])}) \n ipam_spec[\"pool_list\"] = pools\n if \"dhcp_options\" in ipam_config:\n dhcp_spec = _get_default_dhcp_spec()\n dhcp_config = ipam_config[\"dhcp_options\"]\n if dhcp_config['domain_name_server_list'] != 'None': \n dhcp_spec[\"domain_name_server_list\"] = dhcp_config[\"domain_name_server_list\"]\n if dhcp_config[\"domain_search_list\"] != 'None':\n dhcp_spec[\"domain_search_list\"] = dhcp_config[\"domain_search_list\"]\n if dhcp_config[\"domain_name\"] != 'None':\n dhcp_spec[\"domain_name\"] = dhcp_config[\"domain_name\"]\n if dhcp_config[\"boot_file_name\"] != 'None':\n dhcp_spec[\"boot_file_name\"] = dhcp_config[\"boot_file_name\"]\n if dhcp_config[\"tftp_server_name\"] != 'None':\n dhcp_spec[\"tftp_server_name\"] = dhcp_config[\"tftp_server_name\"]\n ipam_spec[\"dhcp_options\"] = dhcp_spec\n return ipam_spec\n\ndef _get_default_ipconfig_spec():\n return (\n {\n \"subnet_ip\": None,\n \"prefix_length\": None,\n \"default_gateway_ip\": None,\n \"pool_list\": [],\n }\n )\n\ndef _get_default_dhcp_spec():\n return (\n {\n \"domain_name_server_list\": [],\n \"domain_search_list\": [],\n \"domain_name\": \"\",\n \"boot_file_name\": \"\",\n \"tftp_server_name\": \"\",\n }\n )\n\ndef wait_for_completion(data):\n if data.status_code in [200, 202]:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Got Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n print(\"Got Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n return data.json()['status']['execution_context']['task_uuid'] \n \ndef create_overlay_subnet():\n params = {}\n print(\"##### Creating Overlay Subnets #####\")\n params_dict = @@{overlay_subnet_items}@@\n params['vpc_name'] = params_dict.get('vpc_name', 'None')\n params['ipam'] = {}\n params['set_ipam'] = \"yes\"\n params['ipam']['network_ip'] = params_dict.get('network_ip', 'None')\n params['ipam']['network_prefix'] = params_dict.get('prefix', 'None')\n params['ipam']['gateway_ip'] = params_dict.get('gateway_ip', 'None')\n params['ip_pool'] = params_dict['ip_pool']\n params['dhcp'] = params_dict.get('dhcp', 'None')\n params['ipam']['dhcp_options'] = {}\n params['ipam']['dhcp_options']['domain_name_server_list'] = params_dict.get('dns_servers', 'None')\n params['ipam']['dhcp_options']['domain_search_list'] = params_dict.get('domain_search', 'None')\n params['ipam']['dhcp_options']['domain_name'] = params_dict.get('domain_name', 'None')\n params['ipam']['dhcp_options']['boot_file_name'] = params_dict.get('boot_file', \"None\")\n params['ipam']['dhcp_options']['tftp_server_name'] = params_dict.get('tftp_server', \"None\")\n \n payload = _get_default_spec()\n if params_dict.get('vpc_name', 'None') != 'None':\n vpc_details = @@{vpc_details}@@\n params['vpc_reference'] = {\"kind\": \"vpc\", \"uuid\": vpc_details[\"uuid\"]}\n payload[\"spec\"][\"resources\"][\"vpc_reference\"] = params['vpc_reference']\n payload[\"spec\"]['name'] = params_dict['subnet_name']\n payload[\"spec\"][\"resources\"][\"subnet_type\"] = \"OVERLAY\"\n \n if params_dict.get('network_ip', 'None') != 'None':\n params['ipam_spec'] = _get_ipam_spec(**params)\n print(\"Overlay Subnet IP range - %s\"%params['ip_pool'])\n payload[\"spec\"][\"resources\"][\"ip_config\"] = params['ipam_spec']\n\n\n url = _build_url(scheme=\"https\",\n resource_type=\"\/subnets\") \n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n task_uuid = wait_for_completion(data)\n details = {\"uuid\":data.json()['metadata']['uuid'],\n \"name\": params_dict['subnet_name'],\n \"create_subnet_task_uuid\": task_uuid}\n print(\"overlay_subnet_details={}\".format(details))\ncreate_overlay_subnet()","eval_variables":["overlay_subnet_details"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create Project","attrs":{"exit_status":[],"script":"# script\n\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nROLE_ADMIN = \"Project Admin\"\nROLE_OPERATOR = \"Operator\"\nROLE_DEVELOPER = \"Developer\"\nROLE_CONSUMER = \"Consumer\"\nROOT_OU = 'tenants'\n\nPC_IP = \"localhost\"\nmanagement_username = \"@@{management_pc_username}@@\".strip()\nmanagement_password = \"@@{management_pc_password}@@\".strip()\n\ndef get_role_uuid(role_name):\n api_url = 'https:\/\/{}:9440\/api\/nutanix\/v3\/roles\/list'.format(PC_IP)\n payload = {\n 'filter': 'name=={}'.format(role_name),\n 'kind': 'role',\n 'offset': 0\n }\n r = requests.post(api_url, json=payload, \n auth=HTTPBasicAuth(management_username, management_password), \n timeout=None, verify=False)\n result = json.loads(r.content)\n if result.get('entities', 'None') != 'None':\n return result['entities'][0]['metadata']['uuid']\n else:\n print(\"Error :- {}\".format(r.content))\n exit(1)\n\ndef get_project_specs(project):\n url = _build_url(scheme=\"https\",\n resource_type=\"\/projects_internal\/{}\".format(project))\n data = requests.get(url,\n auth=HTTPBasicAuth(management_username, management_password),\n timeout=None, verify=False)\n if data.ok:\n return data.json()\n else:\n print(data.json())\n \ndef get_spec(role_uuid,user_uuid,user_name,idp_uuid,account_uuid,subnet_uuid,vpc_uuid,project_name,project_uuid,subnet_name):\n project_specs = get_project_specs(project_uuid)\n collection = \"ALL\"\n if \"@@{allow_collaboration}@@\".lower() == \"false\":\n collection = \"SELF_OWNED\"\n external_network = []\n subnet_reference = []\n if \"@@{account_name}@@\".strip() == \"NTNX_LOCAL_AZ\":\n subnet_reference = [\n {\n \"kind\": \"subnet\",\n \"name\": subnet_name,\n \"uuid\": subnet_uuid\n }\n ]\n else:\n external_network = [\n {\n \"name\": subnet_name,\n \"uuid\": subnet_uuid\n }\n ]\n \n return ({\n \"spec\": {\n \"access_control_policy_list\": [\n {\n \"acp\": {\n \"name\": \"Admin ACP-@@{calm_now}@@\",\n \"resources\": {\n \"role_reference\": {\n \"name\": \"Project Admin\",\n \"uuid\": role_uuid,\n \"kind\": \"role\"\n },\n \"user_group_reference_list\": [],\n \"user_reference_list\": [\n {\n \"name\": user_name,\n \"kind\": \"user\",\n \"uuid\": user_uuid\n }\n ],\n \"filter_list\": {\n \"context_list\": [\n {\n \"scope_filter_expression_list\": [\n {\n \"operator\": \"IN\",\n \"left_hand_side\": \"PROJECT\",\n \"right_hand_side\": {\n \"uuid_list\": [\n project_uuid\n ]\n }\n }\n ],\n \"entity_filter_expression_list\": [\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"ALL\"\n },\n \"right_hand_side\": {\n \"collection\": collection\n }\n }\n ]\n },\n {\n \"entity_filter_expression_list\": [\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"image\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"marketplace_item\"\n },\n \"right_hand_side\": {\n \"collection\": \"SELF_OWNED\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"directory_service\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"role\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"uuid_list\": [\n project_uuid\n ]\n },\n \"left_hand_side\": {\n \"entity_type\": \"project\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"user\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"user_group\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"environment\"\n },\n \"right_hand_side\": {\n \"collection\": \"SELF_OWNED\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"app_icon\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"category\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"app_task\"\n },\n \"right_hand_side\": {\n \"collection\": \"SELF_OWNED\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"app_variable\"\n },\n \"right_hand_side\": {\n \"collection\": \"SELF_OWNED\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"identity_provider\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"vm_recovery_point\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"cluster\"\n },\n \"right_hand_side\": {\n \"uuid_list\": [\"@@{cluster_uuid}@@\"]\n }\n }\n ]\n },\n {\n \"scope_filter_expression_list\": [\n {\n \"operator\": \"IN\",\n \"left_hand_side\": \"PROJECT\",\n \"right_hand_side\": {\n \"uuid_list\": [\n project_uuid\n ]\n }\n }\n ],\n \"entity_filter_expression_list\": [\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"blueprint\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"environment\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"marketplace_item\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n }\n ]\n }\n ]\n }\n },\n \"description\": \"project admin acp @@{calm_now}@@\"\n },\n \"metadata\": {\n \"kind\": \"access_control_policy\"\n },\n \"operation\": \"ADD\"\n }\n ],\n \"project_detail\": {\n \"name\": project_name,\n \"resources\": {\n \"external_network_list\": external_network,\n \"account_reference_list\": [\n {\n \"kind\": \"account\",\n \"uuid\": account_uuid\n }\n ],\n \"user_reference_list\": [\n {\n \"name\": user_name,\n \"kind\": \"user\",\n \"uuid\": user_uuid\n }\n ],\n \"default_subnet_reference\": {\n \"kind\": \"subnet\",\n \"uuid\": subnet_uuid\n },\n \"vpc_reference_list\": [\n {\n \"kind\": \"vpc\",\n \"uuid\": vpc_uuid\n }\n ],\n \"tunnel_reference_list\": [],\n \"external_user_group_reference_list\": [],\n \"subnet_reference_list\": subnet_reference,\n \"resource_domain\": {},\n \"cluster_reference_list\": [\n {\n \"kind\": \"cluster\",\n \"uuid\": \"@@{cluster_uuid}@@\"\n }\n ],\n \"environment_reference_list\": []\n },\n \"description\": \"Tenant Onboarding Project\"\n },\n \"user_list\": [\n {\n \"metadata\": {\n \"kind\": \"user\",\n \"uuid\": user_uuid\n },\n \"user\": {\n \"resources\": {\n \"directory_service_user\": {\n \"user_principal_name\": user_name,\n \"directory_service_reference\": {\n \"uuid\": idp_uuid,\n \"kind\": \"directory_service\"\n }\n }\n }\n },\n \"operation\": \"ADD\"\n }\n ],\n \"user_group_list\": []\n },\n \"api_version\": project_specs[\"api_version\"],\n \"metadata\": {\n \"kind\": \"project\",\n \"uuid\":project_uuid,\n \"spec_version\":project_specs[\"metadata\"][\"spec_version\"]\n }})\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef _get_default_spec():\n return (\n {\n \"api_version\": \"3.1.0\",\n \"metadata\": {\"kind\": \"project\"},\n \"spec\": {\n \"project_detail\" : {\n \"name\": \"\",\n \"resources\": {}\n }\n }\n }\n )\n \ndef _get_user_spec():\n return ({\n \"api_version\": \"3.1.0\",\n \"metadata\": {\n \"kind\" : \"user\"\n },\n \"spec\": {\n \"resources\": {}\n }\n })\n \ndef get_user_uuid(user, **params):\n payload = _get_user_spec() \n ad = @@{ad_details}@@\n payload['spec']['resources']['directory_service_user'] = {}\n payload['spec']['resources']['directory_service_user']\\\n ['user_principal_name'] = user.strip()\n\n payload['spec']['resources']['directory_service_user']\\\n ['directory_service_reference'] = {}\n payload['spec']['resources']['directory_service_user']\\\n ['directory_service_reference']['kind'] = \"directory_service\"\n payload['spec']['resources']['directory_service_user']\\\n ['directory_service_reference']['uuid'] = ad[\"ad_uuid\"]\n \n url = _build_url(scheme=\"https\",resource_type=\"\/users\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(management_username, \n management_password),\n timeout=None, verify=False) \n \n wait_for_completion(data)\n\n if not data.ok:\n if \"DUPLICATE\" in str(data.json()):\n _url = _build_url(scheme=\"https\",resource_type=\"\/users\/list\") \n _data = requests.post(_url, json={\"kind\":\"user\", \"length\":9999},\n auth=HTTPBasicAuth(management_username, \n management_password),\n timeout=None, verify=False) \n if user in str(_data.json()):\n for new_data in _data.json()['entities']:\n if new_data['status']['name'] == user:\n return new_data['metadata']['uuid']\n else:\n print(\"Error while Fetching user details----> \",data.json())\n exit(1)\n else:\n return data.json()['metadata']['uuid']\n \n url = _build_url(scheme=\"https\",\n resource_type=\"\/idempotence_identifiers\/salted\")\n payload = {\"name_list\":[user]}\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(management_username, management_password),\n timeout=None, verify=False) \n if data.ok:\n _uuid = data.json()[\"name_uuid_list\"][0][user]\n print(\"user_uuid----> %s\"%_uuid)\n return _uuid\n else:\n print(\"Error while fetching user details :- \",data.json())\n exit(1)\n \ndef create_empty_project(project_name):\n payload = {\n \"api_version\": \"3.0\",\n \"metadata\": {\n \"kind\": \"project\"\n },\n \"spec\": {\n \"project_detail\": {\n \"name\": project_name,\n \"resources\": {}\n },\n \"user_list\": [],\n \"user_group_list\": [],\n \"access_control_policy_list\": []\n }\n }\n \n url = _build_url(scheme=\"https\",resource_type=\"\/projects_internal\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(management_username, management_password),\n timeout=None, verify=False)\n \n if data.ok:\n wait_for_completion(data)\n else:\n print(\"Failed with Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n \n return data.json()[\"metadata\"][\"uuid\"]\n \ndef build_project(**params): \n vpc_details = @@{vpc_details}@@\n admin_role_uuid = get_role_uuid(ROLE_ADMIN)\n operator_role_uuid = get_role_uuid(ROLE_OPERATOR)\n developer_role_uuid = get_role_uuid(ROLE_DEVELOPER)\n consumer_role_uuid = get_role_uuid(ROLE_CONSUMER)\n print('ROLE_ADMIN_UUID={}'.format(admin_role_uuid))\n print('ROLE_OPERATOR_UUID={}'.format(operator_role_uuid))\n print('ROLE_DEVELOPER_UUID={}'.format(developer_role_uuid))\n print('ROLE_CONSUMER_UUID={}'.format(consumer_role_uuid))\n \n overlay_subnets = @@{overlay_subnet_details}@@\n subnet_uuid = overlay_subnets[\"uuid\"]\n subnet_name = overlay_subnets[\"name\"]\n \n account_uuid = \"\"\n if params.get('accounts', 'None') != \"None\":\n url = _build_url(scheme=\"https\",resource_type=\"\/accounts\/list\")\n data = requests.post(url, json={\"kind\":\"account\", \"filter\":\"name==%s\"%params['accounts']},\n auth=HTTPBasicAuth(management_username, management_password),\n timeout=None, verify=False) \n if params['accounts'] in str(data.json()):\n for new_data in data.json()['entities']:\n if new_data['metadata']['name'] == params['accounts']: \n account_uuid = new_data['metadata']['uuid']\n print(\"account_details={}\".format({\"uuid\": account_uuid}))\n else:\n print(\"Error : %s account not present on %s\"%(params['accounts'],PC_IP))\n exit(1) \n \n user_details = []\n all_users = []\n user = \"@@{project_admin_user}@@\".strip()\n user_uuid = get_user_uuid(user, **params)\n if user_uuid != \"None\":\n user_details.append({'name':user, 'uuid':user_uuid})\n print(\"user_details={}\".format(user_details))\n \n idp_uuid = @@{ad_details}@@\n print(\"group_details={}\".format([]))\n vpc_uuid = @@{vpc_details}@@\n project_uuid = create_empty_project(project_name=params['name'])\n payload = get_spec(role_uuid=admin_role_uuid, \n user_uuid=user_details[0][\"uuid\"], \n user_name=user_details[0][\"name\"], \n idp_uuid=idp_uuid[\"ad_uuid\"], \n account_uuid=account_uuid, \n subnet_uuid=subnet_uuid,\n vpc_uuid=vpc_uuid[\"uuid\"],\n project_name=params['name'],\n project_uuid=project_uuid,\n subnet_name=subnet_name)\n \n if params.get(\"quotas\", \"None\") != \"None\":\n payload[\"spec\"][\"project_detail\"][\"resources\"][\"resource_domain\"] = {} \n resources = []\n for resource in params['quotas']:\n if resource.get(\"mem_gb\", 0) != 0:\n mem_gb = resource[\"mem_gb\"] * 1024 * 1024 * 1024\n resources.append({\"resource_type\":\"MEMORY\", \"limit\":mem_gb})\n if resource.get(\"storage_gb\", 0) != 0:\n storage_gb = resource['storage_gb'] * 1024 * 1024 * 1024\n resources.append({\"resource_type\":\"STORAGE\", \"limit\":storage_gb})\n if resource.get(\"vcpu\", 0) != 0:\n resources.append({\"resource_type\":\"VCPUS\", \"limit\":resource['vcpu']})\n payload[\"spec\"][\"project_detail\"][\"resources\"][\"resource_domain\"] = {\"resources\": resources}\n \n url = _build_url(scheme=\"https\",resource_type=\"\/projects_internal\/%s\"%project_uuid)\n data = requests.put(url, json=payload,\n auth=HTTPBasicAuth(management_username, management_password),\n timeout=None, verify=False)\n\n if data.ok:\n wait_for_completion(data)\n else:\n print(\"Failed with Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n \n if 'status' not in data.json():\n print(\"Project %s not created successfully.\"%params['name'])\n print(data.json())\n exit(1)\n task_uuid = data.json()['status']['execution_context']['task_uuid']\n if 'metadata' in data.json():\n print(\"project_details={}\".format({\"uuid\":data.json()['metadata']['uuid'],\n \"name\": params['name'],\n \"create_project_task_uuid\": task_uuid}))\n else:\n print(\"Project not created successfully, Check inputs and payload\")\n print(data.json())\n exit(1)\n \ndef wait_for_completion(data):\n if data.ok:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(management_username,management_password), \n verify=False) \n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Got Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n state = data.json().get('state')\n if \"DUPLICATE_ENTITY\" not in str(data.json()):\n print(\"Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n\nprint(\"##### Creating a Project #####\")\nparams = @@{project_items}@@\nbuild_project(**params) ","eval_variables":["project_details","account_details","user_details","group_details","ROLE_DEVELOPER_UUID","ROLE_ADMIN_UUID","ROLE_OPERATOR_UUID","ROLE_CONSUMER_UUID"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create Tunnel for VPC","attrs":{"script":"#script\n\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"localhost\"\npc_user = \"@@{management_pc_username}@@\".strip()\npc_password = \"@@{management_pc_password}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef get_account_uuid():\n account = \"@@{account_name}@@\".strip()\n url = _build_url(scheme=\"https\",resource_type=\"\/accounts\/list\")\n data = requests.post(url, json={\"kind\":\"account\", \"filter\":\"name==%s\"%account},\n auth=HTTPBasicAuth(pc_user, pc_password),\n timeout=None, verify=False) \n if account in str(data.json()):\n for new_data in data.json()['entities']:\n if new_data['metadata']['name'] == account: \n account_uuid = new_data['metadata']['uuid']\n return account_uuid\n else:\n print(\"Error : %s account not present on %s\"%(account,PC_IP))\n exit(1) \n \ndef get_spec(**params):\n url = _build_url(scheme=\"https\",\n resource_type=\"\/idempotence_identifiers\")\n data = requests.post(url, json={\"count\": 1,\"valid_duration_in_minutes\": 527040},\n auth=HTTPBasicAuth(pc_user, pc_password),\n timeout=None, verify=False) \n if data.ok:\n _uuid = data.json()['uuid_list'][0]\n else:\n print(\"Error :- Failed to generate Idempotence UUID.\")\n exit(1)\n \n #account_uuid = get_account_uuid()\n \n return (\n {\"api_version\": \"3.1.0\",\n \"metadata\": {\n \"kind\": \"network_group_tunnel\"\n },\n \"spec\": {\n \"resources\": {\n \"platform_vpc_uuid_list\": [\n params[\"vpc_uuid\"]\n ],\n \"tunnel_reference\": {\n \"kind\": \"tunnel\",\n \"uuid\": _uuid,\n \"name\": params[\"tunnel_name\"]\n },\n \"account_reference\": {\n \"kind\": \"account\",\n \"uuid\": params[\"account_uuid\"]\n },\n \"tunnel_vm_spec\": {\n \"vm_name\": params[\"tunnel_name\"]+\"_\"+params[\"vpc_name\"]+\"_TunnelVM\",\n \"subnet_uuid\": params[\"overlay_subnet_uuid\"],\n \"cluster_uuid\": params[\"cluster_uuid\"]\n }\n },\n \"name\": params[\"tunnel_name\"]\n }\n })\n\ndef create_tunnel(**params):\n payload = get_spec(**params)\n url = _build_url(scheme=\"https\",\n resource_type=\"network_groups\/tunnels\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_user,pc_password),\n timeout=None, verify=False)\n wait_for_completion(data)\n \ndef wait_for_completion(data):\n if data.ok:\n state = 'PENDING'\n while state == \"PENDING\":\n _uuid = data.json()[\"request_id\"]\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_user, pc_password),\n verify=False) \n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Error occured ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', \n responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"SUCCEEDED\"\n else:\n print(\"Error occured ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n\nvpc = @@{vpc_details}@@\n#account = @@{account_details}@@\noverlay_subnet = @@{overlay_subnet_details}@@\nparams = {\"vpc_name\" : vpc[\"name\"],\n \"vpc_uuid\" : vpc[\"uuid\"],\n \"account_name\" : \"@@{account_name}@@\".strip(),\n \"account_uuid\" : get_account_uuid(),\n \"overlay_subnet_uuid\" : overlay_subnet[\"uuid\"],\n \"cluster_uuid\" : \"@@{cluster_uuid}@@\",\n \"tunnel_name\" : \"@@{tenant_name}@@_VPC_Tunnel\"\n }\ncreate_tunnel(**params)","type":"","command_line_args":"","exit_status":[],"script_type":"static"},"timeout_secs":"0","type":"EXEC","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Set Quota","attrs":{"script":"# script\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"localhost\"\npc_username = \"@@{management_pc_username}@@\".strip()\npc_password = \"@@{management_pc_password}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef cluster_details(cluster=None):\n cluster_name = \"@@{cluster_name}@@\".strip()\n if cluster != None:\n cluster_name = cluster\n payload = {\"kind\": \"cluster\"}\n url = _build_url(scheme=\"https\",\n resource_type=\"\/clusters\/list\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if data.ok:\n for _cluster in data.json()['entities']:\n if _cluster['status']['name'] == cluster_name:\n return(str(_cluster['metadata']['uuid']))\n print(\"Input Error :- Given cluster %s not present on %s\"%(cluster_name, PC_IP))\n exit(1)\n else:\n print(\"Error while fetching %s cluster info\"%cluster_name)\n print(data.json().get('message_list',data.json().get('error_detail', data.json())))\n exit(1)\n \ndef add_quotas(account,**params):\n if params.get(\"quotas\", \"None\") != \"None\":\n memory = 0\n disk = 0\n vcpus = 0\n for resource in params['quotas']:\n if resource.get(\"mem_gb\", 0) != 0:\n mem_gb = resource[\"mem_gb\"] * 1024 * 1024 * 1024\n memory = mem_gb\n if resource.get(\"storage_gb\", 0) != 0:\n storage_gb = resource['storage_gb'] * 1024 * 1024 * 1024\n disk = storage_gb\n if resource.get(\"vcpu\", 0) != 0:\n vcpus = resource['vcpu']\n \n cluster_uuid = \"@@{cluster_uuid}@@\"\n project_details = @@{project_details}@@\n account_details = @@{account_details}@@\n entities = {}\n entities[\"account\"]=account_details['uuid']\n entities[\"cluster\"]=cluster_uuid\n entities[\"project\"]=project_details['uuid']\n\n if not account:\n entities = {\"project\": project_details['uuid']}\n \n url = _build_url(scheme=\"https\",\n resource_type=\"\/idempotence_identifiers\")\n data = requests.post(url, json={\"count\": 1,\"valid_duration_in_minutes\": 527040},\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n _uuid = data.json()['uuid_list'][0]\n payload = ({\n \"metadata\": {\n \"kind\": \"quota\",\n \"project_reference\": {\n \"kind\": \"project\",\n \"name\": project_details['name'],\n \"uuid\": project_details['uuid']\n },\n \"uuid\": _uuid\n },\n \"spec\": {\n \"resources\": {\n \"data\": {\n \"disk\": disk,\n \"vcpu\": vcpus,\n \"memory\": memory\n },\n \"entities\": entities,\n \"metadata\": {},\n \"uuid\": _uuid\n }\n }})\n \n url = \"https:\/\/{}:9440\/api\/calm\/v3.0\/quotas\".format(PC_IP)\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, \n pc_password),\n timeout=None, verify=False)\n wait_for_completion(data) \n else:\n print(\"Quota not set for project %s\"%project_details['name'])\n \n enable_quota_state(account_details['uuid'], project_details['uuid'])\n \ndef enable_quota_state(account, project):\n payload = {\"spec\":{\n \"resources\":{\n \"entities\":{\n \"project\":project},\n \"state\":\"enabled\"\n }\n }\n }\n \n url = \"https:\/\/{}:9440\/api\/calm\/v3.0\/quotas\/update\/state\".format(PC_IP)\n data = requests.put(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n wait_for_completion(data) \n \n payload = {\"spec\":{\n \"resources\":{\n \"entities\":{\n \"account\":account,\n \"project\":project},\n \"state\":\"enabled\"\n }\n }\n }\n \n url = \"https:\/\/{}:9440\/api\/calm\/v3.0\/quotas\/update\/state\".format(PC_IP)\n data = requests.put(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n wait_for_completion(data) \n \ndef wait_for_completion(data):\n if data.status_code in [200, 202]:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_username,pc_username), \n verify=False) \n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Got Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n print(\"Got Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n\nif (@@{project_vcpu}@@ != 0) or (@@{project_memory}@@ != 0) or (@@{project_disk_size}@@ != 0):\n params = @@{project_items}@@\n add_quotas(account=False,**params)\n params = @@{account_items}@@\n add_quotas(account=True,**params)\nelse:\n print(\"Info : Not setting Projects Quota, All Quota values are zero.\")","type":"","command_line_args":"","exit_status":[],"script_type":"static"},"timeout_secs":"0","type":"EXEC","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create Environment","attrs":{"exit_status":[],"script":"# script\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"@@{PC_IP}@@\".strip()\npc_username = \"@@{prism_central_username}@@\".strip()\npc_password = \"@@{prism_central_passwd}@@\".strip()\n\nmanagement_username = \"@@{management_pc_username}@@\".strip()\nmanagement_password = \"@@{management_pc_password}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef get_cluster_account_uuid():\n cluster_uuid = \"@@{cluster_uuid}@@\".strip()\n account_name = \"@@{account_name}@@\".strip()\n url = _build_url(scheme=\"https\",host=\"localhost\",resource_type=\"\/accounts\/list\")\n data = requests.post(url, json={\"kind\":\"account\",\"length\": 250},\n auth=HTTPBasicAuth(management_username, management_password),\n timeout=None, verify=False)\n if not data.ok:\n print(\"Error while fetching account details. -->\", data.json())\n exit(1)\n\n if account_name in str(data.json()):\n for new_data in data.json()['entities']:\n if new_data['metadata']['name'] == account_name:\n for _account in new_data[\"status\"][\"resources\"][\"data\"][\"cluster_account_reference_list\"]:\n if _account[\"resources\"][\"data\"][\"cluster_uuid\"] == cluster_uuid:\n return _account[\"uuid\"]\n print(\"Error : %s account not present on %s\"%(account_name,PC_IP))\n exit(1)\n else:\n print(\"Error : %s account not present on %s\"%(account_name,PC_IP))\n exit(1)\n\ndef _get_spec():\n tenantuuid = \"@@{tenant_uuid}@@\"\n account = get_cluster_account_uuid()\n print(\"Cluster account uuid : \",account)\n project_account = @@{account_details}@@\n project = @@{project_details}@@\n vpc_details = @@{vpc_details}@@\n project_subnet = @@{overlay_subnet_details}@@\n env_memory = (@@{project_memory}@@ \/ 2) * 1024\n subnet_references = []\n\n connection_type = \"POWERSHELL\"\n connection_port = 5985\n connection_protocol = \"http\"\n if \"@@{environment_os}@@\" == \"Linux\":\n connection_type = \"SSH\"\n connection_port = 22\n connection_protocol = \"\"\n\n nic_list = []\n nics = {}\n nics['subnet_reference'] = {'uuid': project_subnet[\"uuid\"]}\n subnet_references.append({'uuid': project_subnet[\"uuid\"]})\n nic_list.append(nics)\n\n url = _build_url(scheme=\"https\",\n resource_type=\"\/idempotence_identifiers\")\n data = requests.post(url, json={\"count\": 2,\"valid_duration_in_minutes\": 527040},\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n creds_uuid = \"\"\n substrate_uuid = \"\"\n if data.ok:\n creds_uuid = data.json()['uuid_list'][0]\n substrate_uuid = data.json()['uuid_list'][1]\n\n _creds_type = \"@@{credential_type}@@\"\n credential_definition_list = [\n \t\t{\n \t\t\"name\": \"@@{tenant_name}@@_cred\",\n \t\t\"type\": _creds_type,\n \t\t\"username\": \"@@{credential_username}@@\".strip(),\n \t\t\"secret\": {\n \t\t\"attrs\": {\n \t\t\"is_secret_modified\": True,\n \t\"secret_reference\" : {}\n \t\t},\n \t\t\"value\": \"\"\"@@{password_or_key}@@\"\"\"\n \t\t},\n \t\t\"uuid\": creds_uuid\n \t\t}]\n\n if _creds_type == \"KEY\":\n _pass = {\"passphrase\": {\n \"attrs\": {\n \"is_secret_modified\": True,\n },\n \"value\": \"@@{prism_central_passwd}@@\".strip()\n }\n }\n credential_definition_list[0].update(_pass)\n\n gpu_list = []\n disk_list = []\n boot_type = \"LEGACY\"\n boot_adapter = \"SCSI\"\n image_uuid = \"\"\n boot_index = 0\n boot_adapter = \"SCSI\"\n url = _build_url(scheme=\"https\",host=\"@@{PC_IP}@@\".strip(), resource_type=\"\/images\/list\")\n data = requests.post(url, json={\"kind\":\"image\", \"filter\":\"name==%s\"%\"@@{image_name}@@\".strip()},\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n if data.ok:\n if data.json()[\"metadata\"][\"total_matches\"] == 1:\n image_uuid = data.json()['entities'][0]['metadata']['uuid']\n else:\n print(\"There are '%s' total images with name - @@{image_name}@@\"%(\\\n data.json()[\"metadata\"][\"total_matches\"]))\n exit(1)\n else:\n print(\"Error -- %s Image not present on %s\"%(\"@@{image_name}@@\", PC_IP))\n disk_list.append({\n \"data_source_reference\": {\n \"kind\": \"image\",\n \"name\": \"@@{image_name}@@\".strip(),\n \"uuid\": image_uuid\n },\n \"device_properties\": {\n \"device_type\": \"DISK\",\n \"disk_address\": {\n \"device_index\": 0,\n \"adapter_type\": \"SCSI\"\n }\n }\n })\n\n serial_port = []\n serial_port.append({\"index\": 0, \"is_connected\": True})\n\n return ({\n \t\t\"api_version\": \"3.0\",\n \t\t\"metadata\": {\n \t\t\"kind\": \"environment\",\n \t\t\"project_reference\": {\n \t\t\"kind\": \"project\",\n \t\t\"name\": project['name'],\n \t\t\"uuid\": project['uuid']\n \t\t}\n \t\t},\n \t\t\"spec\": {\n \t\t\"name\": project['name']+\"_Environment\",\n \t\t\"description\": tenantuuid+project['name'],\n \t\t\"resources\": {\n \t\t\"substrate_definition_list\": [\n \t\t{\n \t\t\"variable_list\": [],\n \t\t\"type\": \"AHV_VM\",\n \t\t\"os_type\": \"@@{environment_os}@@\",\n \t\t\"action_list\": [],\n \t\t\"create_spec\": {\n \t\t\"name\": project['name']+\"_VM_@@{calm_random}@@\",\n \"categories\": {},\n \"cluster_reference\": {\n \"kind\": \"cluster\",\n \"name\": \"@@{cluster_name}@@\".strip(),\n \"uuid\": \"@@{cluster_uuid}@@\".strip()\n },\n \t\t\"resources\": {\n \t\t\"disk_list\": disk_list,\n \"gpu_list\": gpu_list,\n \"serial_port_list\": serial_port,\n \t\t\"nic_list\": nic_list,\n #\"power_state\": \"ON\",\n \t\t\"boot_config\": {\n \t\t\"boot_device\": {\n \t\t\"disk_address\": {\n \t\t\"device_index\": boot_index,\n \t\t\"adapter_type\": boot_adapter\n \t\t}\n \t\t},\n \t\t\"boot_type\": boot_type\n \t\t},\n \t\t\"num_sockets\": 2,\n \t\t\"num_vcpus_per_socket\": 1,\n \t\t\"memory_size_mib\": env_memory,\n \t\t\"account_uuid\": account\n\n \t\t},\n \t\t\"categories\": {\"TenantName\":\"@@{tenant_name}@@\".strip()}\n \t\t},\n \t\t\"readiness_probe\": {\n \t\t\"disable_readiness_probe\": True,\n \t\t\"connection_type\": connection_type,\n \t\t\"connection_port\": connection_port,\n \"connection_protocol\": connection_protocol,\n \"delay_secs\": \"5\",\n \t\t\"login_credential_local_reference\": {\n \t\t\"kind\": \"app_credential\",\n \t\t\"uuid\": creds_uuid\n \t\t},\n \"address\": \"\"\n \t\t},\n \t\t\"name\": \"@@{tenant_name}@@\".strip(),\n \"uuid\": substrate_uuid\n \t\t}\n \t\t],\n \t\t\"credential_definition_list\": credential_definition_list,\n \t\t\"infra_inclusion_list\": [\n \t\t{\n \t\t\"account_reference\": {\n \t\t\"uuid\": project_account['uuid'],\n \t\t\"kind\": \"account\"\n \t\t},\n \t\t\"type\": \"nutanix_pc\",\n \t\t\"subnet_references\": subnet_references,\n \t\t\"default_subnet_reference\": subnet_references[0],\n \"vpc_references\": [{\"uuid\":vpc_details[\"uuid\"]}],\n \"cluster_references\": [{\"uuid\":\"@@{cluster_uuid}@@\"}]\n \t\t}\n \t\t]\n \t\t}\n \t\t}})\n\ndef create_env():\n payload = _get_spec()\n guest_customization = {}\n if \"\"\"@@{guest_customization_script}@@\"\"\".lower() not in [\"\".strip(), \"none\", \"na\"]:\n if \"@@{environment_os}@@\" == \"Windows\":\n guest_customization = {\"sysprep\":{\"install_type\": 'FRESH',\n \"unattend_xml\": \"\"\"@@{guest_customization_script}@@\"\"\"}}\n else:\n guest_customization = {\"cloud_init\":{\"user_data\": \"\"\"@@{guest_customization_script}@@\"\"\"}}\n payload['spec']['resources']['substrate_definition_list'][0]['create_spec']\\\n ['resources']['guest_customization'] = guest_customization\n\n url = _build_url(scheme=\"https\",host=\"localhost\", resource_type=\"\/environments\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(management_username,management_password),\n timeout=None, verify=False)\n if not data.ok:\n print(\"Error while creating environment ---> \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\n return {\"uuid\": data.json()['metadata']['uuid'],\n \t\t\t\"name\":payload['spec']['name'],\n \"default\": True}\nenvironment = {}\nif \"@@{create_environment}@@\".lower() == \"yes\":\n environment = create_env()\nprint(\"environment_details={}\".format(environment))\n","eval_variables":["environment_details"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Update Project","attrs":{"script":"# script\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"localhost\"\npc_username = \"@@{management_pc_username}@@\".strip()\npc_password = \"@@{management_pc_password}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n \ndef _get_spec(project):\n url = _build_url(scheme=\"https\",\n resource_type=\"\/projects_internal\/{}\".format(project))\n data = requests.get(url,\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n return data.json()\n \ndef update_project(**params):\n project = @@{project_details}@@\n project_items = @@{project_items}@@\n payload = _get_spec(project['uuid'])\n for x in ['categories', 'categories_mapping', 'creation_time', 'last_update_time', 'owner_reference']:\n del payload['metadata'][x]\n del payload['status']\n payload['spec']['access_control_policy_list'][0]['operation'] = \"UPDATE\"\n #payload['spec']['access_control_policy_list'][0]['acp']\\\n # ['resources']['filter_list']['context_list'][0]\\\n # ['scope_filter_expression_list'][0]['right_hand_side']['uuid_list'] = [project['uuid']]\n \n #payload['spec']['access_control_policy_list'][0]['acp']['resources']\\\n # ['filter_list']['context_list'][1]['entity_filter_expression_list']\\\n # [4]['right_hand_side']['uuid_list'] = [project['uuid']]\n \n \n #payload['spec']['access_control_policy_list'][0]['acp']['resources']\\\n # ['filter_list']['context_list'][2]['scope_filter_expression_list']\\\n # [0]['right_hand_side']['uuid_list'] = [project['uuid']]\n \n environment_details = @@{environment_details}@@\n payload['spec']['project_detail']['resources']['environment_reference_list'] = []\n if \"@@{create_environment}@@\".lower() == \"yes\":\n payload['spec']['project_detail']['resources']\\\n ['environment_reference_list'].append({\"kind\":\"environment\",\n \"uuid\":environment_details['uuid']})\n payload['spec']['project_detail']['resources']\\\n [\"default_environment_reference\"] = {\"kind\":\"environment\",\n \"uuid\":environment_details['uuid']}\n \n url = _build_url(scheme=\"https\",\n resource_type=\"\/projects_internal\/{}\".format(project['uuid']))\n data = requests.put(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n if data.ok:\n task = wait_for_completion(data) \n print(\"Project %s updated successfully\"%project['name'])\n else:\n print(\"Error while updating project : %s\"%data.json())\n exit(1)\n \ndef wait_for_completion(data):\n if data.ok:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(\n pc_username, pc_password),\n verify=False)\n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Error in project update ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n state = data.json().get('state')\n print(\"Error in project update ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n\nparams = @@{project_items}@@\nupdate_project(**params)","type":"","command_line_args":"","exit_status":[],"script_type":"static"},"timeout_secs":"0","type":"EXEC","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create Protection Policy","attrs":{"script":"# script\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"localhost\"\npc_username = \"@@{management_pc_username}@@\".strip()\npc_password = \"@@{management_pc_password}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef get_policy_spec(**params):\n url = _build_url(scheme=\"https\",\n resource_type=\"\/idempotence_identifiers\")\n data = requests.post(url, json={\"count\": 1,\"valid_duration_in_minutes\": 527040},\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False) \n _uuid = \"\"\n if data.ok:\n _uuid = data.json()['uuid_list'][0]\n else:\n print(\"Error :- Failed to generate UUID for app_protection_rule\")\n exit(1)\n return (\n {\n \"api_version\": \"3.0\",\n \"metadata\": {\n \"kind\": \"app_protection_policy\",\n \"project_reference\": {\n \"kind\": \"project\",\n \"uuid\": params['project_uuid']\n }\n },\n \"spec\": {\n \"name\": \"Snapshot_Policy_@@{tenant_name}@@\",\n \"description\": \"\",\n \"resources\": {\n \"is_default\": True,\n \"ordered_availability_site_list\": [\n {\n \"environment_reference\": {\n \"kind\": \"environment\",\n \"uuid\": params['environment']\n },\n \"infra_inclusion_list\": {\n \"type\": \"nutanix_pc\",\n \"account_reference\": {\n \"kind\": \"account\",\n \"uuid\": params['account_uuid']\n },\n \"cluster_references\": [\n {\n \"kind\": \"cluster\",\n \"uuid\": params['cluster_uuid']\n }\n ]\n }\n }\n ],\n \"app_protection_rule_list\": [\n {\n \"name\": \"Protection_rule_@@{tenant_name}@@\",\n \"enabled\": True,\n \"local_snapshot_retention_policy\": {\n \"snapshot_expiry_policy\": {\n \"multiple\": 0\n }\n },\n \"first_availability_site_index\": 0,\n \"second_availability_site_index\": 0,\n \"uuid\": _uuid\n }\n ]\n }\n }\n })\n\ndef protection_policy(**params):\n payload = get_policy_spec(**params)\n url = \"https:\/\/%s:9440\/api\/calm\/v3.0\/app_protection_policies\"%PC_IP\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username,pc_password),\n timeout=None, verify=False)\n #print(\"protection_policy_uuid={}\".format(data.json()[\"metadata\"][\"uuid\"]))\n #print(\"protection_rule_uuid={}\".format(data.json()[\"spec\"]\\\n # [\"resources\"][\"app_protection_rule_list\"][0][\"uuid\"]))\n wait_for_completion(data)\n \ndef wait_for_completion(data):\n if data.ok:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(\n pc_username, pc_password),\n verify=False)\n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Failed to create Snapshot Policy ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n state = data.json().get('state')\n print(\"Failed to create Snapshot Policy ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n \nparams = {}\nproject = @@{project_details}@@\nenvironment = @@{environment_details}@@\naccount = @@{account_details}@@\n\nparams['project_uuid'] = project['uuid']\nparams['environment'] = environment.get('uuid', None)\nparams['account_uuid'] = account['uuid']\nparams['cluster_uuid'] = \"@@{cluster_uuid}@@\"\n\nif environment:\n protection_policy(**params)\n print(\"Snapshot Policy Created Successfully.\")\nelse:\n print(\"Add environments to start creating snapshot policies.\")","type":"","command_line_args":"","exit_status":[],"script_type":"static"},"timeout_secs":"0","type":"EXEC","variable_list":[]}],"description":"","name":"a4e81cce_runbook","main_task_local_reference":{"kind":"app_task","name":"8ee0af0e_dag"},"variable_list":[{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"management_pc_username","value":"admin","label":"Management PC Username","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"SECRET","name":"management_pc_password","value":"Jt\/5t4Ec4o3hdOM72neucLgdMZ7nrdtaagG7c3FRbE2I0ndjDCOZgc3Fow==:utf-8","label":"Management PC Password","attrs":{"is_secret_modified":false,"secret_reference":{},"type":"SECRET"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":""},"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"tenant_name","value":"uat1","label":"Tenant Name","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"Click \"yes\" to cleanup any previous failed setup.","data_type":"BASE","type":"LOCAL","name":"delete_existing","value":"Yes","label":"Delete Existing setup","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":["Yes","No"]}},{"val_type":"STRING","is_mandatory":true,"description":"Example :- 10.44.46.56","data_type":"BASE","type":"LOCAL","name":"PC_IP","value":"10.44.76.167","label":"Workload PC IP","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^.*$"},"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"SECRET","name":"prism_central_username","value":"oWbgimo75HYbAc7VkHqDgvvtZpN0neOoWCjDVZ3I7RQfnS1ltQ==:utf-8","label":"Workload PC Username","attrs":{"is_secret_modified":false,"secret_reference":{},"type":"SECRET"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"SECRET","name":"prism_central_passwd","value":"92dRk85kM5r\/Iyezi+TD4keev7\/VfAnFNjCt9zaLRd09cNWd\/8DuYl6F3g==:utf-8","label":"Workload PC Password","attrs":{"is_secret_modified":false,"secret_reference":{},"type":"SECRET"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"Example :- ldap:\/\/10.46.8.66:389","data_type":"BASE","type":"LOCAL","name":"active_directory_url","value":"ldap:\/\/10.46.8.66:389","label":"Active Directory URL","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"Example :- corp.company.ca","data_type":"BASE","type":"LOCAL","name":"active_directory_domain","value":"qa.nucalm.io","label":"Active Directory Domain Name","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"SECRET","name":"active_directory_user","value":"3KAFUML\/PaNddBr5+vCu5TDAhrqS3kAtt\/iIg5vBshcGSmEb1+oqkVd+d4EjyyPxmjJ43pePZWXB9Q==:utf-8","label":"Active Directory Username","attrs":{"is_secret_modified":false,"secret_reference":{},"type":"SECRET"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"SECRET","name":"active_directory_password","value":"dotebfFtbXuJMvJd1KUpsGIMiKfIeBJRZD486bfoD75XZYSdZ76+rALm:utf-8","label":"Active Directory Password","attrs":{"is_secret_modified":false,"secret_reference":{},"type":"SECRET"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"Example :- pjadmin@corp.company.ca","data_type":"BASE","type":"LOCAL","name":"project_admin_user","value":"ssptest1@qa.nucalm.io","label":"Project Admin","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"cluster_name","value":"auto_cluster_prod_f38da47d51f4","label":"Cluster Name","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"virtual_switch","value":"vs0","label":"Virtual Switch Name","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^[\\d]*$"},"val_type":"INT","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"external_vlan_id","value":"49","label":"External VLAN ID","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"Example :- 10.20.30.0\/24","data_type":"BASE","type":"LOCAL","name":"external_subnet_ip","value":"10.44.44.0\/24","label":"External Subnet IP with Prefix","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"Enter Start IP followed by End IP. Example :- 10.20.30.2-10.20.30.10","data_type":"BASE","type":"LOCAL","name":"external_subnet_ip_pool","value":"10.44.44.2-10.44.44.10","label":"External Subnet IP Pool Range","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"Example :- 10.20.30.1","data_type":"BASE","type":"LOCAL","name":"external_subnet_gateway_ip","value":"10.44.44.1","label":"External Subnet Gateway IP","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"external_subnet_nat","value":"True","label":"External Subnet NAT","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":["True","False"]}},{"val_type":"STRING","is_mandatory":true,"description":"Example :- 10.10.10.0\/24","data_type":"BASE","type":"LOCAL","name":"overlay_subnet_ip","value":"10.20.10.0\/24","label":"Overlay Subnet IP With Prefix","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"overlay_subnet_gateway_ip","value":"10.20.10.1","label":"Overlay Subnet Gateway IP","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"account_name","value":"policy_account","label":"Account Name","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^[\\d]*$"},"val_type":"INT","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"project_vcpu","value":"6","label":"Quota : vCPUs ","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^[\\d]*$"},"val_type":"INT","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"project_memory","value":"12","label":"Quota : Memory in GB","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^[\\d]*$"},"val_type":"INT","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"project_disk_size","value":"50","label":"Quota : Disk Size in GB","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"allow_collaboration","value":"True","label":"Allow Project Collaboration","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":["True","False"]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"create_environment","value":"Yes","label":"Create Project Environment with Default Values","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":["Yes","No"]}},{"val_type":"STRING","is_mandatory":true,"description":"Required only if creating environment with default values.","data_type":"BASE","type":"LOCAL","name":"environment_os","value":"Linux","label":"Environment operating system","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":["Linux","Windows"]}},{"val_type":"STRING","is_mandatory":true,"description":"Required only if creating environment with default values.","data_type":"BASE","type":"LOCAL","name":"image_name","value":"Centos7HadoopMaster","label":"Image Name","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^(.|\\n)*$"},"val_type":"MULTILINE_STRING","is_mandatory":false,"description":"Should be base64 encoded for Linux and XML for Windows.","data_type":"BASE","type":"LOCAL","name":"guest_customization_script","value":"I2Nsb3VkLWNvbmZpZwp1c2VyczoKICAtIG5hbWU6IG51dGFuaXgKICAgIHNzaC1hdXRob3JpemVkLWtleXM6CiAgICAgIC0gc3NoLXJzYSBLRVkKICAgIHN1ZG86IFsnQUxMPShBTEwpIE5PUEFTU1dEOkFMTCddCiAgICBncm91cHM6IHN1ZG8KICAgIHNoZWxsOiAvYmluL2Jhc2gKCnBhY2thZ2VzOgogIC0gaHR0cGQ=","label":"Guest Customization Script","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"credential_username","value":"root","label":"Environment Credential Username","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"credential_type","value":"KEY","label":"Credential Type","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":["PASSWORD","KEY"]}},{"regex":{"should_validate":false,"value":"^(.|\\n)*$"},"val_type":"MULTILINE_STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"password_or_key","value":"-----BEGIN OPENSSH PRIVATE KEY-----\nb3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS\n1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQR9WZPeBSvixkhjQOh9yCXXlEx5CN9M\nyh94CJJ1rigf8693gc90HmahIR5oMGHwlqMoS7kKrRw+4KpxqsF7LGvxAAAAqJZtgRuWbY\nEbAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH1Zk94FK+LGSGNA\n6H3IJdeUTHkI30zKH3gIknWuKB\/zr3eBz3QeZqEhHmgwYfCWoyhLuQqtHD7gqnGqwXssa\/\nEAAAAgBzKpRmMyXZ4jnSt3ARz0ul6R79AXAr5gQqDAmoFeEKwAAAAOYWpAYm93aWUubG9j\nYWwBAg==\n-----END OPENSSH PRIVATE KEY-----","label":"Password Or Key","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}}]}},"name":"Tenant Onboarding with AD"},"api_version":"3.0","metadata":{"last_update_time":"1717565382366793","kind":"runbook","spec_version":1,"creation_time":"1717565328745911","name":"Tenant Onboarding with AD"}} diff --git a/Tenant_onboarding/Tenant Onboarding with IDP.json b/Tenant_onboarding/Tenant Onboarding with IDP.json index 75583ca..63d29c7 100644 --- a/Tenant_onboarding/Tenant Onboarding with IDP.json +++ b/Tenant_onboarding/Tenant Onboarding with IDP.json @@ -1 +1 @@ -{"status":{},"contains_secrets":true,"product_version":"3.6.2","spec":{"description":"","resources":{"endpoints_information":[],"endpoint_definition_list":[],"client_attrs":{},"credential_definition_list":[],"runbook":{"task_definition_list":[{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[{"kind":"app_task","name":"Precheck Validation"},{"kind":"app_task","name":"Generate Tenant UID"},{"kind":"app_task","name":"Create Categories"},{"kind":"app_task","name":"Create IDP"},{"kind":"app_task","name":"Create External Subnet"},{"kind":"app_task","name":"Create VPC"},{"kind":"app_task","name":"Create Overlay Subnet"},{"kind":"app_task","name":"Create Project"},{"kind":"app_task","name":"Create Tunnel for VPC"},{"kind":"app_task","name":"Set Quota"},{"kind":"app_task","name":"Create Environment"},{"kind":"app_task","name":"Update Project"},{"kind":"app_task","name":"Create Protection Policy"}],"name":"8ee0af0e_dag","attrs":{"edges":[{"from_task_reference":{"kind":"app_task","name":"Precheck Validation"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Generate Tenant UID"}},{"from_task_reference":{"kind":"app_task","name":"Create External Subnet"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create VPC"}},{"from_task_reference":{"kind":"app_task","name":"Create VPC"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create Overlay Subnet"}},{"from_task_reference":{"kind":"app_task","name":"Generate Tenant UID"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create Categories"}},{"from_task_reference":{"kind":"app_task","name":"Create Environment"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Update Project"}},{"from_task_reference":{"kind":"app_task","name":"Set Quota"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create Environment"}},{"from_task_reference":{"kind":"app_task","name":"Create Tunnel for VPC"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Set Quota"}},{"from_task_reference":{"kind":"app_task","name":"Create IDP"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create External Subnet"}},{"from_task_reference":{"kind":"app_task","name":"Generate Tenant UID"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create IDP"}},{"from_task_reference":{"kind":"app_task","name":"Create Project"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create Tunnel for VPC"}},{"from_task_reference":{"kind":"app_task","name":"Create Overlay Subnet"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create Project"}},{"from_task_reference":{"kind":"app_task","name":"Update Project"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create Protection Policy"}}],"type":""},"timeout_secs":"0","type":"DAG","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Precheck Validation","attrs":{"exit_status":[],"script":"# script\n\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"@@{PC_IP}@@\".strip()\npc_username = \"@@{prism_central_username}@@\".strip()\npc_password = \"@@{prism_central_passwd}@@\".strip()\nmgmt_pc_username = \"@@{prism_central_username}@@\".strip()\nmgmt_pc_password = \"@@{management_pc_password}@@\".strip()\nskip_delete = False\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef _get_cluster_details(cluster_name):\n payload = {\"kind\": \"cluster\"}\n url = _build_url(scheme=\"https\",\n resource_type=\"\/clusters\/list\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if data.ok:\n for _cluster in data.json()['entities']:\n if _cluster['status']['name'] == cluster_name:\n print(\"cluster_uuid={}\".format(_cluster['metadata']['uuid']))\n return str(_cluster['metadata']['uuid'])\n print(\"Input Error :- Given cluster %s not present on %s\"%(cluster_name, PC_IP))\n exit(1)\n else:\n print(\"Error while fetching %s cluster info\"%cluster_name)\n print(data.json().get('message_list',data.json().get('error_detail', data.json())))\n exit(1)\n \ndef _get_virtual_switch_uuid(virtual_switch_name, cluster_uuid): \n payload = {\"entity_type\": \"distributed_virtual_switch\", \n \"filter\": \"name==%s\"%virtual_switch_name}\n url = _build_url(scheme=\"https\",\n resource_type=\"\/groups\") \n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n verify=False)\n if data.ok:\n _uuid = data.json()['group_results'][0]['entity_results'][0]['entity_id']\n _url = \"https:\/\/%s:9440\/api\/networking\/v2.a1\/dvs\/virtual-switches\/%s?proxyClusterUuid=%s\"%(PC_IP,\n _uuid,\n cluster_uuid)\n _data = requests.get(_url, auth=HTTPBasicAuth(pc_username, pc_password),verify=False)\n if _data.json()['data']['name'] == virtual_switch_name:\n print(\"virtual switch uuid ----> \",_uuid)\n return str(_uuid)\n else:\n print(\"Input Error :- %s virtual switch not present on %s\"%(virtual_switch_name, PC_IP))\n exit(1)\n else:\n print(\"Error while fetching virtual switch details :- \",data.json().get('message_list',\n data.json().get('error_detail', \n data.json())))\n\ndef _get_subnet_uuid(subnet, delete=False):\n global skip_delete\n url = _build_url(scheme=\"https\",resource_type=\"\/subnets\/list\")\n data = requests.post(url, json={\"kind\":\"subnet\", \"filter\":\"name==%s\"%subnet},\n auth=HTTPBasicAuth(pc_username, \n pc_password),\n timeout=None, verify=False)\n if data.ok:\n if data.json()['metadata']['total_matches'] == 0:\n print(\"%s not present on %s\"%(subnet, PC_IP))\n skip_delete = True\n if not delete:\n exit(1)\n elif data.json()['metadata']['total_matches'] > 1:\n print(\"There are more than one subnets with name - %s on - %s\"%(subnet, PC_IP))\n print(\"Please delete it manually before executing runbook.\")\n exit(1)\n else:\n skip_delete = False\n return data.json()['entities'][0]['metadata']['uuid']\n else:\n print(\"Error while fetching subnet details :- \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\n \ndef get_subnet_details(_uuid):\n url = _build_url(scheme=\"https\",resource_type=\"\/subnets\/%s\"%_uuid)\n data = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n if not data.ok:\n print(\"Error while fetching project subnet details.\")\n print(data.json().get('message_list',\\\n data.json().get('error_detail', data.json())))\n exit(1)\n else:\n print(\"project_subnet_address={}\".format(data.json()['spec']\\\n ['resources']['ip_config']['pool_list'][0]['range'].split( )[-1]))\n \ndef _get_vpc_uuid(vpc_name):\n global skip_delete\n url = _build_url(scheme=\"https\",resource_type=\"\/vpcs\/list\")\n data = requests.post(url, json={\"kind\":\"vpc\", \"filter\":\"name==%s\"%vpc_name},\n auth=HTTPBasicAuth(pc_username, \n pc_password),\n timeout=None, verify=False)\n if data.ok:\n if data.json()['metadata']['total_matches'] == 0:\n print(\"%s not present on %s\"%(vpc_name, PC_IP))\n skip_delete = True\n elif data.json()['metadata']['total_matches'] > 1:\n print(\"There are more than one VPC's with name - %s on - %s\"%(vpc_name, PC_IP))\n print(\"Please delete it manually before executing runbook.\")\n exit(1)\n else:\n skip_delete = False\n return data.json()['entities'][0]['metadata']['uuid']\n else:\n print(\"Error while fetching VPC details :- \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\n \ndef _get_project_uuid(project_name):\n global skip_delete\n url = _build_url(scheme=\"https\",resource_type=\"\/projects\/list\", host = \"localhost\")\n data = requests.post(url, json={\"kind\":\"project\", \"filter\":\"name==%s\"%project_name},\n auth=HTTPBasicAuth(mgmt_pc_username, \n mgmt_pc_password),\n timeout=None, verify=False)\n if data.ok:\n if data.json()['metadata']['total_matches'] == 0:\n print(\"%s not present on %s\"%(project_name, \"Management PC\"))\n skip_delete = True\n elif data.json()['metadata']['total_matches'] > 1:\n print(\"There are more than one projects with name - %s on - %s\"%(project_name, \"Management PC\"))\n print(\"Please delete it manually before executing runbook.\")\n exit(1)\n else:\n skip_delete = False\n return data.json()['entities'][0]['metadata']['uuid']\n else:\n print(\"Error while fetching project details :- \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\n\ndef _get_tunnel_uuid(tunnel_name):\n global skip_delete\n tunnel_state = [\"CONNECTING\",\"NOT_VALIDATED\" ]\n url = _build_url(scheme=\"https\",resource_type=\"\/tunnels\/list\",host=\"localhost\")\n data = requests.post(url, json={\"kind\": \"tunnel\",\"filter\":\"name==%s\"%tunnel_name},\n auth=HTTPBasicAuth(mgmt_pc_username, \n mgmt_pc_password),\n timeout=None, verify=False)\n if data.ok:\n if data.json()['metadata']['total_matches'] == 0:\n print(\"%s does not exist\"%(tunnel_name))\n skip_delete = True\n elif data.json()['metadata']['total_matches'] > 1:\n print(\"There are more than one tunnel with name - %s\"%(tunnel_name))\n print(\"Please delete it manually before executing runbook.\")\n exit(1)\n elif data.json()['entities'][0]['status']['state'] in tunnel_state:\n print(\"tunnel is in NOT_VALIDATED,Please delete it manually before executing runbook.\")\n exit(1)\n else:\n skip_delete = False\n tunnel_uuid = data.json()['entities'][0]['status']['resources']['uuid']\n return tunnel_uuid\n else:\n print(\"Error while fetching tunnel details :- \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\n\ndef _get_network_group_uuid(tunnel_name):\n global skip_delete\n url = _build_url(scheme=\"https\",resource_type=\"\/network_groups\/list\",host=\"localhost\")\n data = requests.post(url, json={\"kind\": \"network_group\",\"filter\":\"name==%s\"%tunnel_name},\n auth=HTTPBasicAuth(mgmt_pc_username, \n mgmt_pc_password),\n timeout=None, verify=False)\n if data.ok:\n if data.json()['metadata']['total_matches'] == 0:\n print(\"%s does not exist\"%(tunnel_name))\n skip_delete = True\n else:\n skip_delete = False\n group_uuid = data.json()['entities'][0]['status']['resources']['uuid']\n return group_uuid\n else:\n print(\"Error while fetching network group details :- \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\n\ndef delete_project_environment(project_name):\n print(\"Fetching project environments information...\")\n project_name = project_name.strip()\n url = _build_url(scheme=\"https\", host=\"localhost\",resource_type=\"\/environments\/list\")\n data = requests.post(url, json={\"kind\":\"environment\"},\n auth=HTTPBasicAuth(mgmt_pc_username, \n mgmt_pc_password),\n timeout=None, verify=False)\n uuid_list = []\n if data.ok:\n if data.json()[\"metadata\"] > 0:\n for _env in data.json()[\"entities\"]:\n if \"project_reference\" in _env[\"metadata\"].keys():\n if _env[\"metadata\"][\"project_reference\"][\"name\"] == project_name:\n uuid_list.append(_env[\"metadata\"][\"uuid\"])\n else:\n print(\"Info : No environment found on localhost\")\n else:\n print(\"Failed to fetch environment details.\")\n print(data.json().get('message_list',data.json().get('error_detail', data.json())))\n exit(1)\n \n for _uuid in uuid_list:\n url = _build_url(scheme=\"https\", host=\"localhost\",resource_type=\"\/environments\/%s\"%_uuid)\n data = requests.delete(url,auth=HTTPBasicAuth(mgmt_pc_username, \n mgmt_pc_password),\n timeout=None, verify=False)\n if data.ok:\n if \"Environment with uuid %s deleted\"%_uuid not in data.json()[\"description\"]:\n print(\"Failed to project environment.\",data.json())\n exit(1)\n else:\n print(\"Error while deleting project environment.\")\n print(data.json().get('message_list',data.json().get('error_detail', data.json())))\n exit(1)\n \n if uuid_list != []:\n print(\"%s Project environment with %s uuid's deleted successfully.\"%(project_name, uuid_list))\n\ndef wait_for_completion(data):\n if data.ok:\n state = data.json().get('status', None).get('state', None)\n while state == \"DELETE_PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if responce.json().get('status', None) in ['DELETE_PENDING']:\n state = 'DELETE_PENDING'\n sleep(5) \n elif responce.json().get('status', None) == 'FAILED':\n print(\"Got Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\" \n else:\n print(\"Got Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n \ndef _get_ip(IP):\n ip_list = IP.split(\".\")\n gatewat_digit = int(ip_list[-1]) + 1\n start_digit = gatewat_digit + 1\n end_digit = start_digit + 50\n gateway_ip = ip_list[:3]\n gateway_ip.append(str(gatewat_digit))\n gateway_ip = \".\".join(gateway_ip)\n start_ip = ip_list[:3]\n start_ip.append(str(start_digit))\n start_ip = \".\".join(start_ip)\n end_ip = ip_list[:3]\n end_ip.append(str(end_digit))\n end_ip = \".\".join(end_ip)\n return (gateway_ip, start_ip, end_ip)\n \nexternal_subnet_items = {}\nvpc_items = {}\noverlay_subnet_items = {}\nproject_items = {}\nidp_items = {}\naccount_items = {}\ntunnel_items = {}\n\ntenant = \"@@{tenant_name}@@\".strip()\ncluster = \"@@{cluster_name}@@\".strip()\ncluter_uuid = _get_cluster_details(cluster)\nexternal_subnet = \"@@{external_subnet_ip}@@\".strip()\nexternal_subnet_ip, external_subnet_prefix= external_subnet.split(\"\/\")\nexternal_subnet_items['name'] = \"@@{tenant_name}@@_External_Subnet\"\nexternal_subnet_items['cluster'] = cluster\nexternal_subnet_items['enable_nat'] = @@{external_subnet_nat}@@\nexternal_subnet_items['virtual_switch_name'] = \"@@{virtual_switch}@@\".strip()\n_uuid = _get_virtual_switch_uuid(external_subnet_items['virtual_switch_name'], cluter_uuid)\nexternal_subnet_items['gateway_ip'] = \"@@{external_subnet_gateway_ip}@@\".strip()\nexternal_subnet_items['network_ip'] = external_subnet_ip\nexternal_subnet_items['prefix'] = int(external_subnet_prefix)\nIP_POOL = \"@@{external_subnet_ip_pool}@@\".strip().split(\"-\")\nexternal_subnet_items['ip_pools'] = {\"range\":\"%s %s\"%(IP_POOL[0],IP_POOL[1])}\n\nvpc_items['name'] = \"@@{tenant_name}@@_VPC\"\nvpc_items['external_subnet_name'] = external_subnet_items['name']\ntunnel_items['name'] = \"@@{tenant_name}@@_VPC_Tunnel\"\n\noverlay_subnet = \"@@{overlay_subnet_ip}@@\".strip()\noverlay_subnet_ip, overlay_subnet_prefix = overlay_subnet.split(\"\/\")\noverlay_subnet_items['subnet_name'] = \"@@{tenant_name}@@_Overlay_Subnet\"\noverlay_subnet_items['vpc_name'] = vpc_items['name']\noverlay_subnet_items['network_ip'] = overlay_subnet_ip\noverlay_subnet_items['prefix'] = int(overlay_subnet_prefix)\noverlay_subnet_items['gateway_ip'] = \"@@{overlay_subnet_gateway_ip}@@\".strip()\nIP = _get_ip(overlay_subnet_ip)\noverlay_subnet_items['ip_pool'] = [{\"ip_pools_start_ip\":IP[1], \n \"ip_pools_end_ip\":IP[2]}]\nprint(\"project_subnet_address={}\".format(IP[2]))\n\nidp_items['name'] = \"Tenant_{}_IDP\".format(\"@@{tenant_name}@@\".strip())\n#idp_items['metadata'] = \"@@{idp_metadata}@@\".strip()\n\nadmin_user = \"@@{project_admin_user}@@\".strip()\nproject_subnet_uuid = \"\"\nproject_items['name'] = \"{}_project\".format(tenant)\nproject_items['tenant_users'] = [{\"admin\": [\"{}\".format(admin_user)]}]\nproject_items['accounts'] = \"@@{account_name}@@\".strip()\nproject_items['allow_collaboration'] = False\n#project_subnet = \"@@{project_subnet_uuid}@@\"\n#get_subnet_details(project_subnet)\n#print(\"project_subnet_uuid={}\".format(project_subnet))\n#project_items['subnets'] = [\"{}\".format(project_subnet)]\nproject_items['quotas'] = [{'storage_gb':@@{project_disk_size}@@,\n 'mem_gb':@@{project_memory}@@,\n 'vcpu':@@{project_vcpu}@@}]\n\naccount_items['cluster'] = cluster\naccount_items['quotas'] = [{'storage_gb':@@{project_disk_size}@@,\n 'mem_gb':@@{project_memory}@@,\n 'vcpu':@@{project_vcpu}@@}]\n\nprint(\"external_subnet_items={}\".format(external_subnet_items))\nprint(\"vpc_items={}\".format(vpc_items))\nprint(\"overlay_subnet_items={}\".format(overlay_subnet_items))\nprint(\"project_items={}\".format(project_items))\nprint(\"idp_items={}\".format(idp_items))\nprint(\"account_items={}\".format(account_items))\nprint(\"Tunnel_items={}\".format(tunnel_items))\n\n\ndef _delete(type, uuid, **params):\n if(params.get(\"host\",None)):\n host = params['host']\n else:\n host = PC_IP\n url = _build_url(scheme=\"https\",host=host,resource_type=\"\/%s\/%s\"%(type,uuid))\n if(params.get(\"username\",None)):\n user_name = params['username']\n else:\n user_name = pc_username\n\n if(params.get(\"password\",None)):\n pass_word = params['password']\n else:\n pass_word = pc_password\n \n data = requests.delete(url, auth=HTTPBasicAuth(user_name, pass_word),\n timeout=None, verify=False)\n if not data.ok:\n print(\"Failed to delete existing %s with uuid %s.\"%(type, uuid))\n print(\"Error :- \",data.json())\n exit(1)\n else:\n wait_for_completion(data)\n \nif \"@@{delete_existing}@@\".lower() == \"yes\":\n _group_uuid = _get_network_group_uuid(tunnel_name=tunnel_items['name'])\n _tunnel_uuid = _get_tunnel_uuid(tunnel_name=tunnel_items['name'])\n if skip_delete == False:\n _delete(type=\"network_groups\/{}\/tunnels\".format(_group_uuid),uuid=_tunnel_uuid, username=mgmt_pc_username, password=mgmt_pc_password, host = \"localhost\")\n sleep(5)\n \n _uuid = _get_project_uuid(project_items['name'])\n\n if skip_delete == False:\n delete_project_environment(project_items['name'])\n _delete(type=\"projects\", uuid=_uuid, host=\"localhost\", username=mgmt_pc_username, password=mgmt_pc_password)\n \n _uuid = _get_subnet_uuid(subnet=overlay_subnet_items['subnet_name'], delete=True)\n if skip_delete == False:\n _delete(type=\"subnets\", uuid=_uuid)\n sleep(5)\n \n _uuid = _get_vpc_uuid(vpc_items['name'])\n if skip_delete == False:\n _delete(type=\"vpcs\", uuid=_uuid)\n sleep(5)\n \n _uuid = _get_subnet_uuid(subnet=external_subnet_items['name'], delete=True)\n if skip_delete == False:\n _delete(type=\"subnets\", uuid=_uuid)","eval_variables":["external_subnet_items","vpc_items","overlay_subnet_items","project_items","idp_items","account_items","cluster_uuid","project_subnet_uuid","project_subnet_address"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Generate Tenant UID","attrs":{"exit_status":[],"script":"uid = uuid.uuid4()\nprint(\"UID={}\".format({\"tenant_uuid\":'%s'%uid}))\n","eval_variables":["UID"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create Categories","attrs":{"script":"# script\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"@@{PC_IP}@@\".strip()\npc_password = \"@@{prism_central_passwd}@@\".strip()\npc_username = \"@@{prism_central_username}@@\".strip()\n\ntenant = @@{UID}@@\nCategoryName = \"TenantName\"\nvalue = \"@@{tenant_name}@@\".strip()\ndescription = \"Tenant Onboarding category for %s\"%value\n\nbase_url = 'https:\/\/{}:9440\/api\/nutanix\/v3\/categories'.format(PC_IP)\npayload = {\n \"name\": CategoryName,\n \"description\": description,\n# \"capabilities\": {\n# \"cardinality\": 64\n# }\n }\n\napi_url = base_url + '\/' + CategoryName\n\nr = requests.put(api_url, json=payload, \n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\nif not r.ok:\n print(\"PUT request failed\", r.content)\n exit(1)\n\nbatch_url = \"https:\/\/{}:9440\/api\/nutanix\/v3\/batch\".format(PC_IP)\n\npayload = {\"action_on_failure\":\"CONTINUE\",\n \"execution_order\":\"NON_SEQUENTIAL\",\n \"api_request_list\":[\n {\n \"operation\":\"PUT\",\n \"path_and_params\":\"\/api\/nutanix\/v3\/categories\/{}\/{}\".format(CategoryName, value),\n \"body\":{\n \"value\":value,\n \"description\":description\n }\n }\n ],\n \"api_version\":\"3.0\"}\n\nr = requests.post(batch_url, json=payload, \n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\nif r.ok:\n print(\"Category created: {}\".format(CategoryName))\n print(\"category_details={}\".format(r.content))\nelse:\n print(\"Failed to create category - %s\"%CategoryName)\n print(r.content)","type":"","command_line_args":"","exit_status":[],"script_type":"static"},"timeout_secs":"0","type":"EXEC","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create IDP","attrs":{"exit_status":[],"script":"# script\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"localhost\"\npc_username =\"@@{management_pc_username}@@\".strip()\npc_password = \"@@{management_pc_password}@@\".strip()\n\n#roles = ROLE_CLUSTER_VIEWER, ROLE_USER_ADMIN, ROLE_CLUSTER_ADMIN\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n \ndef wait_for_completion(data):\n if data.ok:\n state = data.json().get('status', None).get('state', None)\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password),\n verify=False) \n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Error occured ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n print(\"Error occured ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n\ndef get_spec():\n return ({\n \"spec\":{\n \"name\":\"@@{idp_name}@@\",\n \"resources\":{\n \"idp_metadata\":\"\"}},\n \"metadata\":{\n \"kind\":\"identity_provider\"\n },\n \"api_version\":\"3.1.0\"\n })\n\ndef identity_providers():\n payload = get_spec()\n payload[\"spec\"][\"resources\"][\"idp_metadata\"] = \"\"\"@@{idp_metadata}@@\"\"\"\n url = _build_url(scheme=\"https\",\n resource_type=\"\/identity_providers\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username,pc_password),\n timeout=None, verify=False)\n print(\"======================================\")\n print(payload)\n print(data.json())\n wait_for_completion(data)\n\n idp_uuid = data.json()[\"metadata\"][\"uuid\"]\n print(\"idp_details={}\".format({\"name\":\"@@{idp_name}@@\",\n \"uuid\":idp_uuid}))\n return idp_uuid\n \n \ndef create_role_mapping(idp_uuid):\n query_string = \"&entityType=USER&role=ROLE_CLUSTER_VIEWER\"\n url = \"https:\/\/%s:9440\/PrismGateway\/services\/rest\/v1\/\"\\\n \"authconfig\/identity_providers\/%s\/role_mappings?%s\"%(PC_IP,\n idp_uuid,\n query_string)\n payload = {\"role\":\"ROLE_CLUSTER_VIEWER\",\"entityType\":\"USER\",\n \"idpUuid\":idp_uuid,\n \"entityValues\":[\"idpuser10@calmsaastest.com\"]}\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username,pc_password),\n timeout=None, verify=False)\n if not data.ok:\n print(\"Error :- \",data.json())\n exit(1)\n print(data.json())\n\nidp_details = {}\nurl = _build_url(scheme=\"https\",\n resource_type=\"\/identity_providers\/list\")\ndata = requests.post(url, json={\"kind\": \"identity_provider\"},\n auth=HTTPBasicAuth(pc_username,pc_password),\n timeout=None, verify=False)\ntotal_match = data.json()[\"metadata\"]['total_matches']\nif total_match > 0:\n for x in data.json()['entities']:\n if x['status']['resources']['idp_properties']['idp_url'] in '''@@{idp_metadata}@@''':\n idp_details[\"uuid\"] = x['metadata']['uuid']\n idp_details['name'] = x['status']['name']\n\nparams = set\nif not idp_details.get('uuid',None):\n idp_uuid = identity_providers()\n idp_details['idp_uuid'] = idp_uuid\n idp_details['name'] = \"Tenant_{}_IDP\".format(\"@@{tenant_name}@@\".strip())\n #create_role_mapping(idp_uuid)\nprint(\"idp_details={}\".format(idp_details))","eval_variables":["idp_details"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create External Subnet","attrs":{"exit_status":[],"script":"#script\n\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"@@{PC_IP}@@\".strip()\npc_username = \"@@{prism_central_username}@@\".strip()\npc_password = \"@@{prism_central_passwd}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n \ndef _get_cluster_details(cluster_name):\n cluster_details = {'kind':'cluster'}\n payload = {\"kind\": \"cluster\"}\n url = _build_url(scheme=\"https\",\n resource_type=\"\/clusters\/list\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if data.ok:\n for _cluster in data.json()['entities']:\n if _cluster['status']['name'] == cluster_name:\n cluster_details['uuid'] = str(_cluster['metadata']['uuid'])\n return cluster_details\n print(\"Input Error :- Given cluster %s not present on %s\"%(cluster_name, PC_IP))\n exit(1)\n else:\n print(\"Error while fetching %s cluster info\"%cluster_name)\n print(data.json().get('message_list',data.json().get('error_detail', data.json())))\n exit(1)\n \ndef _get_virtual_switch_uuid(virtual_switch_name):\n cluster = \"@@{cluster_name}@@\".strip()\n _cluster = _get_cluster_details(cluster)\n cluster_uuid = _cluster['uuid']\n payload = {\"entity_type\": \"distributed_virtual_switch\", \n \"filter\": \"name==%s\"%virtual_switch_name}\n url = _build_url(scheme=\"https\",\n resource_type=\"\/groups\") \n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n verify=False)\n if data.ok:\n _uuid = data.json()['group_results'][0]['entity_results'][0]['entity_id']\n _url = \"https:\/\/%s:9440\/api\/networking\/v2.a1\/dvs\/virtual-switches\/%s?proxyClusterUuid=%s\"%(PC_IP,\n _uuid,\n cluster_uuid)\n _data = requests.get(_url, auth=HTTPBasicAuth(pc_username, pc_password),verify=False)\n if _data.json()['data']['name'] == virtual_switch_name:\n print(\"virtual switch uuid ----> \",_uuid)\n return str(_uuid)\n else:\n print(\"Input Error :- %s virtual switch not present on %s\"%(virtual_switch_name, PC_IP))\n exit(1)\n else:\n print(\"Error while fetching virtual switch details :- \",data.json().get('message_list',\n data.json().get('error_detail', \n data.json())))\n\ndef _get_default_spec():\n return (\n {\n \"api_version\": \"3.1.0\",\n \"metadata\": {\"kind\": \"subnet\"},\n \"spec\": {\n \"name\": \"\",\n \"resources\": {\n \"ip_config\": {},\n \"subnet_type\": None,\n },\n },\n }\n )\n\ndef _get_ipam_spec(**params):\n ipam_spec = {}\n if params['set_ipam'] == 'yes':\n ipam_spec = _get_default_ipconfig_spec()\n ipam_config = params[\"ipam\"]\n ipam_spec[\"subnet_ip\"] = ipam_config[\"network_ip\"]\n ipam_spec[\"prefix_length\"] = ipam_config[\"network_prefix\"]\n ipam_spec[\"default_gateway_ip\"] = ipam_config[\"gateway_ip\"]\n pools = []\n pools.append(params[\"ip_pools\"])\n ipam_spec[\"pool_list\"] = pools\n return ipam_spec\n\ndef _get_default_ipconfig_spec():\n return (\n {\n \"subnet_ip\": None,\n \"prefix_length\": None,\n \"default_gateway_ip\": None,\n \"pool_list\": [],\n }\n )\n\ndef create_external_subnet(**params):\n params['ipam_spec'] = _get_ipam_spec(**params)\n cluster_details = _get_cluster_details(cluster_name=params['cluster_name'])\n payload = _get_default_spec()\n if params['uuid'] != \"None\":\n payload[\"spec\"]['uuid'] = params['uuid']\n payload[\"spec\"]['name'] = params['name']\n payload[\"spec\"][\"resources\"][\"subnet_type\"] = \"VLAN\"\n payload[\"spec\"][\"resources\"][\"vlan_id\"] = params['vlan_id']\n payload[\"spec\"][\"resources\"][\"ip_config\"] = params['ipam_spec']\n payload[\"spec\"][\"cluster_reference\"] = cluster_details\n if params['enable_nat'] == False:\n switch_details = _get_virtual_switch_uuid(params['virtual_switch_name'])\n payload[\"spec\"][\"resources\"][\"virtual_switch_uuid\"] = switch_details\n payload[\"spec\"][\"resources\"][\"is_external\"] = True\n payload[\"spec\"][\"resources\"][\"enable_nat\"] = params['enable_nat']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/subnets\")\n while True:\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username,pc_password),\n timeout=None, verify=False)\n if data.ok:\n task_uuid = wait_for_completion(data=data, vlan_id=params['vlan_id'])\n if task_uuid == {}:\n _uuid = data.json()['metadata']['uuid']\n _name = params['name']\n else:\n _uuid = task_uuid[\"uuid\"]\n _name = task_uuid[\"name\"]\n return {\"uuid\": _uuid, \"name\": _name}\n\n elif \"subnet exists with vlan id\" in str(data.json()).lower():\n _url = _build_url(scheme=\"https\",resource_type=\"\/subnets\/list\")\n _data = requests.post(_url, json={\"kind\":\"subnet\"},\n auth=HTTPBasicAuth(pc_username,pc_password),\n verify=False)\n if _data.ok:\n if _data.json()['metadata']['total_matches'] > 0:\n for _subnet in _data.json()['entities']:\n if \"vlan_id\" not in _subnet['spec']['resources'].keys():\n continue\n if _subnet['spec']['resources']['vlan_id'] == params['vlan_id']:\n return {\"uuid\":_subnet['metadata']['uuid'], \"name\":_subnet[\"spec\"][\"name\"]}\n print(\"Error :- No subnet found on host with VLAN ID %s\"%params['vlan_id'])\n exit(1)\n else:\n print(\"Error :- No subnet found on host\")\n exit(1)\n else:\n print(\"Error while fetching external subnet details.\")\n print(data.json().get('message_list', data.json().get('error_detail', data.json())))\n exit(1)\n else:\n print(\"Failed to create external subnet ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n\ndef wait_for_completion(data, vlan_id=None):\n if data.ok:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if responce.json()['status'] in ['PENDING', 'RUNNING','QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n if \"subnet exists with vlan id\" in str(responce.json()).lower():\n print(\"Another external subnet exist with sam VLAN ID, fetching details..\")\n _url = _build_url(scheme=\"https\",resource_type=\"\/subnets\/list\")\n _data = requests.post(_url, json={\"kind\":\"subnet\"},\n auth=HTTPBasicAuth(pc_username,pc_password),\n verify=False)\n if _data.ok:\n if _data.json()['metadata']['total_matches'] > 0:\n for _subnet in _data.json()['entities']:\n if \"vlan_id\" not in _subnet['spec']['resources'].keys():\n continue\n if _subnet['spec']['resources']['vlan_id'] == vlan_id:\n return {'uuid':_subnet['metadata']['uuid'],\"name\":_subnet['spec']['name']}\n print(\"Error :- No subnet found on host with VLAN ID %s\"%vlan_id)\n exit(1)\n else:\n print(\"Error :- No subnet found on host\")\n exit(1)\n else:\n print(\"Error while fetching external subnet details.\")\n print(data.json().get('message_list', data.json().get('error_detail', data.json())))\n exit(1)\n else:\n print(\"Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n return {}\n \ndef _get_vlan_id():\n url = _build_url(scheme=\"https\",resource_type=\"\/subnets\/list\")\n data = requests.post(url, json={\"kind\":\"subnet\"},\n auth=HTTPBasicAuth(pc_username, \n pc_password),\n timeout=None, verify=False)\n if data.ok:\n vlan_id = []\n for x in data.json()['entities']:\n print(x['spec']['resources'])\n vlan_id.append(x['spec']['resources'].get('vlan_id', 0))\n id = 10\n while True:\n if id in vlan_id:\n id+=1\n else:\n break\n return id\n else:\n print(\"Error while fetching subnet list :- \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\ndef set_params():\n params_dict = @@{external_subnet_items}@@\n params['name'] = params_dict['name']\n params['uuid'] = params_dict.get('uuid', \"None\")\n params['enable_nat'] = params_dict.get('enable_nat', False)\n params['cluster_name'] = params_dict.get('cluster', \"None\")\n params['vlan_id'] = @@{external_vlan_id}@@\n params['virtual_switch_name'] = params_dict.get('virtual_switch_name', \"None\")\n params['ipam'] = {}\n params['set_ipam'] = \"yes\"\n params['ipam']['network_ip'] = params_dict.get('network_ip', 'None')\n params['ipam']['network_prefix'] = params_dict.get('prefix', 'None')\n params['ipam']['gateway_ip'] = params_dict['gateway_ip']\n params['ip_pools'] = params_dict['ip_pools']\n\nparams = {}\nset_params()\nsubnet = create_external_subnet(**params)\nprint(\"external_subnet_details={}\".format(subnet))","eval_variables":["external_subnet_details"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create VPC","attrs":{"exit_status":[],"script":"#script\n\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"@@{PC_IP}@@\".strip()\npc_username = \"@@{prism_central_username}@@\".strip()\npc_password = \"@@{prism_central_passwd}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef _get_default_spec():\n return(\n {\n \"api_version\": \"3.1.0\",\n \"metadata\": {\"kind\": \"vpc\", \"categories\": {}},\n \"spec\": {\n \"name\": None,\n \"resources\": {\n \"external_subnet_list\": []\n },\n },\n })\n\ndef create_vpc(**params):\n payload = _get_default_spec()\n if params['uuid'] != \"None\":\n payload[\"spec\"]['uuid'] = params['uuid']\n payload[\"spec\"]['name'] = params['name']\n if params.get(\"common_domain_name_server_ip_list\", \"None\") != \"None\":\n payload[\"spec\"][\"resources\"][\"common_domain_name_server_ip_list\"] = \\\n params[\"common_domain_name_server_ip_list\"]\n payload[\"spec\"][\"resources\"][\"external_subnet_list\"] = \\\n params[\"external_subnet_list\"]\n if params.get(\"externally_routable_prefix_list\", \"None\") != \"None\":\n payload[\"spec\"][\"resources\"][\"externally_routable_prefix_list\"] = \\\n params[\"externally_routable_prefix_list\"]\n url = _build_url(scheme=\"https\",\n resource_type=\"\/vpcs\") \n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password ),\n timeout=None, verify=False)\n \n if not data.ok:\n print(\"Got Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n else:\n task_uuid = wait_for_completion(data)\n vpc = {\"name\": params['name'], \n \"uuid\":data.json()['metadata']['uuid'],\n \"create_vpc_task_uuid\": task_uuid}\n create_static_route(vpc[\"uuid\"])\n return vpc\n \ndef _get_route_spec(vpc_uuid, subnet_uuid,subnet_name):\n ip_prefix = \"0.0.0.0\/0\"\n url = _build_url(scheme=\"https\",\n resource_type=\"\/vpcs\/%s\/route_tables\"%vpc_uuid)\n data = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password), verify=False)\n if data.ok:\n responce = data.json()\n del responce[\"status\"]\n for x in [\"last_update_time\",\"creation_time\",\"spec_hash\",\"categories_mapping\",\"owner_reference\",\"categories\"]:\n if x in responce[\"metadata\"].keys():\n del responce[\"metadata\"][x]\n else:\n print(\"Error while fetching VPCs static route details.\")\n exit(1)\n static_route = {\"nexthop\": {\n \"external_subnet_reference\": {\n \"kind\": \"subnet\",\n \"name\": subnet_name,\n \"uuid\": subnet_uuid\n }\n },\n \"destination\": ip_prefix}\n responce[\"spec\"][\"resources\"][\"static_routes_list\"].append(static_route)\n return responce\n\ndef create_static_route(vpc_uuid):\n subnet = @@{external_subnet_details}@@\n subnet_uuid = subnet[\"uuid\"]\n subnet_name = subnet[\"name\"]\n payload = _get_route_spec(vpc_uuid, subnet_uuid, subnet_name)\n url = _build_url(scheme=\"https\",\n resource_type=\"\/vpcs\/%s\/route_tables\"%vpc_uuid)\n data = requests.put(url, json=payload, \n auth=HTTPBasicAuth(pc_username, pc_password), verify=False)\n wait_for_completion(data)\n \ndef wait_for_completion(data):\n if data.status_code in [200, 202]:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Got Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n print(\"Got Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n return data.json()['status']['execution_context']['task_uuid']\n\ndef set_params():\n params = {}\n print(\"##### creating VPC #####\")\n params_dict = @@{vpc_items}@@\n ext_subnet = @@{external_subnet_details}@@\n params['name'] = params_dict['name']\n params['uuid'] = params_dict.get('uuid', \"None\")\n if params_dict.get(\"dns_servers\", \"None\") != \"None\":\n params[\"common_domain_name_server_ip_list\"] = [{}]\n params[\"common_domain_name_server_ip_list\"][0]['ip'] = \\\n params_dict.get('dns_servers', 'None')\n params[\"external_subnet_list\"] = [{}]\n if params_dict.get(\"externally_routable_ip\", \"None\") != \"None\":\n params[\"externally_routable_prefix_list\"] = [{}]\n params[\"externally_routable_prefix_list\"][0][\"ip\"] = \\\n params_dict[\"externally_routable_ip\"]\n params[\"externally_routable_prefix_list\"][0][\"prefix_length\"] = \\\n params_dict[\"externally_routable_ip_prefix\"]\n \n if params_dict.get(\"external_subnet_name\", \"None\") != \"None\":\n params[\"external_subnet_list\"][0][\"external_subnet_reference\"] = {}\n params[\"external_subnet_list\"][0][\"external_subnet_reference\"][\"kind\"] = \"subnet\"\n params[\"external_subnet_list\"][0][\"external_subnet_reference\"][\"name\"] = \\\n params_dict[\"external_subnet_name\"]\n params[\"external_subnet_list\"][0][\"external_subnet_reference\"][\"uuid\"] = ext_subnet[\"uuid\"]\n \n if params_dict.get(\"external_subnet_uuid\", \"None\") != \"None\":\n params[\"external_subnet_list\"][0][\"external_subnet_reference\"][\"uuid\"] = \\\n params_dict['external_subnet_uuid']\n return params\nparams = set_params()\nvpc_details = create_vpc(**params)\nprint(\"vpc_details={}\".format(vpc_details))","eval_variables":["vpc_details"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create Overlay Subnet","attrs":{"exit_status":[],"script":"#script\n\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"@@{PC_IP}@@\".strip()\npc_username = \"@@{prism_central_username}@@\".strip()\npc_password = \"@@{prism_central_passwd}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef _get_default_spec():\n return (\n {\n \"api_version\": \"3.1.0\",\n \"metadata\": {\"kind\": \"subnet\"},\n \"spec\": {\n \"name\": \"\",\n \"resources\": {\n \"ip_config\": {},\n \"subnet_type\": None,\n },\n },\n }\n )\n\ndef _get_ipam_spec(**params):\n ipam_spec = {}\n if params['set_ipam'] == 'yes':\n ipam_spec = _get_default_ipconfig_spec()\n ipam_config = params[\"ipam\"]\n ipam_spec[\"subnet_ip\"] = ipam_config[\"network_ip\"]\n ipam_spec[\"prefix_length\"] = ipam_config[\"network_prefix\"]\n ipam_spec[\"default_gateway_ip\"] = ipam_config[\"gateway_ip\"]\n pools = []\n for ip_pools in params['ip_pool']:\n pools.append({\"range\": \"%s %s\"%(ip_pools['ip_pools_start_ip'], \n ip_pools['ip_pools_end_ip'])}) \n ipam_spec[\"pool_list\"] = pools\n if \"dhcp_options\" in ipam_config:\n dhcp_spec = _get_default_dhcp_spec()\n dhcp_config = ipam_config[\"dhcp_options\"]\n if dhcp_config['domain_name_server_list'] != 'None': \n dhcp_spec[\"domain_name_server_list\"] = dhcp_config[\"domain_name_server_list\"]\n if dhcp_config[\"domain_search_list\"] != 'None':\n dhcp_spec[\"domain_search_list\"] = dhcp_config[\"domain_search_list\"]\n if dhcp_config[\"domain_name\"] != 'None':\n dhcp_spec[\"domain_name\"] = dhcp_config[\"domain_name\"]\n if dhcp_config[\"boot_file_name\"] != 'None':\n dhcp_spec[\"boot_file_name\"] = dhcp_config[\"boot_file_name\"]\n if dhcp_config[\"tftp_server_name\"] != 'None':\n dhcp_spec[\"tftp_server_name\"] = dhcp_config[\"tftp_server_name\"]\n ipam_spec[\"dhcp_options\"] = dhcp_spec\n return ipam_spec\n\ndef _get_default_ipconfig_spec():\n return (\n {\n \"subnet_ip\": None,\n \"prefix_length\": None,\n \"default_gateway_ip\": None,\n \"pool_list\": [],\n }\n )\n\ndef _get_default_dhcp_spec():\n return (\n {\n \"domain_name_server_list\": [],\n \"domain_search_list\": [],\n \"domain_name\": \"\",\n \"boot_file_name\": \"\",\n \"tftp_server_name\": \"\",\n }\n )\n\ndef wait_for_completion(data):\n if data.status_code in [200, 202]:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Got Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n print(\"Got Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n return data.json()['status']['execution_context']['task_uuid'] \n \ndef create_overlay_subnet():\n params = {}\n print(\"##### Creating Overlay Subnets #####\")\n params_dict = @@{overlay_subnet_items}@@\n params['vpc_name'] = params_dict.get('vpc_name', 'None')\n params['ipam'] = {}\n params['set_ipam'] = \"yes\"\n params['ipam']['network_ip'] = params_dict.get('network_ip', 'None')\n params['ipam']['network_prefix'] = params_dict.get('prefix', 'None')\n params['ipam']['gateway_ip'] = params_dict.get('gateway_ip', 'None')\n params['ip_pool'] = params_dict['ip_pool']\n params['dhcp'] = params_dict.get('dhcp', 'None')\n params['ipam']['dhcp_options'] = {}\n params['ipam']['dhcp_options']['domain_name_server_list'] = params_dict.get('dns_servers', 'None')\n params['ipam']['dhcp_options']['domain_search_list'] = params_dict.get('domain_search', 'None')\n params['ipam']['dhcp_options']['domain_name'] = params_dict.get('domain_name', 'None')\n params['ipam']['dhcp_options']['boot_file_name'] = params_dict.get('boot_file', \"None\")\n params['ipam']['dhcp_options']['tftp_server_name'] = params_dict.get('tftp_server', \"None\")\n \n payload = _get_default_spec()\n if params_dict.get('vpc_name', 'None') != 'None':\n vpc_details = @@{vpc_details}@@\n params['vpc_reference'] = {\"kind\": \"vpc\", \"uuid\": vpc_details[\"uuid\"]}\n payload[\"spec\"][\"resources\"][\"vpc_reference\"] = params['vpc_reference']\n payload[\"spec\"]['name'] = params_dict['subnet_name']\n payload[\"spec\"][\"resources\"][\"subnet_type\"] = \"OVERLAY\"\n \n if params_dict.get('network_ip', 'None') != 'None':\n params['ipam_spec'] = _get_ipam_spec(**params)\n print(\"Overlay Subnet IP range - %s\"%params['ip_pool'])\n payload[\"spec\"][\"resources\"][\"ip_config\"] = params['ipam_spec']\n\n\n url = _build_url(scheme=\"https\",\n resource_type=\"\/subnets\") \n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n task_uuid = wait_for_completion(data)\n details = {\"uuid\":data.json()['metadata']['uuid'],\n \"name\": params_dict['subnet_name'],\n \"create_subnet_task_uuid\": task_uuid}\n print(\"overlay_subnet_details={}\".format(details))\ncreate_overlay_subnet()","eval_variables":["overlay_subnet_details"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create Project","attrs":{"exit_status":[],"script":"# script\n\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nROLE_ADMIN = \"Project Admin\"\nROLE_OPERATOR = \"Operator\"\nROLE_DEVELOPER = \"Developer\"\nROLE_CONSUMER = \"Consumer\"\nROOT_OU = 'tenants'\n\nPC_IP = \"localhost\"\nmanagement_username = \"@@{management_pc_username}@@\".strip()\nmanagement_password = \"@@{management_pc_password}@@\".strip()\n\ndef get_role_uuid(role_name):\n api_url = 'https:\/\/{}:9440\/api\/nutanix\/v3\/roles\/list'.format(PC_IP)\n payload = {\n 'filter': 'name=={}'.format(role_name),\n 'kind': 'role',\n 'offset': 0\n }\n r = requests.post(api_url, json=payload, \n auth=HTTPBasicAuth(management_username, management_password), \n timeout=None, verify=False)\n result = json.loads(r.content)\n if result.get('entities', 'None') != 'None':\n return result['entities'][0]['metadata']['uuid']\n else:\n print(\"Error :- {}\".format(r.content))\n exit(1)\n\ndef get_project_specs(project):\n url = _build_url(scheme=\"https\",\n resource_type=\"\/projects_internal\/{}\".format(project))\n data = requests.get(url,\n auth=HTTPBasicAuth(management_username, management_password),\n timeout=None, verify=False)\n if data.ok:\n return data.json()\n else:\n print(data.json())\n \ndef get_spec(role_uuid,user_uuid,user_name,idp_uuid,account_uuid,subnet_uuid,vpc_uuid,project_name,project_uuid,subnet_name):\n project_specs = get_project_specs(project_uuid)\n collection = \"ALL\"\n if \"@@{allow_collaboration}@@\".lower() == \"false\":\n collection = \"SELF_OWNED\"\n external_network = []\n subnet_reference = []\n if \"@@{account_name}@@\".strip() == \"NTNX_LOCAL_AZ\":\n subnet_reference = [\n {\n \"kind\": \"subnet\",\n \"name\": subnet_name,\n \"uuid\": subnet_uuid\n }\n ]\n else:\n external_network = [\n {\n \"name\": subnet_name,\n \"uuid\": subnet_uuid\n }\n ]\n \n return ({\n \"spec\": {\n \"access_control_policy_list\": [\n {\n \"acp\": {\n \"name\": \"ADMIN-ACP-@@{calm_now}@@\",\n \"resources\": {\n \"role_reference\": {\n \"name\": \"Project Admin\",\n \"uuid\": role_uuid,\n \"kind\": \"role\"\n },\n \"user_group_reference_list\": [],\n \"user_reference_list\": [\n {\n \"name\": user_name,\n \"kind\": \"user\",\n \"uuid\": user_uuid\n }\n ],\n \"filter_list\": {\n \"context_list\": [\n {\n \"scope_filter_expression_list\": [\n {\n \"operator\": \"IN\",\n \"left_hand_side\": \"PROJECT\",\n \"right_hand_side\": {\n \"uuid_list\": [\n project_uuid\n ]\n }\n }\n ],\n \"entity_filter_expression_list\": [\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"ALL\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n }\n ]\n },\n {\n \"entity_filter_expression_list\": [\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"image\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"marketplace_item\"\n },\n \"right_hand_side\": {\n \"collection\": \"SELF_OWNED\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"identity_provider\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"directory_service\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"custom_provider\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"virtual_network\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"resource_type\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"role\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"uuid_list\": [\n project_uuid\n ]\n },\n \"left_hand_side\": {\n \"entity_type\": \"project\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"user\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"user_group\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"environment\"\n },\n \"right_hand_side\": {\n \"collection\": \"SELF_OWNED\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"app_icon\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"category\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"app_task\"\n },\n \"right_hand_side\": {\n \"collection\": \"SELF_OWNED\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"app_variable\"\n },\n \"right_hand_side\": {\n \"collection\": \"SELF_OWNED\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"vm_recovery_point\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"cluster\"\n },\n \"right_hand_side\": {\n \"uuid_list\": [\"@@{cluster_uuid}@@\"]\n }\n }\n ]\n },\n {\n \"scope_filter_expression_list\": [\n {\n \"operator\": \"IN\",\n \"left_hand_side\": \"PROJECT\",\n \"right_hand_side\": {\n \"uuid_list\": [\n project_uuid\n ]\n }\n }\n ],\n \"entity_filter_expression_list\": [\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"blueprint\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"environment\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"marketplace_item\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n }\n ]\n }\n ]\n }\n },\n \"description\": \"project admin acp @@{calm_now}@@\"\n },\n \"metadata\": {\n \"kind\": \"access_control_policy\"\n },\n \"operation\": \"ADD\"\n }\n ],\n \"project_detail\": {\n \"name\": project_name,\n \"resources\": {\n \"external_network_list\": external_network,\n \"account_reference_list\": [\n {\n \"kind\": \"account\",\n \"uuid\": account_uuid\n }\n ],\n \"user_reference_list\": [\n {\n \"name\": user_name,\n \"kind\": \"user\",\n \"uuid\": user_uuid\n }\n ],\n \"default_subnet_reference\": {\n \"kind\": \"subnet\",\n \"uuid\": subnet_uuid\n },\n \"vpc_reference_list\": [\n {\n \"kind\": \"vpc\",\n \"uuid\": vpc_uuid\n }\n ],\n \"tunnel_reference_list\": [],\n \"external_user_group_reference_list\": [],\n \"subnet_reference_list\": subnet_reference,\n \"resource_domain\": {},\n \"cluster_reference_list\": [\n {\n \"kind\": \"cluster\",\n \"uuid\": \"@@{cluster_uuid}@@\"\n }\n ],\n \"environment_reference_list\": []\n },\n \"description\": \"Tenant Onboarding Project\"\n },\n \"user_list\": [],\n \"user_group_list\": []\n },\n \"api_version\": project_specs[\"api_version\"],\n \"metadata\": {\n \"kind\": \"project\",\n \"uuid\":project_uuid,\n \"spec_version\":project_specs[\"metadata\"][\"spec_version\"]\n }})\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef _get_default_spec():\n return (\n {\n \"api_version\": \"3.1.0\",\n \"metadata\": {\"kind\": \"project\"},\n \"spec\": {\n \"project_detail\" : {\n \"name\": \"\",\n \"resources\": {}\n }\n }\n }\n )\n \ndef _get_user_spec():\n return ({\n \"api_version\": \"3.1.0\",\n \"metadata\": {\n \"kind\" : \"user\"\n },\n \"spec\": {\n \"resources\": {}\n }\n })\ndef is_user_exist_in_pc(user):\n _url = _build_url(scheme=\"https\",resource_type=\"\/users\/list\") \n _data = requests.post(_url, json={\"kind\":\"user\", \"filter\":\"username==%s\"%user},\n auth=HTTPBasicAuth(management_username, \n management_password),\n timeout=None, verify=False)\n if _data.ok:\n if _data.json()['metadata']['total_matches'] == 1:\n return _data.json()['entities'][0]['metadata']['uuid']\n elif _data.json()['metadata']['total_matches'] > 1:\n print(\"Found more than one user with samename in PC\")\n exit(1)\n else:\n return None\n else:\n print(\"Error while Fetching user details----> \",_data.json())\n exit(1)\n\ndef get_user_uuid(user, **params):\n\n user_uuid = is_user_exist_in_pc(user)\n if not user_uuid:\n payload = _get_user_spec() \n ad = @@{idp_details}@@\n payload['spec']['resources']['identity_provider_user'] = {}\n payload['spec']['resources']['identity_provider_user']\\\n ['username'] = user.strip()\n\n payload['spec']['resources']['identity_provider_user']\\\n ['identity_provider_reference'] = {}\n payload['spec']['resources']['identity_provider_user']\\\n ['identity_provider_reference']['kind'] = \"identity_provider\"\n payload['spec']['resources']['identity_provider_user']\\\n ['identity_provider_reference']['uuid'] = ad[\"uuid\"]\n \n url = _build_url(scheme=\"https\",resource_type=\"\/users\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(management_username, \n management_password),\n timeout=None, verify=False)\n\n if data.ok:\n wait_for_completion(data)\n return data.json()['metadata']['uuid']\n else:\n print(\"Error while Creating user details----> \",data.json())\n exit(1)\n else:\n return user_uuid\n \n # url = _build_url(scheme=\"https\",\n # resource_type=\"\/idempotence_identifiers\/salted\")\n # payload = {\"name_list\":[user]}\n # data = requests.post(url, json=payload,\n # auth=HTTPBasicAuth(management_username, management_password),\n # timeout=None, verify=False) \n # if data.ok:\n # _uuid = data.json()[\"name_uuid_list\"][0][user]\n # print(\"user_uuid----> %s\"%_uuid)\n # return _uuid\n # else:\n # print(\"Error while fetching user details :- \",data.json())\n # exit(1)\n \ndef create_empty_project(project_name):\n payload = {\n \"api_version\": \"3.0\",\n \"metadata\": {\n \"kind\": \"project\"\n },\n \"spec\": {\n \"project_detail\": {\n \"name\": project_name,\n \"resources\": {}\n },\n \"user_list\": [],\n \"user_group_list\": [],\n \"access_control_policy_list\": []\n }\n }\n \n url = _build_url(scheme=\"https\",resource_type=\"\/projects_internal\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(management_username, management_password),\n timeout=None, verify=False)\n if data.ok:\n wait_for_completion(data)\n else:\n print(\"Failed with Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n \n return data.json()[\"metadata\"][\"uuid\"]\n \ndef build_project(**params): \n vpc_details = @@{vpc_details}@@\n admin_role_uuid = get_role_uuid(ROLE_ADMIN)\n operator_role_uuid = get_role_uuid(ROLE_OPERATOR)\n developer_role_uuid = get_role_uuid(ROLE_DEVELOPER)\n consumer_role_uuid = get_role_uuid(ROLE_CONSUMER)\n print('ROLE_ADMIN_UUID={}'.format(admin_role_uuid))\n print('ROLE_OPERATOR_UUID={}'.format(operator_role_uuid))\n print('ROLE_DEVELOPER_UUID={}'.format(developer_role_uuid))\n print('ROLE_CONSUMER_UUID={}'.format(consumer_role_uuid))\n \n overlay_subnets = @@{overlay_subnet_details}@@\n subnet_uuid = overlay_subnets[\"uuid\"]\n subnet_name = overlay_subnets[\"name\"]\n \n account_uuid = \"\"\n if params.get('accounts', 'None') != \"None\":\n url = _build_url(scheme=\"https\",resource_type=\"\/accounts\/list\")\n data = requests.post(url, json={\"kind\":\"account\", \"filter\":\"name==%s\"%params['accounts']},\n auth=HTTPBasicAuth(management_username, management_password),\n timeout=None, verify=False) \n if params['accounts'] in str(data.json()):\n for new_data in data.json()['entities']:\n if new_data['metadata']['name'] == params['accounts']: \n account_uuid = new_data['metadata']['uuid']\n print(\"account_details={}\".format({\"uuid\": account_uuid}))\n else:\n print(\"Error : %s account not present on %s\"%(params['accounts'],PC_IP))\n exit(1) \n \n user_details = []\n all_users = []\n user = \"@@{project_admin_user}@@\".strip()\n user_uuid = get_user_uuid(user, **params)\n if user_uuid != \"None\":\n user_details.append({'name':user, 'uuid':user_uuid})\n print(\"user_details={}\".format(user_details))\n \n idp_uuid = @@{idp_details}@@\n\n #idp_uuid = idp['uuid']\n print(\"group_details={}\".format([]))\n vpc_uuid = @@{vpc_details}@@\n project_uuid = create_empty_project(project_name=params['name'])\n payload = get_spec(role_uuid=admin_role_uuid, \n user_uuid=user_details[0][\"uuid\"], \n user_name=user_details[0][\"name\"], \n idp_uuid=idp_uuid[\"uuid\"], \n account_uuid=account_uuid, \n subnet_uuid=subnet_uuid,\n vpc_uuid=vpc_uuid[\"uuid\"],\n project_name=params['name'],\n project_uuid=project_uuid,\n subnet_name=subnet_name)\n if params.get(\"quotas\", \"None\") != \"None\":\n payload[\"spec\"][\"project_detail\"][\"resources\"][\"resource_domain\"] = {} \n resources = []\n for resource in params['quotas']:\n if resource.get(\"mem_gb\", 0) != 0:\n mem_gb = resource[\"mem_gb\"] * 1024 * 1024 * 1024\n resources.append({\"resource_type\":\"MEMORY\", \"limit\":mem_gb})\n if resource.get(\"storage_gb\", 0) != 0:\n storage_gb = resource['storage_gb'] * 1024 * 1024 * 1024\n resources.append({\"resource_type\":\"STORAGE\", \"limit\":storage_gb})\n if resource.get(\"vcpu\", 0) != 0:\n resources.append({\"resource_type\":\"VCPUS\", \"limit\":resource['vcpu']})\n payload[\"spec\"][\"project_detail\"][\"resources\"][\"resource_domain\"] = {\"resources\": resources}\n \n url = _build_url(scheme=\"https\",resource_type=\"\/projects_internal\/%s\"%project_uuid)\n data = requests.put(url, json=payload,\n auth=HTTPBasicAuth(management_username, management_password),\n timeout=None, verify=False)\n if data.ok:\n wait_for_completion(data)\n else:\n print(\"Failed with Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n \n if 'status' not in data.json():\n print(\"Project %s not created successfully.\"%params['name'])\n print(data.json())\n exit(1)\n task_uuid = data.json()['status']['execution_context']['task_uuid']\n if 'metadata' in data.json():\n print(\"project_details={}\".format({\"uuid\":data.json()['metadata']['uuid'],\n \"name\": params['name'],\n \"create_project_task_uuid\": task_uuid}))\n else:\n print(\"Project not created successfully, Check inputs and payload\")\n print(data.json())\n exit(1)\n \ndef wait_for_completion(data):\n if data.ok:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(management_username,management_password), \n verify=False) \n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Got Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n state = data.json().get('state')\n if \"DUPLICATE_ENTITY\" not in str(data.json()):\n print(\"Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n\nprint(\"##### Creating a Project #####\")\nparams = @@{project_items}@@\nbuild_project(**params) ","eval_variables":["project_details","account_details","user_details","group_details","ROLE_DEVELOPER_UUID","ROLE_ADMIN_UUID","ROLE_OPERATOR_UUID","ROLE_CONSUMER_UUID"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create Tunnel for VPC","attrs":{"script":"#script\n\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"localhost\"\npc_user = \"@@{management_pc_username}@@\".strip()\npc_password = \"@@{management_pc_password}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef get_account_uuid():\n account = \"@@{account_name}@@\".strip()\n url = _build_url(scheme=\"https\",resource_type=\"\/accounts\/list\")\n data = requests.post(url, json={\"kind\":\"account\", \"filter\":\"name==%s\"%account},\n auth=HTTPBasicAuth(pc_user, pc_password),\n timeout=None, verify=False) \n if account in str(data.json()):\n for new_data in data.json()['entities']:\n if new_data['metadata']['name'] == account: \n account_uuid = new_data['metadata']['uuid']\n return account_uuid\n else:\n print(\"Error : %s account not present on %s\"%(account,PC_IP))\n exit(1) \n \ndef get_spec(**params):\n url = _build_url(scheme=\"https\",\n resource_type=\"\/idempotence_identifiers\")\n data = requests.post(url, json={\"count\": 1,\"valid_duration_in_minutes\": 527040},\n auth=HTTPBasicAuth(pc_user, pc_password),\n timeout=None, verify=False) \n if data.ok:\n _uuid = data.json()['uuid_list'][0]\n else:\n print(\"Error :- Failed to generate Idempotence UUID.\")\n exit(1)\n \n #account_uuid = get_account_uuid()\n \n return (\n {\"api_version\": \"3.1.0\",\n \"metadata\": {\n \"kind\": \"network_group_tunnel\"\n },\n \"spec\": {\n \"resources\": {\n \"platform_vpc_uuid_list\": [\n params[\"vpc_uuid\"]\n ],\n \"tunnel_reference\": {\n \"kind\": \"tunnel\",\n \"uuid\": _uuid,\n \"name\": params[\"tunnel_name\"]\n },\n \"account_reference\": {\n \"kind\": \"account\",\n \"uuid\": params[\"account_uuid\"]\n },\n \"tunnel_vm_spec\": {\n \"vm_name\": params[\"tunnel_name\"]+\"_\"+params[\"vpc_name\"]+\"_TunnelVM\",\n \"subnet_uuid\": params[\"overlay_subnet_uuid\"],\n \"cluster_uuid\": params[\"cluster_uuid\"]\n }\n },\n \"name\": params[\"tunnel_name\"]\n }\n })\n\ndef create_tunnel(**params):\n payload = get_spec(**params)\n url = _build_url(scheme=\"https\",\n resource_type=\"network_groups\/tunnels\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_user,pc_password),\n timeout=None, verify=False)\n wait_for_completion(data)\n \ndef wait_for_completion(data):\n if data.ok:\n state = 'PENDING'\n while state == \"PENDING\":\n _uuid = data.json()[\"request_id\"]\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_user, pc_password),\n verify=False) \n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Error occured ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', \n responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"SUCCEEDED\"\n else:\n print(\"Error occured ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n\nvpc = @@{vpc_details}@@\n#account = @@{account_details}@@\noverlay_subnet = @@{overlay_subnet_details}@@\nparams = {\"vpc_name\" : vpc[\"name\"],\n \"vpc_uuid\" : vpc[\"uuid\"],\n \"account_name\" : \"@@{account_name}@@\".strip(),\n \"account_uuid\" : get_account_uuid(),\n \"overlay_subnet_uuid\" : overlay_subnet[\"uuid\"],\n \"cluster_uuid\" : \"@@{cluster_uuid}@@\",\n \"tunnel_name\" : \"@@{tenant_name}@@_VPC_Tunnel\"\n }\ncreate_tunnel(**params)","type":"","command_line_args":"","exit_status":[],"script_type":"static"},"timeout_secs":"0","type":"EXEC","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Set Quota","attrs":{"script":"# script\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"localhost\"\npc_username = \"@@{management_pc_username}@@\".strip()\npc_password = \"@@{management_pc_password}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef cluster_details(cluster=None):\n cluster_name = \"@@{cluster_name}@@\".strip()\n if cluster != None:\n cluster_name = cluster\n payload = {\"kind\": \"cluster\"}\n url = _build_url(scheme=\"https\",\n resource_type=\"\/clusters\/list\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if data.ok:\n for _cluster in data.json()['entities']:\n if _cluster['status']['name'] == cluster_name:\n return(str(_cluster['metadata']['uuid']))\n print(\"Input Error :- Given cluster %s not present on %s\"%(cluster_name, PC_IP))\n exit(1)\n else:\n print(\"Error while fetching %s cluster info\"%cluster_name)\n print(data.json().get('message_list',data.json().get('error_detail', data.json())))\n exit(1)\n \ndef add_quotas(account,**params):\n if params.get(\"quotas\", \"None\") != \"None\":\n memory = 0\n disk = 0\n vcpus = 0\n for resource in params['quotas']:\n if resource.get(\"mem_gb\", 0) != 0:\n mem_gb = resource[\"mem_gb\"] * 1024 * 1024 * 1024\n memory = mem_gb\n if resource.get(\"storage_gb\", 0) != 0:\n storage_gb = resource['storage_gb'] * 1024 * 1024 * 1024\n disk = storage_gb\n if resource.get(\"vcpu\", 0) != 0:\n vcpus = resource['vcpu']\n \n cluster_uuid = \"@@{cluster_uuid}@@\"\n project_details = @@{project_details}@@\n account_details = @@{account_details}@@\n entities = {}\n entities[\"account\"]=account_details['uuid']\n entities[\"cluster\"]=cluster_uuid\n entities[\"project\"]=project_details['uuid']\n\n if not account:\n entities = {\"project\": project_details['uuid']}\n \n url = _build_url(scheme=\"https\",\n resource_type=\"\/idempotence_identifiers\")\n data = requests.post(url, json={\"count\": 1,\"valid_duration_in_minutes\": 527040},\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n _uuid = data.json()['uuid_list'][0]\n payload = ({\n \"metadata\": {\n \"kind\": \"quota\",\n \"project_reference\": {\n \"kind\": \"project\",\n \"name\": project_details['name'],\n \"uuid\": project_details['uuid']\n },\n \"uuid\": _uuid\n },\n \"spec\": {\n \"resources\": {\n \"data\": {\n \"disk\": disk,\n \"vcpu\": vcpus,\n \"memory\": memory\n },\n \"entities\": entities,\n \"metadata\": {},\n \"uuid\": _uuid\n }\n }})\n \n url = \"https:\/\/{}:9440\/api\/calm\/v3.0\/quotas\".format(PC_IP)\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, \n pc_password),\n timeout=None, verify=False)\n wait_for_completion(data) \n else:\n print(\"Quota not set for project %s\"%project_details['name'])\n \n enable_quota_state(account_details['uuid'], project_details['uuid'])\n \ndef enable_quota_state(account, project):\n payload = {\"spec\":{\n \"resources\":{\n \"entities\":{\n \"project\":project},\n \"state\":\"enabled\"\n }\n }\n }\n \n url = \"https:\/\/{}:9440\/api\/calm\/v3.0\/quotas\/update\/state\".format(PC_IP)\n data = requests.put(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n wait_for_completion(data) \n \n payload = {\"spec\":{\n \"resources\":{\n \"entities\":{\n \"account\":account,\n \"project\":project},\n \"state\":\"enabled\"\n }\n }\n }\n \n url = \"https:\/\/{}:9440\/api\/calm\/v3.0\/quotas\/update\/state\".format(PC_IP)\n data = requests.put(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n wait_for_completion(data) \n \ndef wait_for_completion(data):\n if data.status_code in [200, 202]:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_username,pc_username), \n verify=False) \n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Got Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n print(\"Got Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n\nif (@@{project_vcpu}@@ != 0) or (@@{project_memory}@@ != 0) or (@@{project_disk_size}@@ != 0):\n params = @@{project_items}@@\n add_quotas(account=False,**params)\n params = @@{account_items}@@\n add_quotas(account=True,**params)\nelse:\n print(\"Info : Not setting Projects Quota, All Quota values are zero.\")","type":"","command_line_args":"","exit_status":[],"script_type":"static"},"timeout_secs":"0","type":"EXEC","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create Environment","attrs":{"exit_status":[],"script":"# script\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"@@{PC_IP}@@\".strip()\npc_username = \"@@{prism_central_username}@@\".strip()\npc_password = \"@@{prism_central_passwd}@@\".strip()\n\nmanagement_username = \"@@{management_pc_username}@@\".strip()\nmanagement_password = \"@@{management_pc_password}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n \ndef get_cluster_account_uuid():\n cluster_name = \"@@{cluster_name}@@\".strip()\n account_name = \"@@{account_name}@@\".strip()\n url = _build_url(scheme=\"https\",host=\"localhost\",resource_type=\"\/accounts\/list\")\n data = requests.post(url, json={\"kind\":\"account\",\"length\": 250},\n auth=HTTPBasicAuth(management_username, management_password),\n timeout=None, verify=False)\n if not data.ok:\n print(\"Error while fetching account details. -->\", data.json())\n exit(1)\n \n if account_name in str(data.json()):\n for new_data in data.json()['entities']:\n if new_data['metadata']['name'] == account_name:\n for _cluster in new_data[\"status\"][\"resources\"][\"data\"][\"cluster_account_reference_list\"]:\n if _cluster[\"resources\"][\"data\"][\"cluster_name\"] == cluster_name:\n return _cluster[\"uuid\"]\n print(\"Error : %s account not present on %s\"%(account_name,PC_IP))\n exit(1)\n else:\n print(\"Error : %s account not present on %s\"%(account_name,PC_IP))\n exit(1)\n \ndef _get_spec():\n tenantuuid = \"@@{tenant_uuid}@@\"\n account = get_cluster_account_uuid()\n print(\"Cluster account uuid : \",account)\n project_account = @@{account_details}@@\n project = @@{project_details}@@\n vpc_details = @@{vpc_details}@@\n project_subnet = @@{overlay_subnet_details}@@\n env_memory = (@@{project_memory}@@ \/ 2) * 1024\n subnet_references = []\n \n connection_type = \"POWERSHELL\"\n connection_port = 5985\n connection_protocol = \"http\"\n if \"@@{environment_os}@@\" == \"Linux\":\n connection_type = \"SSH\"\n connection_port = 22\n connection_protocol = \"\"\n \n nic_list = []\n nics = {}\n nics['subnet_reference'] = {'uuid': project_subnet[\"uuid\"]}\n subnet_references.append({'uuid': project_subnet[\"uuid\"]})\n nic_list.append(nics)\n \n url = _build_url(scheme=\"https\",\n resource_type=\"\/idempotence_identifiers\")\n data = requests.post(url, json={\"count\": 2,\"valid_duration_in_minutes\": 527040},\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n creds_uuid = \"\"\n substrate_uuid = \"\"\n if data.ok:\n creds_uuid = data.json()['uuid_list'][0]\n substrate_uuid = data.json()['uuid_list'][1]\n\n _creds_type = \"@@{credential_type}@@\"\n credential_definition_list = [\n \t\t{\n \t\t\"name\": \"@@{tenant_name}@@_cred\",\n \t\t\"type\": _creds_type,\n \t\t\"username\": \"@@{credential_username}@@\".strip(),\n \t\t\"secret\": {\n \t\t\"attrs\": {\n \t\t\"is_secret_modified\": True,\n \t\"secret_reference\" : {}\n \t\t},\n \t\t\"value\": \"\"\"@@{password_or_key}@@\"\"\"\n \t\t},\n \t\t\"uuid\": creds_uuid\n \t\t}]\n \n if _creds_type == \"KEY\":\n _pass = {\"passphrase\": {\n \"attrs\": {\n \"is_secret_modified\": True,\n },\n \"value\": \"@@{prism_central_passwd}@@\".strip()\n }\n }\n credential_definition_list[0].update(_pass)\n\n gpu_list = []\n disk_list = []\n boot_type = \"LEGACY\"\n boot_adapter = \"SCSI\"\n image_uuid = \"\"\n boot_index = 0\n boot_adapter = \"SCSI\"\n url = _build_url(scheme=\"https\",host=\"@@{PC_IP}@@\".strip(), resource_type=\"\/images\/list\")\n data = requests.post(url, json={\"kind\":\"image\", \"filter\":\"name==%s\"%\"@@{image_name}@@\".strip()},\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n if data.ok:\n if data.json()[\"metadata\"][\"total_matches\"] == 1:\n image_uuid = data.json()['entities'][0]['metadata']['uuid']\n else:\n print(\"There are '%s' total images with name - @@{image_name}@@\"%(\\\n data.json()[\"metadata\"][\"total_matches\"]))\n exit(1)\n else:\n print(\"Error -- %s Image not present on %s\"%(\"@@{image_name}@@\", PC_IP))\n disk_list.append({\n \"data_source_reference\": {\n \"kind\": \"image\",\n \"name\": \"@@{image_name}@@\".strip(),\n \"uuid\": image_uuid\n },\n \"device_properties\": {\n \"device_type\": \"DISK\",\n \"disk_address\": {\n \"device_index\": 0,\n \"adapter_type\": \"SCSI\"\n }\n }\n })\n\n serial_port = []\n serial_port.append({\"index\": 0, \"is_connected\": True})\n \n return ({\n \t\t\"api_version\": \"3.0\",\n \t\t\"metadata\": {\n \t\t\"kind\": \"environment\",\n \t\t\"project_reference\": {\n \t\t\"kind\": \"project\",\n \t\t\"name\": project['name'],\n \t\t\"uuid\": project['uuid']\n \t\t}\n \t\t},\n \t\t\"spec\": {\n \t\t\"name\": project['name']+\"_Environment\",\n \t\t\"description\": tenantuuid+project['name'],\n \t\t\"resources\": {\n \t\t\"substrate_definition_list\": [\n \t\t{\n \t\t\"variable_list\": [],\n \t\t\"type\": \"AHV_VM\",\n \t\t\"os_type\": \"@@{environment_os}@@\",\n \t\t\"action_list\": [],\n \t\t\"create_spec\": {\n \t\t\"name\": project['name']+\"_VM_@@{calm_random}@@\",\n \"categories\": {},\n \"cluster_reference\": {\n \"kind\": \"cluster\",\n \"name\": \"@@{cluster_name}@@\".strip(),\n \"uuid\": \"@@{cluster_uuid}@@\".strip()\n },\n \t\t\"resources\": {\n \t\t\"disk_list\": disk_list,\n \"gpu_list\": gpu_list,\n \"serial_port_list\": serial_port,\n \t\t\"nic_list\": nic_list,\n #\"power_state\": \"ON\",\n \t\t\"boot_config\": {\n \t\t\"boot_device\": {\n \t\t\"disk_address\": {\n \t\t\"device_index\": boot_index,\n \t\t\"adapter_type\": boot_adapter\n \t\t}\n \t\t},\n \t\t\"boot_type\": boot_type\n \t\t},\n \t\t\"num_sockets\": 2,\n \t\t\"num_vcpus_per_socket\": 1,\n \t\t\"memory_size_mib\": env_memory,\n \t\t\"account_uuid\": account\n \n \t\t},\n \t\t\"categories\": {\"TenantName\":\"@@{tenant_name}@@\".strip()}\n \t\t},\n \t\t\"readiness_probe\": {\n \t\t\"disable_readiness_probe\": True,\n \t\t\"connection_type\": connection_type,\n \t\t\"connection_port\": connection_port,\n \"connection_protocol\": connection_protocol,\n \"delay_secs\": \"5\",\n \t\t\"login_credential_local_reference\": {\n \t\t\"kind\": \"app_credential\",\n \t\t\"uuid\": creds_uuid\n \t\t},\n \"address\": \"\"\n \t\t},\n \t\t\"name\": \"@@{tenant_name}@@\".strip(),\n \"uuid\": substrate_uuid\n \t\t}\n \t\t],\n \t\t\"credential_definition_list\": credential_definition_list,\n \t\t\"infra_inclusion_list\": [\n \t\t{\n \t\t\"account_reference\": {\n \t\t\"uuid\": project_account['uuid'],\n \t\t\"kind\": \"account\"\n \t\t},\n \t\t\"type\": \"nutanix_pc\",\n \t\t\"subnet_references\": subnet_references,\n \t\t\"default_subnet_reference\": subnet_references[0],\n \"vpc_references\": [{\"uuid\":vpc_details[\"uuid\"]}],\n \"cluster_references\": [{\"uuid\":\"@@{cluster_uuid}@@\"}]\n \t\t}\n \t\t]\n \t\t}\n \t\t}})\n\ndef create_env():\n payload = _get_spec()\n guest_customization = {}\n if \"\"\"@@{guest_customization_script}@@\"\"\".lower() not in [\"\".strip(), \"none\", \"na\"]:\n if \"@@{environment_os}@@\" == \"Windows\":\n guest_customization = {\"sysprep\":{\"install_type\": 'FRESH',\n \"unattend_xml\": \"\"\"@@{guest_customization_script}@@\"\"\"}}\n else:\n guest_customization = {\"cloud_init\":{\"user_data\": \"\"\"@@{guest_customization_script}@@\"\"\"}}\n payload['spec']['resources']['substrate_definition_list'][0]['create_spec']\\\n ['resources']['guest_customization'] = guest_customization\n \n url = _build_url(scheme=\"https\",host=\"localhost\", resource_type=\"\/environments\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(management_username,management_password),\n timeout=None, verify=False)\n if not data.ok:\n print(\"Error while creating environment ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n return {\"uuid\": data.json()['metadata']['uuid'],\n \t\t\t\"name\":payload['spec']['name'],\n \"default\": True}\nenvironment = {}\nif \"@@{create_environment}@@\".lower() == \"yes\":\n environment = create_env()\nprint(\"environment_details={}\".format(environment))","eval_variables":["environment_details"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Update Project","attrs":{"script":"# script\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"localhost\"\npc_username = \"@@{management_pc_username}@@\".strip()\npc_password = \"@@{management_pc_password}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n \ndef _get_spec(project):\n url = _build_url(scheme=\"https\",\n resource_type=\"\/projects_internal\/{}\".format(project))\n data = requests.get(url,\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n return data.json()\n \ndef update_project(**params):\n project = @@{project_details}@@\n project_items = @@{project_items}@@\n payload = _get_spec(project['uuid'])\n for x in ['categories', 'categories_mapping', 'creation_time', 'last_update_time', 'owner_reference']:\n del payload['metadata'][x]\n del payload['status']\n payload['spec']['access_control_policy_list'][0]['operation'] = \"UPDATE\"\n #payload['spec']['access_control_policy_list'][0]['acp']\\\n # ['resources']['filter_list']['context_list'][0]\\\n # ['scope_filter_expression_list'][0]['right_hand_side']['uuid_list'] = [project['uuid']]\n \n #payload['spec']['access_control_policy_list'][0]['acp']['resources']\\\n # ['filter_list']['context_list'][1]['entity_filter_expression_list']\\\n # [4]['right_hand_side']['uuid_list'] = [project['uuid']]\n \n \n #payload['spec']['access_control_policy_list'][0]['acp']['resources']\\\n # ['filter_list']['context_list'][2]['scope_filter_expression_list']\\\n # [0]['right_hand_side']['uuid_list'] = [project['uuid']]\n \n environment_details = @@{environment_details}@@\n payload['spec']['project_detail']['resources']['environment_reference_list'] = []\n if \"@@{create_environment}@@\".lower() == \"yes\":\n payload['spec']['project_detail']['resources']\\\n ['environment_reference_list'].append({\"kind\":\"environment\",\n \"uuid\":environment_details['uuid']})\n payload['spec']['project_detail']['resources']\\\n [\"default_environment_reference\"] = {\"kind\":\"environment\",\n \"uuid\":environment_details['uuid']}\n \n url = _build_url(scheme=\"https\",\n resource_type=\"\/projects_internal\/{}\".format(project['uuid']))\n data = requests.put(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n if data.ok:\n task = wait_for_completion(data) \n print(\"Project %s updated successfully\"%project['name'])\n else:\n print(\"Error while updating project : %s\"%data.json())\n exit(1)\n \ndef wait_for_completion(data):\n if data.ok:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(\n pc_username, pc_password),\n verify=False)\n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Error in project update ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n state = data.json().get('state')\n print(\"Error in project update ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n\nparams = @@{project_items}@@\nupdate_project(**params)","type":"","command_line_args":"","exit_status":[],"script_type":"static"},"timeout_secs":"0","type":"EXEC","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create Protection Policy","attrs":{"script":"# script\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"localhost\"\npc_username = \"@@{management_pc_username}@@\".strip()\npc_password = \"@@{management_pc_password}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef get_policy_spec(**params):\n url = _build_url(scheme=\"https\",\n resource_type=\"\/idempotence_identifiers\")\n data = requests.post(url, json={\"count\": 1,\"valid_duration_in_minutes\": 527040},\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False) \n _uuid = \"\"\n if data.ok:\n _uuid = data.json()['uuid_list'][0]\n else:\n print(\"Error :- Failed to generate UUID for app_protection_rule\")\n exit(1)\n return (\n {\n \"api_version\": \"3.0\",\n \"metadata\": {\n \"kind\": \"app_protection_policy\",\n \"project_reference\": {\n \"kind\": \"project\",\n \"uuid\": params['project_uuid']\n }\n },\n \"spec\": {\n \"name\": \"Snapshot_Policy_@@{tenant_name}@@\",\n \"description\": \"\",\n \"resources\": {\n \"is_default\": True,\n \"ordered_availability_site_list\": [\n {\n \"environment_reference\": {\n \"kind\": \"environment\",\n \"uuid\": params['environment']\n },\n \"infra_inclusion_list\": {\n \"type\": \"nutanix_pc\",\n \"account_reference\": {\n \"kind\": \"account\",\n \"uuid\": params['account_uuid']\n },\n \"cluster_references\": [\n {\n \"kind\": \"cluster\",\n \"uuid\": params['cluster_uuid']\n }\n ]\n }\n }\n ],\n \"app_protection_rule_list\": [\n {\n \"name\": \"Protection_rule_@@{tenant_name}@@\",\n \"enabled\": True,\n \"local_snapshot_retention_policy\": {\n \"snapshot_expiry_policy\": {\n \"multiple\": 0\n }\n },\n \"first_availability_site_index\": 0,\n \"second_availability_site_index\": 0,\n \"uuid\": _uuid\n }\n ]\n }\n }\n })\n\ndef protection_policy(**params):\n payload = get_policy_spec(**params)\n url = \"https:\/\/%s:9440\/api\/calm\/v3.0\/app_protection_policies\"%PC_IP\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username,pc_password),\n timeout=None, verify=False)\n #print(\"protection_policy_uuid={}\".format(data.json()[\"metadata\"][\"uuid\"]))\n #print(\"protection_rule_uuid={}\".format(data.json()[\"spec\"]\\\n # [\"resources\"][\"app_protection_rule_list\"][0][\"uuid\"]))\n wait_for_completion(data)\n \ndef wait_for_completion(data):\n if data.ok:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(\n pc_username, pc_password),\n verify=False)\n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Failed to create Snapshot Policy ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n state = data.json().get('state')\n print(\"Failed to create Snapshot Policy ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n \nparams = {}\nproject = @@{project_details}@@\nenvironment = @@{environment_details}@@\naccount = @@{account_details}@@\n\nparams['project_uuid'] = project['uuid']\nparams['environment'] = environment.get('uuid',None)\nparams['account_uuid'] = account['uuid']\nparams['cluster_uuid'] = \"@@{cluster_uuid}@@\"\n\nif environment:\n protection_policy(**params)\n print(\"Snapshot Policy Created Successfully.\")\nelse:\n print(\"Add environments to start creating snapshot policies.\")","type":"","command_line_args":"","exit_status":[],"script_type":"static"},"timeout_secs":"0","type":"EXEC","variable_list":[]}],"description":"","name":"a4e81cce_runbook","main_task_local_reference":{"kind":"app_task","name":"8ee0af0e_dag"},"variable_list":[{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"SECRET","name":"management_pc_username","value":"5kZt1nhps5Yl7nTmEaTMxYjXVWNkSFo7r7S8eFapDkTYDJo8aA==:utf-8","label":"Management PC Username","attrs":{"is_secret_modified":false,"secret_reference":{},"type":"SECRET"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"SECRET","name":"management_pc_password","value":"FfG5Y4508waO0LsY6lgCpmHYXoe9fReTHzmlIwiiFlsemjZRfDoOjvVVcA==:utf-8","label":"Management PC Password","attrs":{"is_secret_modified":false,"secret_reference":{},"type":"SECRET"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":""},"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"tenant_name","value":"at1","label":"Tenant Name","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"Click \"yes\" to cleanup any previous failed setup.","data_type":"BASE","type":"LOCAL","name":"delete_existing","value":"Yes","label":"Delete Existing setup","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":["Yes","No"]}},{"val_type":"STRING","is_mandatory":true,"description":"Example :- 10.44.46.56","data_type":"BASE","type":"LOCAL","name":"PC_IP","value":"10.44.76.167","label":"Workload PC IP","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^.*$"},"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"SECRET","name":"prism_central_username","value":"ylp7sIwL6oFWAowted\/7UVx+hehyoMZes4rfKVrSfuO4erHd9g==:utf-8","label":"Workload PC Username","attrs":{"is_secret_modified":false,"secret_reference":{},"type":"SECRET"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"SECRET","name":"prism_central_passwd","value":"kFDqpSYkvOHKagVNPaSj9+6WAXZu2CCRcneJ\/GuDR4p+w6lgcdBGz59lKw==:utf-8","label":"Workload PC Password","attrs":{"is_secret_modified":false,"secret_reference":{},"type":"SECRET"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":false,"description":"If IDP present on PC, Please provide same IDP Name.","data_type":"BASE","type":"LOCAL","name":"idp_name","value":"Calm_IDP","label":"IDP Name","attrs":{"type":""},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^(.|\\n)*$"},"val_type":"MULTILINE_STRING","is_mandatory":true,"description":"IDP Metadata XML Script","data_type":"BASE","type":"LOCAL","name":"idp_metadata","value":"<\/ds:Transforms>nMlSq1WMAjN5K5WXDsKhA0huZqilVn7SyY1V\/HyX4Rw=<\/ds:DigestValue><\/ds:Reference><\/ds:SignedInfo>ru1yfFhraJa\/sb4EoXqrrR7+\/e5DVTR\/riGdsJztHbR0E5uPrrn1wfCwdeLYAPj4dDGOT2S7lo49wMfVEVmheyfpdmaZVOvcUpRoZCbavlsWB+sUx6Vczgi70kceBVk0lb\/DPO\/VGq8FqBf9h2iOqnezwbt4RNSG+k6XXkIYLGUVP5BmU\/B8JvzTo9\/+MCUWV4mh1YAYum1XY8s5DfyG9io\/66t6cSG58BTNZ1mMxCfrxJ01zcci6ZxJFTCNATnsRmhNLTDv4PsjlWGcSECC010G8w8ryWos0v04a2h8Qq4cYaba8iB+ZYh9P69ooEusNjW+dPeEQznsDrq4CI6QRw==<\/ds:SignatureValue>MIIC9jCCAd6gAwIBAgIQUpnb\/DY\/iLVHyOoCXhftVzANBgkqhkiG9w0BAQsFADA3MTUwMwYDVQQDEyxBREZTIFNpZ25pbmcgLSBwaHhkZXZhZGZzMDEuY2FsbXNhYXN0ZXN0LmNvbTAeFw0yMTExMTcxMjQwMDdaFw0yMjExMTcxMjQwMDdaMDcxNTAzBgNVBAMTLEFERlMgU2lnbmluZyAtIHBoeGRldmFkZnMwMS5jYWxtc2Fhc3Rlc3QuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyR3yptRX8Huqhh2IkThm9BWiNKl8VQ2ca++zcF+Rrq79LfJEPNXHnYadCBp+kbWf43Sd+mPzujVdqq6MS2+zFsplxIm8h6lfZSAAxfqkHx7m2bD2TPdfBrO\/zdQ+9U3MVqcoZOu6ppIuGm8i9gpjOdArYYy\/k5HFkWvmm2zNSWPf0Vsg4iiU7lVpte\/5J7uVcoFazJFdKZNd7fjDw5favLzft+4EP\/nAf7vCHfAi8izfZcWn2+mcxddRb0WGSFAKNuCs6zUXHwcMJt6tfG7FFwaLL4k3tzTv2Z6TEmHpPwpONcEPs2Fxw5jO4kFPAdN2dXJDRWPQmEqwF5duODiPbwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBVleq4dFYrf1QdGfCBQqn6pt4nfhNLhqz1zwGl\/IJ84msx7gMLgN7c0XzzwA5NcJw5T\/r\/G9Sx+Wr9\/y6uSnPv5XQUwgFdpPqPsfi\/+u67Xr\/aKtNtw+MSdeZDTL+2EEj7RtBjmuq5a8VWuMHcyAHWp3QC3KJ4Uo3gFfeC6A3gAFUpx0zqr1sQQNhtcD0Wmytw+8mPRx2pPK3BrTP8Z7DOmylyESUdDErYifTp\/5xIC5ecgdIZesTG4rIT6nLlGyvcfaiA27SxXAwgXas0rnVo+BJpecKBwBJnHP9ifVmsxOu+hZNMN9h5CJHE0JpRBz0Lt+DoEjZaSKScjN7ubMpI<\/X509Certificate><\/X509Data><\/KeyInfo><\/ds:Signature>MIIC\/DCCAeSgAwIBAgIQXrVlrYCLCrNFzUpPABkaCzANBgkqhkiG9w0BAQsFADA6MTgwNgYDVQQDEy9BREZTIEVuY3J5cHRpb24gLSBwaHhkZXZhZGZzMDEuY2FsbXNhYXN0ZXN0LmNvbTAeFw0yMTExMTcxMjQwMDRaFw0yMjExMTcxMjQwMDRaMDoxODA2BgNVBAMTL0FERlMgRW5jcnlwdGlvbiAtIHBoeGRldmFkZnMwMS5jYWxtc2Fhc3Rlc3QuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7t7bbyGdj3LP+zUeezpZWrVBXhuGak4jg5qMxxAcsQBnEnXFHVbbc7NDHrxJD\/\/GCW8xKYnyf68gryhJ58sOm1uIkN+fQovlDPVx3gNg0p3KYUZJz\/uD2CT0lpLoGXr4a49iOTZJDbIpqIJlSsQdW4VtrA8wXUF9KmD7hYZHnmvHYXVu6Qbu0IA90T7t2AvGFLgqt5lR3xRfpqUUjfGCwPTgeq5E9Bxa+J8R+QFbdw84829ly+ij+qLwJSBn19lnbTwpBeKdJzT8H844+EF24Oj0KzYyJ+LA+F6nQXtNZ9pmA98ndqUapd9rmFr1ltOA1PUthCQ\/H02NrwFAiPmitwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQA0CniMj1WENmWoENigOxlujrj9QBuhggR1UtJp8BXl5wKcMEqfMDjppqpRiQBW6AJXI1EwUVKgNSeosgyCbGtEDYlu7pGv+5NRkp+z+5Nb\/VmpATgKPaVX9aQsmegWl5tfRVaRU5s\/qks5lmXrBdl7OTtYtf6J49561wkyyq3ZKT0rLQbR7YpkDMfcBG6LbcseLh10+FPJNUeJlFTIWEW8y0JxeOPInp6Vr5a+hQW+nCmsR27wNB1TKDP0CPat+TyajRyIIYlvWlnBRgAEEZJDMaoXsUhvvoiQ4XkFtFS5W3KeYdxViVsMPuicPvEEhh2mj2ELyRZnzefPoEC\/DuzI<\/X509Certificate><\/X509Data><\/KeyInfo><\/KeyDescriptor>E-Mail Address<\/auth:DisplayName>The e-mail address of the user<\/auth:Description><\/auth:ClaimType>Given Name<\/auth:DisplayName>The given name of the user<\/auth:Description><\/auth:ClaimType>Name<\/auth:DisplayName>The unique name of the user<\/auth:Description><\/auth:ClaimType>UPN<\/auth:DisplayName>The user principal name (UPN) of the user<\/auth:Description><\/auth:ClaimType>Common Name<\/auth:DisplayName>The common name of the user<\/auth:Description><\/auth:ClaimType>AD FS 1.x E-Mail Address<\/auth:DisplayName>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0<\/auth:Description><\/auth:ClaimType>Group<\/auth:DisplayName>A group that the user is a member of<\/auth:Description><\/auth:ClaimType>AD FS 1.x UPN<\/auth:DisplayName>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0<\/auth:Description><\/auth:ClaimType>Role<\/auth:DisplayName>A role that the user has<\/auth:Description><\/auth:ClaimType>Surname<\/auth:DisplayName>The surname of the user<\/auth:Description><\/auth:ClaimType>PPID<\/auth:DisplayName>The private identifier of the user<\/auth:Description><\/auth:ClaimType>Name ID<\/auth:DisplayName>The SAML name identifier of the user<\/auth:Description><\/auth:ClaimType>Authentication time stamp<\/auth:DisplayName>Used to display the time and date that the user was authenticated<\/auth:Description><\/auth:ClaimType>Authentication method<\/auth:DisplayName>The method used to authenticate the user<\/auth:Description><\/auth:ClaimType>Deny only group SID<\/auth:DisplayName>The deny-only group SID of the user<\/auth:Description><\/auth:ClaimType>Deny only primary SID<\/auth:DisplayName>The deny-only primary SID of the user<\/auth:Description><\/auth:ClaimType>Deny only primary group SID<\/auth:DisplayName>The deny-only primary group SID of the user<\/auth:Description><\/auth:ClaimType>Group SID<\/auth:DisplayName>The group SID of the user<\/auth:Description><\/auth:ClaimType>Primary group SID<\/auth:DisplayName>The primary group SID of the user<\/auth:Description><\/auth:ClaimType>Primary SID<\/auth:DisplayName>The primary SID of the user<\/auth:Description><\/auth:ClaimType>Windows account name<\/auth:DisplayName>The domain account name of the user in the form of domain\\user<\/auth:Description><\/auth:ClaimType>Is Registered User<\/auth:DisplayName>User is registered to use this device<\/auth:Description><\/auth:ClaimType>Device Identifier<\/auth:DisplayName>Identifier of the device<\/auth:Description><\/auth:ClaimType>Device Registration Identifier<\/auth:DisplayName>Identifier for Device Registration<\/auth:Description><\/auth:ClaimType>Device Registration DisplayName<\/auth:DisplayName>Display name of Device Registration<\/auth:Description><\/auth:ClaimType>Device OS type<\/auth:DisplayName>OS type of the device<\/auth:Description><\/auth:ClaimType>Device OS Version<\/auth:DisplayName>OS version of the device<\/auth:Description><\/auth:ClaimType>Is Managed Device<\/auth:DisplayName>Device is managed by a management service<\/auth:Description><\/auth:ClaimType>Forwarded Client IP<\/auth:DisplayName>IP address of the user<\/auth:Description><\/auth:ClaimType>Client Application<\/auth:DisplayName>Type of the Client Application<\/auth:Description><\/auth:ClaimType>Client User Agent<\/auth:DisplayName>Device type the client is using to access the application<\/auth:Description><\/auth:ClaimType>Client IP<\/auth:DisplayName>IP address of the client<\/auth:Description><\/auth:ClaimType>Endpoint Path<\/auth:DisplayName>Absolute Endpoint path which can be used to determine active versus passive clients<\/auth:Description><\/auth:ClaimType>Proxy<\/auth:DisplayName>DNS name of the federation server proxy that passed the request<\/auth:Description><\/auth:ClaimType>Application Identifier<\/auth:DisplayName>Identifier for the Relying Party<\/auth:Description><\/auth:ClaimType>Application policies<\/auth:DisplayName>Application policies of the certificate<\/auth:Description><\/auth:ClaimType>Authority Key Identifier<\/auth:DisplayName>The Authority Key Identifier extension of the certificate that signed an issued certificate<\/auth:Description><\/auth:ClaimType>Basic Constraint<\/auth:DisplayName>One of the basic constraints of the certificate<\/auth:Description><\/auth:ClaimType>Enhanced Key Usage<\/auth:DisplayName>Describes one of the enhanced key usages of the certificate<\/auth:Description><\/auth:ClaimType>Issuer<\/auth:DisplayName>The name of the certificate authority that issued the X.509 certificate<\/auth:Description><\/auth:ClaimType>Issuer Name<\/auth:DisplayName>The distinguished name of the certificate issuer<\/auth:Description><\/auth:ClaimType>Key Usage<\/auth:DisplayName>One of the key usages of the certificate<\/auth:Description><\/auth:ClaimType>Not After<\/auth:DisplayName>Date in local time after which a certificate is no longer valid<\/auth:Description><\/auth:ClaimType>Not Before<\/auth:DisplayName>The date in local time on which a certificate becomes valid<\/auth:Description><\/auth:ClaimType>Certificate Policies<\/auth:DisplayName>The policies under which the certificate has been issued<\/auth:Description><\/auth:ClaimType>Public Key<\/auth:DisplayName>Public Key of the certificate<\/auth:Description><\/auth:ClaimType>Certificate Raw Data<\/auth:DisplayName>The raw data of the certificate<\/auth:Description><\/auth:ClaimType>Subject Alternative Name<\/auth:DisplayName>One of the alternative names of the certificate<\/auth:Description><\/auth:ClaimType>Serial Number<\/auth:DisplayName>The serial number of a certificate<\/auth:Description><\/auth:ClaimType>Signature Algorithm<\/auth:DisplayName>The algorithm used to create the signature of a certificate<\/auth:Description><\/auth:ClaimType>Subject<\/auth:DisplayName>The subject from the certificate<\/auth:Description><\/auth:ClaimType>Subject Key Identifier<\/auth:DisplayName>Describes the subject key identifier of the certificate<\/auth:Description><\/auth:ClaimType>Subject Name<\/auth:DisplayName>The subject distinguished name from a certificate<\/auth:Description><\/auth:ClaimType>V2 Template Name<\/auth:DisplayName>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.<\/auth:Description><\/auth:ClaimType>V1 Template Name<\/auth:DisplayName>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.<\/auth:Description><\/auth:ClaimType>Thumbprint<\/auth:DisplayName>Thumbprint of the certificate<\/auth:Description><\/auth:ClaimType>X.509 Version<\/auth:DisplayName>The X.509 format version of a certificate<\/auth:Description><\/auth:ClaimType>Inside Corporate Network<\/auth:DisplayName>Used to indicate if a request originated inside corporate network<\/auth:Description><\/auth:ClaimType>Password Expiration Time<\/auth:DisplayName>Used to display the time when the password expires<\/auth:Description><\/auth:ClaimType>Password Expiration Days<\/auth:DisplayName>Used to display the number of days to password expiry<\/auth:Description><\/auth:ClaimType>Update Password URL<\/auth:DisplayName>Used to display the web address of update password service<\/auth:Description><\/auth:ClaimType>Authentication Methods References<\/auth:DisplayName>Used to indicate all authentication methods used to authenticate the user<\/auth:Description><\/auth:ClaimType>Client Request ID<\/auth:DisplayName>Identifier for a user session<\/auth:Description><\/auth:ClaimType><\/fed:ClaimTypesRequested>
https:\/\/phxdevadfs01.calmsaastest.com\/adfs\/services\/trust\/2005\/issuedtokenmixedasymmetricbasic256<\/Address><\/EndpointReference>
https:\/\/phxdevadfs01.calmsaastest.com\/adfs\/services\/trust\/2005\/issuedtokenmixedsymmetricbasic256<\/Address><\/EndpointReference>
https:\/\/phxdevadfs01.calmsaastest.com\/adfs\/services\/trust\/13\/issuedtokenmixedasymmetricbasic256<\/Address><\/EndpointReference>
https:\/\/phxdevadfs01.calmsaastest.com\/adfs\/services\/trust\/13\/issuedtokenmixedsymmetricbasic256<\/Address><\/EndpointReference>
https:\/\/phxdevadfs01.calmsaastest.com\/adfs\/ls\/<\/Address><\/EndpointReference>
http:\/\/phxdevadfs01.calmsaastest.com\/adfs\/services\/trust<\/Address><\/EndpointReference><\/fed:TargetScopes>
https:\/\/phxdevadfs01.calmsaastest.com\/adfs\/services\/trust\/2005\/issuedtokenmixedasymmetricbasic256<\/Address><\/EndpointReference><\/fed:ApplicationServiceEndpoint>
https:\/\/phxdevadfs01.calmsaastest.com\/adfs\/ls\/<\/Address><\/EndpointReference><\/fed:PassiveRequestorEndpoint><\/RoleDescriptor>MIIC9jCCAd6gAwIBAgIQUpnb\/DY\/iLVHyOoCXhftVzANBgkqhkiG9w0BAQsFADA3MTUwMwYDVQQDEyxBREZTIFNpZ25pbmcgLSBwaHhkZXZhZGZzMDEuY2FsbXNhYXN0ZXN0LmNvbTAeFw0yMTExMTcxMjQwMDdaFw0yMjExMTcxMjQwMDdaMDcxNTAzBgNVBAMTLEFERlMgU2lnbmluZyAtIHBoeGRldmFkZnMwMS5jYWxtc2Fhc3Rlc3QuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyR3yptRX8Huqhh2IkThm9BWiNKl8VQ2ca++zcF+Rrq79LfJEPNXHnYadCBp+kbWf43Sd+mPzujVdqq6MS2+zFsplxIm8h6lfZSAAxfqkHx7m2bD2TPdfBrO\/zdQ+9U3MVqcoZOu6ppIuGm8i9gpjOdArYYy\/k5HFkWvmm2zNSWPf0Vsg4iiU7lVpte\/5J7uVcoFazJFdKZNd7fjDw5favLzft+4EP\/nAf7vCHfAi8izfZcWn2+mcxddRb0WGSFAKNuCs6zUXHwcMJt6tfG7FFwaLL4k3tzTv2Z6TEmHpPwpONcEPs2Fxw5jO4kFPAdN2dXJDRWPQmEqwF5duODiPbwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBVleq4dFYrf1QdGfCBQqn6pt4nfhNLhqz1zwGl\/IJ84msx7gMLgN7c0XzzwA5NcJw5T\/r\/G9Sx+Wr9\/y6uSnPv5XQUwgFdpPqPsfi\/+u67Xr\/aKtNtw+MSdeZDTL+2EEj7RtBjmuq5a8VWuMHcyAHWp3QC3KJ4Uo3gFfeC6A3gAFUpx0zqr1sQQNhtcD0Wmytw+8mPRx2pPK3BrTP8Z7DOmylyESUdDErYifTp\/5xIC5ecgdIZesTG4rIT6nLlGyvcfaiA27SxXAwgXas0rnVo+BJpecKBwBJnHP9ifVmsxOu+hZNMN9h5CJHE0JpRBz0Lt+DoEjZaSKScjN7ubMpI<\/X509Certificate><\/X509Data><\/KeyInfo><\/KeyDescriptor><\/fed:TokenTypesOffered>E-Mail Address<\/auth:DisplayName>The e-mail address of the user<\/auth:Description><\/auth:ClaimType>Given Name<\/auth:DisplayName>The given name of the user<\/auth:Description><\/auth:ClaimType>Name<\/auth:DisplayName>The unique name of the user<\/auth:Description><\/auth:ClaimType>UPN<\/auth:DisplayName>The user principal name (UPN) of the user<\/auth:Description><\/auth:ClaimType>Common Name<\/auth:DisplayName>The common name of the user<\/auth:Description><\/auth:ClaimType>AD FS 1.x E-Mail Address<\/auth:DisplayName>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0<\/auth:Description><\/auth:ClaimType>Group<\/auth:DisplayName>A group that the user is a member of<\/auth:Description><\/auth:ClaimType>AD FS 1.x UPN<\/auth:DisplayName>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0<\/auth:Description><\/auth:ClaimType>Role<\/auth:DisplayName>A role that the user has<\/auth:Description><\/auth:ClaimType>Surname<\/auth:DisplayName>The surname of the user<\/auth:Description><\/auth:ClaimType>PPID<\/auth:DisplayName>The private identifier of the user<\/auth:Description><\/auth:ClaimType>Name ID<\/auth:DisplayName>The SAML name identifier of the user<\/auth:Description><\/auth:ClaimType>Authentication time stamp<\/auth:DisplayName>Used to display the time and date that the user was authenticated<\/auth:Description><\/auth:ClaimType>Authentication method<\/auth:DisplayName>The method used to authenticate the user<\/auth:Description><\/auth:ClaimType>Deny only group SID<\/auth:DisplayName>The deny-only group SID of the user<\/auth:Description><\/auth:ClaimType>Deny only primary SID<\/auth:DisplayName>The deny-only primary SID of the user<\/auth:Description><\/auth:ClaimType>Deny only primary group SID<\/auth:DisplayName>The deny-only primary group SID of the user<\/auth:Description><\/auth:ClaimType>Group SID<\/auth:DisplayName>The group SID of the user<\/auth:Description><\/auth:ClaimType>Primary group SID<\/auth:DisplayName>The primary group SID of the user<\/auth:Description><\/auth:ClaimType>Primary SID<\/auth:DisplayName>The primary SID of the user<\/auth:Description><\/auth:ClaimType>Windows account name<\/auth:DisplayName>The domain account name of the user in the form of domain\\user<\/auth:Description><\/auth:ClaimType>Is Registered User<\/auth:DisplayName>User is registered to use this device<\/auth:Description><\/auth:ClaimType>Device Identifier<\/auth:DisplayName>Identifier of the device<\/auth:Description><\/auth:ClaimType>Device Registration Identifier<\/auth:DisplayName>Identifier for Device Registration<\/auth:Description><\/auth:ClaimType>Device Registration DisplayName<\/auth:DisplayName>Display name of Device Registration<\/auth:Description><\/auth:ClaimType>Device OS type<\/auth:DisplayName>OS type of the device<\/auth:Description><\/auth:ClaimType>Device OS Version<\/auth:DisplayName>OS version of the device<\/auth:Description><\/auth:ClaimType>Is Managed Device<\/auth:DisplayName>Device is managed by a management service<\/auth:Description><\/auth:ClaimType>Forwarded Client IP<\/auth:DisplayName>IP address of the user<\/auth:Description><\/auth:ClaimType>Client Application<\/auth:DisplayName>Type of the Client Application<\/auth:Description><\/auth:ClaimType>Client User Agent<\/auth:DisplayName>Device type the client is using to access the application<\/auth:Description><\/auth:ClaimType>Client IP<\/auth:DisplayName>IP address of the client<\/auth:Description><\/auth:ClaimType>Endpoint Path<\/auth:DisplayName>Absolute Endpoint path which can be used to determine active versus passive clients<\/auth:Description><\/auth:ClaimType>Proxy<\/auth:DisplayName>DNS name of the federation server proxy that passed the request<\/auth:Description><\/auth:ClaimType>Application Identifier<\/auth:DisplayName>Identifier for the Relying Party<\/auth:Description><\/auth:ClaimType>Application policies<\/auth:DisplayName>Application policies of the certificate<\/auth:Description><\/auth:ClaimType>Authority Key Identifier<\/auth:DisplayName>The Authority Key Identifier extension of the certificate that signed an issued certificate<\/auth:Description><\/auth:ClaimType>Basic Constraint<\/auth:DisplayName>One of the basic constraints of the certificate<\/auth:Description><\/auth:ClaimType>Enhanced Key Usage<\/auth:DisplayName>Describes one of the enhanced key usages of the certificate<\/auth:Description><\/auth:ClaimType>Issuer<\/auth:DisplayName>The name of the certificate authority that issued the X.509 certificate<\/auth:Description><\/auth:ClaimType>Issuer Name<\/auth:DisplayName>The distinguished name of the certificate issuer<\/auth:Description><\/auth:ClaimType>Key Usage<\/auth:DisplayName>One of the key usages of the certificate<\/auth:Description><\/auth:ClaimType>Not After<\/auth:DisplayName>Date in local time after which a certificate is no longer valid<\/auth:Description><\/auth:ClaimType>Not Before<\/auth:DisplayName>The date in local time on which a certificate becomes valid<\/auth:Description><\/auth:ClaimType>Certificate Policies<\/auth:DisplayName>The policies under which the certificate has been issued<\/auth:Description><\/auth:ClaimType>Public Key<\/auth:DisplayName>Public Key of the certificate<\/auth:Description><\/auth:ClaimType>Certificate Raw Data<\/auth:DisplayName>The raw data of the certificate<\/auth:Description><\/auth:ClaimType>Subject Alternative Name<\/auth:DisplayName>One of the alternative names of the certificate<\/auth:Description><\/auth:ClaimType>Serial Number<\/auth:DisplayName>The serial number of a certificate<\/auth:Description><\/auth:ClaimType>Signature Algorithm<\/auth:DisplayName>The algorithm used to create the signature of a certificate<\/auth:Description><\/auth:ClaimType>Subject<\/auth:DisplayName>The subject from the certificate<\/auth:Description><\/auth:ClaimType>Subject Key Identifier<\/auth:DisplayName>Describes the subject key identifier of the certificate<\/auth:Description><\/auth:ClaimType>Subject Name<\/auth:DisplayName>The subject distinguished name from a certificate<\/auth:Description><\/auth:ClaimType>V2 Template Name<\/auth:DisplayName>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.<\/auth:Description><\/auth:ClaimType>V1 Template Name<\/auth:DisplayName>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.<\/auth:Description><\/auth:ClaimType>Thumbprint<\/auth:DisplayName>Thumbprint of the certificate<\/auth:Description><\/auth:ClaimType>X.509 Version<\/auth:DisplayName>The X.509 format version of a certificate<\/auth:Description><\/auth:ClaimType>Inside Corporate Network<\/auth:DisplayName>Used to indicate if a request originated inside corporate network<\/auth:Description><\/auth:ClaimType>Password Expiration Time<\/auth:DisplayName>Used to display the time when the password expires<\/auth:Description><\/auth:ClaimType>Password Expiration Days<\/auth:DisplayName>Used to display the number of days to password expiry<\/auth:Description><\/auth:ClaimType>Update Password URL<\/auth:DisplayName>Used to display the web address of update password service<\/auth:Description><\/auth:ClaimType>Authentication Methods References<\/auth:DisplayName>Used to indicate all authentication methods used to authenticate the user<\/auth:Description><\/auth:ClaimType>Client Request ID<\/auth:DisplayName>Identifier for a user session<\/auth:Description><\/auth:ClaimType><\/fed:ClaimTypesOffered>
https:\/\/phxdevadfs01.calmsaastest.com\/adfs\/services\/trust\/2005\/certificatemixed<\/Address>
https:\/\/phxdevadfs01.calmsaastest.com\/adfs\/services\/trust\/mex<\/Address><\/wsx:MetadataReference><\/wsx:MetadataSection><\/Metadata><\/Metadata><\/EndpointReference><\/fed:SecurityTokenServiceEndpoint>
https:\/\/phxdevadfs01.calmsaastest.com\/adfs\/ls\/<\/Address><\/EndpointReference><\/fed:PassiveRequestorEndpoint><\/RoleDescriptor>MIIC\/DCCAeSgAwIBAgIQXrVlrYCLCrNFzUpPABkaCzANBgkqhkiG9w0BAQsFADA6MTgwNgYDVQQDEy9BREZTIEVuY3J5cHRpb24gLSBwaHhkZXZhZGZzMDEuY2FsbXNhYXN0ZXN0LmNvbTAeFw0yMTExMTcxMjQwMDRaFw0yMjExMTcxMjQwMDRaMDoxODA2BgNVBAMTL0FERlMgRW5jcnlwdGlvbiAtIHBoeGRldmFkZnMwMS5jYWxtc2Fhc3Rlc3QuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7t7bbyGdj3LP+zUeezpZWrVBXhuGak4jg5qMxxAcsQBnEnXFHVbbc7NDHrxJD\/\/GCW8xKYnyf68gryhJ58sOm1uIkN+fQovlDPVx3gNg0p3KYUZJz\/uD2CT0lpLoGXr4a49iOTZJDbIpqIJlSsQdW4VtrA8wXUF9KmD7hYZHnmvHYXVu6Qbu0IA90T7t2AvGFLgqt5lR3xRfpqUUjfGCwPTgeq5E9Bxa+J8R+QFbdw84829ly+ij+qLwJSBn19lnbTwpBeKdJzT8H844+EF24Oj0KzYyJ+LA+F6nQXtNZ9pmA98ndqUapd9rmFr1ltOA1PUthCQ\/H02NrwFAiPmitwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQA0CniMj1WENmWoENigOxlujrj9QBuhggR1UtJp8BXl5wKcMEqfMDjppqpRiQBW6AJXI1EwUVKgNSeosgyCbGtEDYlu7pGv+5NRkp+z+5Nb\/VmpATgKPaVX9aQsmegWl5tfRVaRU5s\/qks5lmXrBdl7OTtYtf6J49561wkyyq3ZKT0rLQbR7YpkDMfcBG6LbcseLh10+FPJNUeJlFTIWEW8y0JxeOPInp6Vr5a+hQW+nCmsR27wNB1TKDP0CPat+TyajRyIIYlvWlnBRgAEEZJDMaoXsUhvvoiQ4XkFtFS5W3KeYdxViVsMPuicPvEEhh2mj2ELyRZnzefPoEC\/DuzI<\/X509Certificate><\/X509Data><\/KeyInfo><\/KeyDescriptor>MIIC9jCCAd6gAwIBAgIQUpnb\/DY\/iLVHyOoCXhftVzANBgkqhkiG9w0BAQsFADA3MTUwMwYDVQQDEyxBREZTIFNpZ25pbmcgLSBwaHhkZXZhZGZzMDEuY2FsbXNhYXN0ZXN0LmNvbTAeFw0yMTExMTcxMjQwMDdaFw0yMjExMTcxMjQwMDdaMDcxNTAzBgNVBAMTLEFERlMgU2lnbmluZyAtIHBoeGRldmFkZnMwMS5jYWxtc2Fhc3Rlc3QuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyR3yptRX8Huqhh2IkThm9BWiNKl8VQ2ca++zcF+Rrq79LfJEPNXHnYadCBp+kbWf43Sd+mPzujVdqq6MS2+zFsplxIm8h6lfZSAAxfqkHx7m2bD2TPdfBrO\/zdQ+9U3MVqcoZOu6ppIuGm8i9gpjOdArYYy\/k5HFkWvmm2zNSWPf0Vsg4iiU7lVpte\/5J7uVcoFazJFdKZNd7fjDw5favLzft+4EP\/nAf7vCHfAi8izfZcWn2+mcxddRb0WGSFAKNuCs6zUXHwcMJt6tfG7FFwaLL4k3tzTv2Z6TEmHpPwpONcEPs2Fxw5jO4kFPAdN2dXJDRWPQmEqwF5duODiPbwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBVleq4dFYrf1QdGfCBQqn6pt4nfhNLhqz1zwGl\/IJ84msx7gMLgN7c0XzzwA5NcJw5T\/r\/G9Sx+Wr9\/y6uSnPv5XQUwgFdpPqPsfi\/+u67Xr\/aKtNtw+MSdeZDTL+2EEj7RtBjmuq5a8VWuMHcyAHWp3QC3KJ4Uo3gFfeC6A3gAFUpx0zqr1sQQNhtcD0Wmytw+8mPRx2pPK3BrTP8Z7DOmylyESUdDErYifTp\/5xIC5ecgdIZesTG4rIT6nLlGyvcfaiA27SxXAwgXas0rnVo+BJpecKBwBJnHP9ifVmsxOu+hZNMN9h5CJHE0JpRBz0Lt+DoEjZaSKScjN7ubMpI<\/X509Certificate><\/X509Data><\/KeyInfo><\/KeyDescriptor>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress<\/NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent<\/NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient<\/NameIDFormat><\/SPSSODescriptor>MIIC\/DCCAeSgAwIBAgIQXrVlrYCLCrNFzUpPABkaCzANBgkqhkiG9w0BAQsFADA6MTgwNgYDVQQDEy9BREZTIEVuY3J5cHRpb24gLSBwaHhkZXZhZGZzMDEuY2FsbXNhYXN0ZXN0LmNvbTAeFw0yMTExMTcxMjQwMDRaFw0yMjExMTcxMjQwMDRaMDoxODA2BgNVBAMTL0FERlMgRW5jcnlwdGlvbiAtIHBoeGRldmFkZnMwMS5jYWxtc2Fhc3Rlc3QuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7t7bbyGdj3LP+zUeezpZWrVBXhuGak4jg5qMxxAcsQBnEnXFHVbbc7NDHrxJD\/\/GCW8xKYnyf68gryhJ58sOm1uIkN+fQovlDPVx3gNg0p3KYUZJz\/uD2CT0lpLoGXr4a49iOTZJDbIpqIJlSsQdW4VtrA8wXUF9KmD7hYZHnmvHYXVu6Qbu0IA90T7t2AvGFLgqt5lR3xRfpqUUjfGCwPTgeq5E9Bxa+J8R+QFbdw84829ly+ij+qLwJSBn19lnbTwpBeKdJzT8H844+EF24Oj0KzYyJ+LA+F6nQXtNZ9pmA98ndqUapd9rmFr1ltOA1PUthCQ\/H02NrwFAiPmitwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQA0CniMj1WENmWoENigOxlujrj9QBuhggR1UtJp8BXl5wKcMEqfMDjppqpRiQBW6AJXI1EwUVKgNSeosgyCbGtEDYlu7pGv+5NRkp+z+5Nb\/VmpATgKPaVX9aQsmegWl5tfRVaRU5s\/qks5lmXrBdl7OTtYtf6J49561wkyyq3ZKT0rLQbR7YpkDMfcBG6LbcseLh10+FPJNUeJlFTIWEW8y0JxeOPInp6Vr5a+hQW+nCmsR27wNB1TKDP0CPat+TyajRyIIYlvWlnBRgAEEZJDMaoXsUhvvoiQ4XkFtFS5W3KeYdxViVsMPuicPvEEhh2mj2ELyRZnzefPoEC\/DuzI<\/X509Certificate><\/X509Data><\/KeyInfo><\/KeyDescriptor>MIIC9jCCAd6gAwIBAgIQUpnb\/DY\/iLVHyOoCXhftVzANBgkqhkiG9w0BAQsFADA3MTUwMwYDVQQDEyxBREZTIFNpZ25pbmcgLSBwaHhkZXZhZGZzMDEuY2FsbXNhYXN0ZXN0LmNvbTAeFw0yMTExMTcxMjQwMDdaFw0yMjExMTcxMjQwMDdaMDcxNTAzBgNVBAMTLEFERlMgU2lnbmluZyAtIHBoeGRldmFkZnMwMS5jYWxtc2Fhc3Rlc3QuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyR3yptRX8Huqhh2IkThm9BWiNKl8VQ2ca++zcF+Rrq79LfJEPNXHnYadCBp+kbWf43Sd+mPzujVdqq6MS2+zFsplxIm8h6lfZSAAxfqkHx7m2bD2TPdfBrO\/zdQ+9U3MVqcoZOu6ppIuGm8i9gpjOdArYYy\/k5HFkWvmm2zNSWPf0Vsg4iiU7lVpte\/5J7uVcoFazJFdKZNd7fjDw5favLzft+4EP\/nAf7vCHfAi8izfZcWn2+mcxddRb0WGSFAKNuCs6zUXHwcMJt6tfG7FFwaLL4k3tzTv2Z6TEmHpPwpONcEPs2Fxw5jO4kFPAdN2dXJDRWPQmEqwF5duODiPbwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBVleq4dFYrf1QdGfCBQqn6pt4nfhNLhqz1zwGl\/IJ84msx7gMLgN7c0XzzwA5NcJw5T\/r\/G9Sx+Wr9\/y6uSnPv5XQUwgFdpPqPsfi\/+u67Xr\/aKtNtw+MSdeZDTL+2EEj7RtBjmuq5a8VWuMHcyAHWp3QC3KJ4Uo3gFfeC6A3gAFUpx0zqr1sQQNhtcD0Wmytw+8mPRx2pPK3BrTP8Z7DOmylyESUdDErYifTp\/5xIC5ecgdIZesTG4rIT6nLlGyvcfaiA27SxXAwgXas0rnVo+BJpecKBwBJnHP9ifVmsxOu+hZNMN9h5CJHE0JpRBz0Lt+DoEjZaSKScjN7ubMpI<\/X509Certificate><\/X509Data><\/KeyInfo><\/KeyDescriptor>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress<\/NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent<\/NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient<\/NameIDFormat><\/IDPSSODescriptor><\/EntityDescriptor>","label":"IDP Metadata","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"Example :- pjadmin@corp.company.ca","data_type":"BASE","type":"LOCAL","name":"project_admin_user","value":"idpuser5@calmsaastest.com","label":"Project Admin","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"cluster_name","value":"auto_cluster_prod_f38da47d51f4","label":"Cluster Name","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"virtual_switch","value":"vs0","label":"Virtual Switch Name","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^[\\d]*$"},"val_type":"INT","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"external_vlan_id","value":"82","label":"External VLAN ID","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"Example :- 10.20.30.0\/24","data_type":"BASE","type":"LOCAL","name":"external_subnet_ip","value":"10.10.13.0\/24","label":"External Subnet IP with Prefix","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"Enter Start IP followed by End IP. Example :- 10.20.30.2-10.20.30.10","data_type":"BASE","type":"LOCAL","name":"external_subnet_ip_pool","value":"10.10.13.2-10.10.13.10","label":"External Subnet IP Pool Range","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"Example :- 10.20.30.1","data_type":"BASE","type":"LOCAL","name":"external_subnet_gateway_ip","value":"10.10.13.1","label":"External Subnet Gateway IP","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"external_subnet_nat","value":"True","label":"External Subnet NAT","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":["True","False"]}},{"val_type":"STRING","is_mandatory":true,"description":"Example :- 10.10.10.0\/24","data_type":"BASE","type":"LOCAL","name":"overlay_subnet_ip","value":"10.10.10.0\/24","label":"Overlay Subnet IP With Prefix","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"overlay_subnet_gateway_ip","value":"10.10.10.1","label":"Overlay Subnet Gateway IP","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"account_name","value":"policy_account","label":"Account Name","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^[\\d]*$"},"val_type":"INT","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"project_vcpu","value":"6","label":"Quota : vCPUs ","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^[\\d]*$"},"val_type":"INT","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"project_memory","value":"12","label":"Quota : Memory in GB","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^[\\d]*$"},"val_type":"INT","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"project_disk_size","value":"50","label":"Quota : Disk Size in GB","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"allow_collaboration","value":"True","label":"Allow Project Collaboration","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":["True","False"]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"create_environment","value":"No","label":"Create Project Environment with Default Values","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":["Yes","No"]}},{"val_type":"STRING","is_mandatory":true,"description":"Required only if creating environment with default values.","data_type":"BASE","type":"LOCAL","name":"environment_os","value":"Linux","label":"Environment operating system","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":["Linux","Windows"]}},{"val_type":"STRING","is_mandatory":true,"description":"Required only if creating environment with default values.","data_type":"BASE","type":"LOCAL","name":"image_name","value":"Centos7HadoopMaster","label":"Image Name","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^(.|\\n)*$"},"val_type":"MULTILINE_STRING","is_mandatory":false,"description":"Should be base64 encoded for Linux and XML for Windows.","data_type":"BASE","type":"LOCAL","name":"guest_customization_script","value":"I2Nsb3VkLWNvbmZpZwp1c2VyczoKICAtIG5hbWU6IG51dGFuaXgKICAgIHNzaC1hdXRob3JpemVkLWtleXM6CiAgICAgIC0gc3NoLXJzYSBLRVkKICAgIHN1ZG86IFsnQUxMPShBTEwpIE5PUEFTU1dEOkFMTCddCiAgICBncm91cHM6IHN1ZG8KICAgIHNoZWxsOiAvYmluL2Jhc2gKCnBhY2thZ2VzOgogIC0gaHR0cGQ=","label":"Guest Customization Script","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"credential_username","value":"root","label":"Environment Credential Username","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"credential_type","value":"KEY","label":"Credential Type","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":["PASSWORD","KEY"]}},{"regex":{"should_validate":false,"value":"^(.|\\n)*$"},"val_type":"MULTILINE_STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"password_or_key","value":"-----BEGIN OPENSSH PRIVATE KEY-----\nb3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS\n1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQR9WZPeBSvixkhjQOh9yCXXlEx5CN9M\nyh94CJJ1rigf8693gc90HmahIR5oMGHwlqMoS7kKrRw+4KpxqsF7LGvxAAAAqJZtgRuWbY\nEbAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH1Zk94FK+LGSGNA\n6H3IJdeUTHkI30zKH3gIknWuKB\/zr3eBz3QeZqEhHmgwYfCWoyhLuQqtHD7gqnGqwXssa\/\nEAAAAgBzKpRmMyXZ4jnSt3ARz0ul6R79AXAr5gQqDAmoFeEKwAAAAOYWpAYm93aWUubG9j\nYWwBAg==\n-----END OPENSSH PRIVATE KEY-----","label":"Password Or Key","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}}]}},"name":"Tenant Onboarding with IDP_new"},"api_version":"3.0","metadata":{"last_update_time":"1688975952555998","kind":"runbook","spec_version":49,"creation_time":"1688710214221539","name":"Tenant Onboarding with IDP_new"}} \ No newline at end of file +{"status":{},"contains_secrets":true,"product_version":"3.7.2.1","spec":{"description":"","resources":{"endpoints_information":[],"endpoint_definition_list":[],"client_attrs":{},"credential_definition_list":[],"runbook":{"task_definition_list":[{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[{"kind":"app_task","name":"Precheck Validation"},{"kind":"app_task","name":"Generate Tenant UID"},{"kind":"app_task","name":"Create Categories"},{"kind":"app_task","name":"Create IDP"},{"kind":"app_task","name":"Create External Subnet"},{"kind":"app_task","name":"Create VPC"},{"kind":"app_task","name":"Create Overlay Subnet"},{"kind":"app_task","name":"Create Project"},{"kind":"app_task","name":"Create Tunnel for VPC"},{"kind":"app_task","name":"Set Quota"},{"kind":"app_task","name":"Create Environment"},{"kind":"app_task","name":"Update Project"},{"kind":"app_task","name":"Create Protection Policy"}],"name":"8ee0af0e_dag","attrs":{"edges":[{"from_task_reference":{"kind":"app_task","name":"Precheck Validation"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Generate Tenant UID"}},{"from_task_reference":{"kind":"app_task","name":"Create External Subnet"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create VPC"}},{"from_task_reference":{"kind":"app_task","name":"Create VPC"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create Overlay Subnet"}},{"from_task_reference":{"kind":"app_task","name":"Generate Tenant UID"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create Categories"}},{"from_task_reference":{"kind":"app_task","name":"Create Environment"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Update Project"}},{"from_task_reference":{"kind":"app_task","name":"Set Quota"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create Environment"}},{"from_task_reference":{"kind":"app_task","name":"Create Tunnel for VPC"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Set Quota"}},{"from_task_reference":{"kind":"app_task","name":"Create IDP"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create External Subnet"}},{"from_task_reference":{"kind":"app_task","name":"Generate Tenant UID"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create IDP"}},{"from_task_reference":{"kind":"app_task","name":"Create Project"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create Tunnel for VPC"}},{"from_task_reference":{"kind":"app_task","name":"Create Overlay Subnet"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create Project"}},{"from_task_reference":{"kind":"app_task","name":"Update Project"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"Create Protection Policy"}}],"type":""},"timeout_secs":"0","type":"DAG","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Precheck Validation","attrs":{"exit_status":[],"script":"# script\n\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"@@{PC_IP}@@\".strip()\npc_username = \"@@{prism_central_username}@@\".strip()\npc_password = \"@@{prism_central_passwd}@@\".strip()\nmgmt_pc_username = \"@@{prism_central_username}@@\".strip()\nmgmt_pc_password = \"@@{management_pc_password}@@\".strip()\nskip_delete = False\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef _get_cluster_details(cluster_name):\n payload = {\"kind\": \"cluster\"}\n url = _build_url(scheme=\"https\",\n resource_type=\"\/clusters\/list\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if data.ok:\n for _cluster in data.json()['entities']:\n if _cluster['status']['name'] == cluster_name:\n print(\"cluster_uuid={}\".format(_cluster['metadata']['uuid']))\n return str(_cluster['metadata']['uuid'])\n print(\"Input Error :- Given cluster %s not present on %s\"%(cluster_name, PC_IP))\n exit(1)\n else:\n print(\"Error while fetching %s cluster info\"%cluster_name)\n print(data.json().get('message_list',data.json().get('error_detail', data.json())))\n exit(1)\n \ndef _get_virtual_switch_uuid(virtual_switch_name, cluster_uuid): \n payload = {\"entity_type\": \"distributed_virtual_switch\", \n \"filter\": \"name==%s\"%virtual_switch_name}\n url = _build_url(scheme=\"https\",\n resource_type=\"\/groups\") \n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n verify=False)\n if data.ok:\n _uuid = data.json()['group_results'][0]['entity_results'][0]['entity_id']\n _url = \"https:\/\/%s:9440\/api\/networking\/v2.a1\/dvs\/virtual-switches\/%s?proxyClusterUuid=%s\"%(PC_IP,\n _uuid,\n cluster_uuid)\n _data = requests.get(_url, auth=HTTPBasicAuth(pc_username, pc_password),verify=False)\n if _data.json()['data']['name'] == virtual_switch_name:\n print(\"virtual switch uuid ----> \",_uuid)\n return str(_uuid)\n else:\n print(\"Input Error :- %s virtual switch not present on %s\"%(virtual_switch_name, PC_IP))\n exit(1)\n else:\n print(\"Error while fetching virtual switch details :- \",data.json().get('message_list',\n data.json().get('error_detail', \n data.json())))\n\ndef _get_subnet_uuid(subnet, delete=False):\n global skip_delete\n url = _build_url(scheme=\"https\",resource_type=\"\/subnets\/list\")\n data = requests.post(url, json={\"kind\":\"subnet\", \"filter\":\"name==%s\"%subnet},\n auth=HTTPBasicAuth(pc_username, \n pc_password),\n timeout=None, verify=False)\n if data.ok:\n if data.json()['metadata']['total_matches'] == 0:\n print(\"%s not present on %s\"%(subnet, PC_IP))\n skip_delete = True\n if not delete:\n exit(1)\n elif data.json()['metadata']['total_matches'] > 1:\n print(\"There are more than one subnets with name - %s on - %s\"%(subnet, PC_IP))\n print(\"Please delete it manually before executing runbook.\")\n exit(1)\n else:\n skip_delete = False\n return data.json()['entities'][0]['metadata']['uuid']\n else:\n print(\"Error while fetching subnet details :- \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\n \ndef get_subnet_details(_uuid):\n url = _build_url(scheme=\"https\",resource_type=\"\/subnets\/%s\"%_uuid)\n data = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n if not data.ok:\n print(\"Error while fetching project subnet details.\")\n print(data.json().get('message_list',\\\n data.json().get('error_detail', data.json())))\n exit(1)\n else:\n print(\"project_subnet_address={}\".format(data.json()['spec']\\\n ['resources']['ip_config']['pool_list'][0]['range'].split( )[-1]))\n \ndef _get_vpc_uuid(vpc_name):\n global skip_delete\n url = _build_url(scheme=\"https\",resource_type=\"\/vpcs\/list\")\n data = requests.post(url, json={\"kind\":\"vpc\", \"filter\":\"name==%s\"%vpc_name},\n auth=HTTPBasicAuth(pc_username, \n pc_password),\n timeout=None, verify=False)\n if data.ok:\n if data.json()['metadata']['total_matches'] == 0:\n print(\"%s not present on %s\"%(vpc_name, PC_IP))\n skip_delete = True\n elif data.json()['metadata']['total_matches'] > 1:\n print(\"There are more than one VPC's with name - %s on - %s\"%(vpc_name, PC_IP))\n print(\"Please delete it manually before executing runbook.\")\n exit(1)\n else:\n skip_delete = False\n return data.json()['entities'][0]['metadata']['uuid']\n else:\n print(\"Error while fetching VPC details :- \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\n \ndef _get_project_uuid(project_name):\n global skip_delete\n url = _build_url(scheme=\"https\",resource_type=\"\/projects\/list\", host = \"localhost\")\n data = requests.post(url, json={\"kind\":\"project\", \"filter\":\"name==%s\"%project_name},\n auth=HTTPBasicAuth(mgmt_pc_username, \n mgmt_pc_password),\n timeout=None, verify=False)\n if data.ok:\n if data.json()['metadata']['total_matches'] == 0:\n print(\"%s not present on %s\"%(project_name, \"Management PC\"))\n skip_delete = True\n elif data.json()['metadata']['total_matches'] > 1:\n print(\"There are more than one projects with name - %s on - %s\"%(project_name, \"Management PC\"))\n print(\"Please delete it manually before executing runbook.\")\n exit(1)\n else:\n skip_delete = False\n return data.json()['entities'][0]['metadata']['uuid']\n else:\n print(\"Error while fetching project details :- \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\n\ndef _get_tunnel_uuid(tunnel_name):\n global skip_delete\n tunnel_state = [\"CONNECTING\",\"NOT_VALIDATED\" ]\n url = _build_url(scheme=\"https\",resource_type=\"\/tunnels\/list\",host=\"localhost\")\n data = requests.post(url, json={\"kind\": \"tunnel\",\"filter\":\"name==%s\"%tunnel_name},\n auth=HTTPBasicAuth(mgmt_pc_username, \n mgmt_pc_password),\n timeout=None, verify=False)\n if data.ok:\n if data.json()['metadata']['total_matches'] == 0:\n print(\"%s does not exist\"%(tunnel_name))\n skip_delete = True\n elif data.json()['metadata']['total_matches'] > 1:\n print(\"There are more than one tunnel with name - %s\"%(tunnel_name))\n print(\"Please delete it manually before executing runbook.\")\n exit(1)\n elif data.json()['entities'][0]['status']['state'] in tunnel_state:\n print(\"tunnel is in NOT_VALIDATED,Please delete it manually before executing runbook.\")\n exit(1)\n else:\n skip_delete = False\n tunnel_uuid = data.json()['entities'][0]['status']['resources']['uuid']\n return tunnel_uuid\n else:\n print(\"Error while fetching tunnel details :- \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\n\ndef _get_network_group_uuid(tunnel_name):\n global skip_delete\n url = _build_url(scheme=\"https\",resource_type=\"\/network_groups\/list\",host=\"localhost\")\n data = requests.post(url, json={\"kind\": \"network_group\",\"filter\":\"name==%s\"%tunnel_name},\n auth=HTTPBasicAuth(mgmt_pc_username, \n mgmt_pc_password),\n timeout=None, verify=False)\n if data.ok:\n if data.json()['metadata']['total_matches'] == 0:\n print(\"%s does not exist\"%(tunnel_name))\n skip_delete = True\n else:\n skip_delete = False\n group_uuid = data.json()['entities'][0]['status']['resources']['uuid']\n return group_uuid\n else:\n print(\"Error while fetching network group details :- \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\n\ndef delete_project_environment(project_name):\n print(\"Fetching project environments information...\")\n project_name = project_name.strip()\n url = _build_url(scheme=\"https\", host=\"localhost\",resource_type=\"\/environments\/list\")\n data = requests.post(url, json={\"kind\":\"environment\"},\n auth=HTTPBasicAuth(mgmt_pc_username, \n mgmt_pc_password),\n timeout=None, verify=False)\n uuid_list = []\n if data.ok:\n if data.json()[\"metadata\"] > 0:\n for _env in data.json()[\"entities\"]:\n if \"project_reference\" in _env[\"metadata\"].keys():\n if _env[\"metadata\"][\"project_reference\"][\"name\"] == project_name:\n uuid_list.append(_env[\"metadata\"][\"uuid\"])\n else:\n print(\"Info : No environment found on localhost\")\n else:\n print(\"Failed to fetch environment details.\")\n print(data.json().get('message_list',data.json().get('error_detail', data.json())))\n exit(1)\n \n for _uuid in uuid_list:\n url = _build_url(scheme=\"https\", host=\"localhost\",resource_type=\"\/environments\/%s\"%_uuid)\n data = requests.delete(url,auth=HTTPBasicAuth(mgmt_pc_username, \n mgmt_pc_password),\n timeout=None, verify=False)\n if data.ok:\n if \"Environment with uuid %s deleted\"%_uuid not in data.json()[\"description\"]:\n print(\"Failed to project environment.\",data.json())\n exit(1)\n else:\n print(\"Error while deleting project environment.\")\n print(data.json().get('message_list',data.json().get('error_detail', data.json())))\n exit(1)\n \n if uuid_list != []:\n print(\"%s Project environment with %s uuid's deleted successfully.\"%(project_name, uuid_list))\n\ndef wait_for_completion(data):\n if data.ok:\n state = data.json().get('status', None).get('state', None)\n while state == \"DELETE_PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if responce.json().get('status', None) in ['DELETE_PENDING']:\n state = 'DELETE_PENDING'\n sleep(5) \n elif responce.json().get('status', None) == 'FAILED':\n print(\"Got Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\" \n else:\n print(\"Got Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n \ndef _get_ip(IP):\n ip_list = IP.split(\".\")\n gatewat_digit = int(ip_list[-1]) + 1\n start_digit = gatewat_digit + 1\n end_digit = start_digit + 50\n gateway_ip = ip_list[:3]\n gateway_ip.append(str(gatewat_digit))\n gateway_ip = \".\".join(gateway_ip)\n start_ip = ip_list[:3]\n start_ip.append(str(start_digit))\n start_ip = \".\".join(start_ip)\n end_ip = ip_list[:3]\n end_ip.append(str(end_digit))\n end_ip = \".\".join(end_ip)\n return (gateway_ip, start_ip, end_ip)\n \nexternal_subnet_items = {}\nvpc_items = {}\noverlay_subnet_items = {}\nproject_items = {}\nidp_items = {}\naccount_items = {}\ntunnel_items = {}\n\ntenant = \"@@{tenant_name}@@\".strip()\ncluster = \"@@{cluster_name}@@\".strip()\ncluter_uuid = _get_cluster_details(cluster)\nexternal_subnet = \"@@{external_subnet_ip}@@\".strip()\nexternal_subnet_ip, external_subnet_prefix= external_subnet.split(\"\/\")\nexternal_subnet_items['name'] = \"@@{tenant_name}@@_External_Subnet\"\nexternal_subnet_items['cluster'] = cluster\nexternal_subnet_items['enable_nat'] = @@{external_subnet_nat}@@\nexternal_subnet_items['virtual_switch_name'] = \"@@{virtual_switch}@@\".strip()\n_uuid = _get_virtual_switch_uuid(external_subnet_items['virtual_switch_name'], cluter_uuid)\nexternal_subnet_items['gateway_ip'] = \"@@{external_subnet_gateway_ip}@@\".strip()\nexternal_subnet_items['network_ip'] = external_subnet_ip\nexternal_subnet_items['prefix'] = int(external_subnet_prefix)\nIP_POOL = \"@@{external_subnet_ip_pool}@@\".strip().split(\"-\")\nexternal_subnet_items['ip_pools'] = {\"range\":\"%s %s\"%(IP_POOL[0],IP_POOL[1])}\n\nvpc_items['name'] = \"@@{tenant_name}@@_VPC\"\nvpc_items['external_subnet_name'] = external_subnet_items['name']\ntunnel_items['name'] = \"@@{tenant_name}@@_VPC_Tunnel\"\n\noverlay_subnet = \"@@{overlay_subnet_ip}@@\".strip()\noverlay_subnet_ip, overlay_subnet_prefix = overlay_subnet.split(\"\/\")\noverlay_subnet_items['subnet_name'] = \"@@{tenant_name}@@_Overlay_Subnet\"\noverlay_subnet_items['vpc_name'] = vpc_items['name']\noverlay_subnet_items['network_ip'] = overlay_subnet_ip\noverlay_subnet_items['prefix'] = int(overlay_subnet_prefix)\noverlay_subnet_items['gateway_ip'] = \"@@{overlay_subnet_gateway_ip}@@\".strip()\nIP = _get_ip(overlay_subnet_ip)\noverlay_subnet_items['ip_pool'] = [{\"ip_pools_start_ip\":IP[1], \n \"ip_pools_end_ip\":IP[2]}]\nprint(\"project_subnet_address={}\".format(IP[2]))\n\nidp_items['name'] = \"Tenant_{}_IDP\".format(\"@@{tenant_name}@@\".strip())\n#idp_items['metadata'] = \"@@{idp_metadata}@@\".strip()\n\nadmin_user = \"@@{project_admin_user}@@\".strip()\nproject_subnet_uuid = \"\"\nproject_items['name'] = \"{}_project\".format(tenant)\nproject_items['tenant_users'] = [{\"admin\": [\"{}\".format(admin_user)]}]\nproject_items['accounts'] = \"@@{account_name}@@\".strip()\nproject_items['allow_collaboration'] = False\n#project_subnet = \"@@{project_subnet_uuid}@@\"\n#get_subnet_details(project_subnet)\n#print(\"project_subnet_uuid={}\".format(project_subnet))\n#project_items['subnets'] = [\"{}\".format(project_subnet)]\nproject_items['quotas'] = [{'storage_gb':@@{project_disk_size}@@,\n 'mem_gb':@@{project_memory}@@,\n 'vcpu':@@{project_vcpu}@@}]\n\naccount_items['cluster'] = cluster\naccount_items['quotas'] = [{'storage_gb':@@{project_disk_size}@@,\n 'mem_gb':@@{project_memory}@@,\n 'vcpu':@@{project_vcpu}@@}]\n\nprint(\"external_subnet_items={}\".format(external_subnet_items))\nprint(\"vpc_items={}\".format(vpc_items))\nprint(\"overlay_subnet_items={}\".format(overlay_subnet_items))\nprint(\"project_items={}\".format(project_items))\nprint(\"idp_items={}\".format(idp_items))\nprint(\"account_items={}\".format(account_items))\nprint(\"Tunnel_items={}\".format(tunnel_items))\n\n\ndef _delete(type, uuid, **params):\n if(params.get(\"host\",None)):\n host = params['host']\n else:\n host = PC_IP\n url = _build_url(scheme=\"https\",host=host,resource_type=\"\/%s\/%s\"%(type,uuid))\n if(params.get(\"username\",None)):\n user_name = params['username']\n else:\n user_name = pc_username\n\n if(params.get(\"password\",None)):\n pass_word = params['password']\n else:\n pass_word = pc_password\n \n data = requests.delete(url, auth=HTTPBasicAuth(user_name, pass_word),\n timeout=None, verify=False)\n if not data.ok:\n print(\"Failed to delete existing %s with uuid %s.\"%(type, uuid))\n print(\"Error :- \",data.json())\n exit(1)\n else:\n wait_for_completion(data)\n \nif \"@@{delete_existing}@@\".lower() == \"yes\":\n _group_uuid = _get_network_group_uuid(tunnel_name=tunnel_items['name'])\n _tunnel_uuid = _get_tunnel_uuid(tunnel_name=tunnel_items['name'])\n if skip_delete == False:\n _delete(type=\"network_groups\/{}\/tunnels\".format(_group_uuid),uuid=_tunnel_uuid, username=mgmt_pc_username, password=mgmt_pc_password, host = \"localhost\")\n sleep(5)\n \n _uuid = _get_project_uuid(project_items['name'])\n\n if skip_delete == False:\n delete_project_environment(project_items['name'])\n _delete(type=\"projects\", uuid=_uuid, host=\"localhost\", username=mgmt_pc_username, password=mgmt_pc_password)\n \n _uuid = _get_subnet_uuid(subnet=overlay_subnet_items['subnet_name'], delete=True)\n if skip_delete == False:\n _delete(type=\"subnets\", uuid=_uuid)\n sleep(5)\n \n _uuid = _get_vpc_uuid(vpc_items['name'])\n if skip_delete == False:\n _delete(type=\"vpcs\", uuid=_uuid)\n sleep(5)\n \n _uuid = _get_subnet_uuid(subnet=external_subnet_items['name'], delete=True)\n if skip_delete == False:\n _delete(type=\"subnets\", uuid=_uuid)","eval_variables":["external_subnet_items","vpc_items","overlay_subnet_items","project_items","idp_items","account_items","cluster_uuid","project_subnet_uuid","project_subnet_address"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Generate Tenant UID","attrs":{"exit_status":[],"script":"uid = uuid.uuid4()\nprint(\"UID={}\".format({\"tenant_uuid\":'%s'%uid}))\n","eval_variables":["UID"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create Categories","attrs":{"script":"# script\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"@@{PC_IP}@@\".strip()\npc_password = \"@@{prism_central_passwd}@@\".strip()\npc_username = \"@@{prism_central_username}@@\".strip()\n\ntenant = @@{UID}@@\nCategoryName = \"TenantName\"\nvalue = \"@@{tenant_name}@@\".strip()\ndescription = \"Tenant Onboarding category for %s\"%value\n\nbase_url = 'https:\/\/{}:9440\/api\/nutanix\/v3\/categories'.format(PC_IP)\npayload = {\n \"name\": CategoryName,\n \"description\": description,\n# \"capabilities\": {\n# \"cardinality\": 64\n# }\n }\n\napi_url = base_url + '\/' + CategoryName\n\nr = requests.put(api_url, json=payload, \n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\nif not r.ok:\n print(\"PUT request failed\", r.content)\n exit(1)\n\nbatch_url = \"https:\/\/{}:9440\/api\/nutanix\/v3\/batch\".format(PC_IP)\n\npayload = {\"action_on_failure\":\"CONTINUE\",\n \"execution_order\":\"NON_SEQUENTIAL\",\n \"api_request_list\":[\n {\n \"operation\":\"PUT\",\n \"path_and_params\":\"\/api\/nutanix\/v3\/categories\/{}\/{}\".format(CategoryName, value),\n \"body\":{\n \"value\":value,\n \"description\":description\n }\n }\n ],\n \"api_version\":\"3.0\"}\n\nr = requests.post(batch_url, json=payload, \n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\nif r.ok:\n print(\"Category created: {}\".format(CategoryName))\n print(\"category_details={}\".format(r.content))\nelse:\n print(\"Failed to create category - %s\"%CategoryName)\n print(r.content)","type":"","command_line_args":"","exit_status":[],"script_type":"static"},"timeout_secs":"0","type":"EXEC","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create IDP","attrs":{"exit_status":[],"script":"# script\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"localhost\"\npc_username =\"@@{management_pc_username}@@\".strip()\npc_password = \"@@{management_pc_password}@@\".strip()\n\n#roles = ROLE_CLUSTER_VIEWER, ROLE_USER_ADMIN, ROLE_CLUSTER_ADMIN\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n \ndef wait_for_completion(data):\n if data.ok:\n state = data.json().get('status', None).get('state', None)\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password),\n verify=False) \n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Error occured ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n print(\"Error occured ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n\ndef get_spec():\n return ({\n \"spec\":{\n \"name\":\"@@{idp_name}@@\",\n \"resources\":{\n \"idp_metadata\":\"\"}},\n \"metadata\":{\n \"kind\":\"identity_provider\"\n },\n \"api_version\":\"3.1.0\"\n })\n\ndef identity_providers():\n payload = get_spec()\n payload[\"spec\"][\"resources\"][\"idp_metadata\"] = \"\"\"@@{idp_metadata}@@\"\"\"\n url = _build_url(scheme=\"https\",\n resource_type=\"\/identity_providers\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username,pc_password),\n timeout=None, verify=False)\n print(\"======================================\")\n print(payload)\n print(data.json())\n wait_for_completion(data)\n\n idp_uuid = data.json()[\"metadata\"][\"uuid\"]\n print(\"idp_details={}\".format({\"name\":\"@@{idp_name}@@\",\n \"uuid\":idp_uuid}))\n return idp_uuid\n \n \ndef create_role_mapping(idp_uuid):\n query_string = \"&entityType=USER&role=ROLE_CLUSTER_VIEWER\"\n url = \"https:\/\/%s:9440\/PrismGateway\/services\/rest\/v1\/\"\\\n \"authconfig\/identity_providers\/%s\/role_mappings?%s\"%(PC_IP,\n idp_uuid,\n query_string)\n payload = {\"role\":\"ROLE_CLUSTER_VIEWER\",\"entityType\":\"USER\",\n \"idpUuid\":idp_uuid,\n \"entityValues\":[\"idpuser10@calmsaastest.com\"]}\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username,pc_password),\n timeout=None, verify=False)\n if not data.ok:\n print(\"Error :- \",data.json())\n exit(1)\n print(data.json())\n\nidp_details = {}\nurl = _build_url(scheme=\"https\",\n resource_type=\"\/identity_providers\/list\")\ndata = requests.post(url, json={\"kind\": \"identity_provider\"},\n auth=HTTPBasicAuth(pc_username,pc_password),\n timeout=None, verify=False)\ntotal_match = data.json()[\"metadata\"]['total_matches']\nif total_match > 0:\n for x in data.json()['entities']:\n if x['status']['resources']['idp_properties']['idp_url'] in '''@@{idp_metadata}@@''':\n idp_details[\"uuid\"] = x['metadata']['uuid']\n idp_details['name'] = x['status']['name']\n\nparams = set\nif not idp_details.get('uuid',None):\n idp_uuid = identity_providers()\n idp_details['idp_uuid'] = idp_uuid\n idp_details['name'] = \"Tenant_{}_IDP\".format(\"@@{tenant_name}@@\".strip())\n #create_role_mapping(idp_uuid)\nprint(\"idp_details={}\".format(idp_details))","eval_variables":["idp_details"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create External Subnet","attrs":{"exit_status":[],"script":"#script\n\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"@@{PC_IP}@@\".strip()\npc_username = \"@@{prism_central_username}@@\".strip()\npc_password = \"@@{prism_central_passwd}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n \ndef _get_cluster_details(cluster_name):\n cluster_details = {'kind':'cluster'}\n payload = {\"kind\": \"cluster\"}\n url = _build_url(scheme=\"https\",\n resource_type=\"\/clusters\/list\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if data.ok:\n for _cluster in data.json()['entities']:\n if _cluster['status']['name'] == cluster_name:\n cluster_details['uuid'] = str(_cluster['metadata']['uuid'])\n return cluster_details\n print(\"Input Error :- Given cluster %s not present on %s\"%(cluster_name, PC_IP))\n exit(1)\n else:\n print(\"Error while fetching %s cluster info\"%cluster_name)\n print(data.json().get('message_list',data.json().get('error_detail', data.json())))\n exit(1)\n \ndef _get_virtual_switch_uuid(virtual_switch_name):\n cluster = \"@@{cluster_name}@@\".strip()\n _cluster = _get_cluster_details(cluster)\n cluster_uuid = _cluster['uuid']\n payload = {\"entity_type\": \"distributed_virtual_switch\", \n \"filter\": \"name==%s\"%virtual_switch_name}\n url = _build_url(scheme=\"https\",\n resource_type=\"\/groups\") \n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n verify=False)\n if data.ok:\n _uuid = data.json()['group_results'][0]['entity_results'][0]['entity_id']\n _url = \"https:\/\/%s:9440\/api\/networking\/v2.a1\/dvs\/virtual-switches\/%s?proxyClusterUuid=%s\"%(PC_IP,\n _uuid,\n cluster_uuid)\n _data = requests.get(_url, auth=HTTPBasicAuth(pc_username, pc_password),verify=False)\n if _data.json()['data']['name'] == virtual_switch_name:\n print(\"virtual switch uuid ----> \",_uuid)\n return str(_uuid)\n else:\n print(\"Input Error :- %s virtual switch not present on %s\"%(virtual_switch_name, PC_IP))\n exit(1)\n else:\n print(\"Error while fetching virtual switch details :- \",data.json().get('message_list',\n data.json().get('error_detail', \n data.json())))\n\ndef _get_default_spec():\n return (\n {\n \"api_version\": \"3.1.0\",\n \"metadata\": {\"kind\": \"subnet\"},\n \"spec\": {\n \"name\": \"\",\n \"resources\": {\n \"ip_config\": {},\n \"subnet_type\": None,\n },\n },\n }\n )\n\ndef _get_ipam_spec(**params):\n ipam_spec = {}\n if params['set_ipam'] == 'yes':\n ipam_spec = _get_default_ipconfig_spec()\n ipam_config = params[\"ipam\"]\n ipam_spec[\"subnet_ip\"] = ipam_config[\"network_ip\"]\n ipam_spec[\"prefix_length\"] = ipam_config[\"network_prefix\"]\n ipam_spec[\"default_gateway_ip\"] = ipam_config[\"gateway_ip\"]\n pools = []\n pools.append(params[\"ip_pools\"])\n ipam_spec[\"pool_list\"] = pools\n return ipam_spec\n\ndef _get_default_ipconfig_spec():\n return (\n {\n \"subnet_ip\": None,\n \"prefix_length\": None,\n \"default_gateway_ip\": None,\n \"pool_list\": [],\n }\n )\n\ndef create_external_subnet(**params):\n params['ipam_spec'] = _get_ipam_spec(**params)\n cluster_details = _get_cluster_details(cluster_name=params['cluster_name'])\n payload = _get_default_spec()\n if params['uuid'] != \"None\":\n payload[\"spec\"]['uuid'] = params['uuid']\n payload[\"spec\"]['name'] = params['name']\n payload[\"spec\"][\"resources\"][\"subnet_type\"] = \"VLAN\"\n payload[\"spec\"][\"resources\"][\"vlan_id\"] = params['vlan_id']\n payload[\"spec\"][\"resources\"][\"ip_config\"] = params['ipam_spec']\n payload[\"spec\"][\"cluster_reference\"] = cluster_details\n if params['enable_nat'] == False:\n switch_details = _get_virtual_switch_uuid(params['virtual_switch_name'])\n payload[\"spec\"][\"resources\"][\"virtual_switch_uuid\"] = switch_details\n payload[\"spec\"][\"resources\"][\"is_external\"] = True\n payload[\"spec\"][\"resources\"][\"enable_nat\"] = params['enable_nat']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/subnets\")\n while True:\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username,pc_password),\n timeout=None, verify=False)\n if data.ok:\n task_uuid = wait_for_completion(data=data, vlan_id=params['vlan_id'])\n if task_uuid == {}:\n _uuid = data.json()['metadata']['uuid']\n _name = params['name']\n else:\n _uuid = task_uuid[\"uuid\"]\n _name = task_uuid[\"name\"]\n return {\"uuid\": _uuid, \"name\": _name}\n\n elif \"subnet exists with vlan id\" in str(data.json()).lower():\n _url = _build_url(scheme=\"https\",resource_type=\"\/subnets\/list\")\n _data = requests.post(_url, json={\"kind\":\"subnet\"},\n auth=HTTPBasicAuth(pc_username,pc_password),\n verify=False)\n if _data.ok:\n if _data.json()['metadata']['total_matches'] > 0:\n for _subnet in _data.json()['entities']:\n if \"vlan_id\" not in _subnet['spec']['resources'].keys():\n continue\n if _subnet['spec']['resources']['vlan_id'] == params['vlan_id']:\n return {\"uuid\":_subnet['metadata']['uuid'], \"name\":_subnet[\"spec\"][\"name\"]}\n print(\"Error :- No subnet found on host with VLAN ID %s\"%params['vlan_id'])\n exit(1)\n else:\n print(\"Error :- No subnet found on host\")\n exit(1)\n else:\n print(\"Error while fetching external subnet details.\")\n print(data.json().get('message_list', data.json().get('error_detail', data.json())))\n exit(1)\n else:\n print(\"Failed to create external subnet ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n\ndef wait_for_completion(data, vlan_id=None):\n if data.ok:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if responce.json()['status'] in ['PENDING', 'RUNNING','QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n if \"subnet exists with vlan id\" in str(responce.json()).lower():\n print(\"Another external subnet exist with sam VLAN ID, fetching details..\")\n _url = _build_url(scheme=\"https\",resource_type=\"\/subnets\/list\")\n _data = requests.post(_url, json={\"kind\":\"subnet\"},\n auth=HTTPBasicAuth(pc_username,pc_password),\n verify=False)\n if _data.ok:\n if _data.json()['metadata']['total_matches'] > 0:\n for _subnet in _data.json()['entities']:\n if \"vlan_id\" not in _subnet['spec']['resources'].keys():\n continue\n if _subnet['spec']['resources']['vlan_id'] == vlan_id:\n return {'uuid':_subnet['metadata']['uuid'],\"name\":_subnet['spec']['name']}\n print(\"Error :- No subnet found on host with VLAN ID %s\"%vlan_id)\n exit(1)\n else:\n print(\"Error :- No subnet found on host\")\n exit(1)\n else:\n print(\"Error while fetching external subnet details.\")\n print(data.json().get('message_list', data.json().get('error_detail', data.json())))\n exit(1)\n else:\n print(\"Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n return {}\n \ndef _get_vlan_id():\n url = _build_url(scheme=\"https\",resource_type=\"\/subnets\/list\")\n data = requests.post(url, json={\"kind\":\"subnet\"},\n auth=HTTPBasicAuth(pc_username, \n pc_password),\n timeout=None, verify=False)\n if data.ok:\n vlan_id = []\n for x in data.json()['entities']:\n print(x['spec']['resources'])\n vlan_id.append(x['spec']['resources'].get('vlan_id', 0))\n id = 10\n while True:\n if id in vlan_id:\n id+=1\n else:\n break\n return id\n else:\n print(\"Error while fetching subnet list :- \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\ndef set_params():\n params_dict = @@{external_subnet_items}@@\n params['name'] = params_dict['name']\n params['uuid'] = params_dict.get('uuid', \"None\")\n params['enable_nat'] = params_dict.get('enable_nat', False)\n params['cluster_name'] = params_dict.get('cluster', \"None\")\n params['vlan_id'] = @@{external_vlan_id}@@\n params['virtual_switch_name'] = params_dict.get('virtual_switch_name', \"None\")\n params['ipam'] = {}\n params['set_ipam'] = \"yes\"\n params['ipam']['network_ip'] = params_dict.get('network_ip', 'None')\n params['ipam']['network_prefix'] = params_dict.get('prefix', 'None')\n params['ipam']['gateway_ip'] = params_dict['gateway_ip']\n params['ip_pools'] = params_dict['ip_pools']\n\nparams = {}\nset_params()\nsubnet = create_external_subnet(**params)\nprint(\"external_subnet_details={}\".format(subnet))","eval_variables":["external_subnet_details"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create VPC","attrs":{"exit_status":[],"script":"#script\n\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"@@{PC_IP}@@\".strip()\npc_username = \"@@{prism_central_username}@@\".strip()\npc_password = \"@@{prism_central_passwd}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef _get_default_spec():\n return(\n {\n \"api_version\": \"3.1.0\",\n \"metadata\": {\"kind\": \"vpc\", \"categories\": {}},\n \"spec\": {\n \"name\": None,\n \"resources\": {\n \"external_subnet_list\": []\n },\n },\n })\n\ndef create_vpc(**params):\n payload = _get_default_spec()\n if params['uuid'] != \"None\":\n payload[\"spec\"]['uuid'] = params['uuid']\n payload[\"spec\"]['name'] = params['name']\n if params.get(\"common_domain_name_server_ip_list\", \"None\") != \"None\":\n payload[\"spec\"][\"resources\"][\"common_domain_name_server_ip_list\"] = \\\n params[\"common_domain_name_server_ip_list\"]\n payload[\"spec\"][\"resources\"][\"external_subnet_list\"] = \\\n params[\"external_subnet_list\"]\n if params.get(\"externally_routable_prefix_list\", \"None\") != \"None\":\n payload[\"spec\"][\"resources\"][\"externally_routable_prefix_list\"] = \\\n params[\"externally_routable_prefix_list\"]\n url = _build_url(scheme=\"https\",\n resource_type=\"\/vpcs\") \n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password ),\n timeout=None, verify=False)\n \n if not data.ok:\n print(\"Got Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n else:\n task_uuid = wait_for_completion(data)\n vpc = {\"name\": params['name'], \n \"uuid\":data.json()['metadata']['uuid'],\n \"create_vpc_task_uuid\": task_uuid}\n create_static_route(vpc[\"uuid\"])\n return vpc\n \ndef _get_route_spec(vpc_uuid, subnet_uuid,subnet_name):\n ip_prefix = \"0.0.0.0\/0\"\n url = _build_url(scheme=\"https\",\n resource_type=\"\/vpcs\/%s\/route_tables\"%vpc_uuid)\n data = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password), verify=False)\n if data.ok:\n responce = data.json()\n del responce[\"status\"]\n for x in [\"last_update_time\",\"creation_time\",\"spec_hash\",\"categories_mapping\",\"owner_reference\",\"categories\"]:\n if x in responce[\"metadata\"].keys():\n del responce[\"metadata\"][x]\n else:\n print(\"Error while fetching VPCs static route details.\")\n exit(1)\n static_route = {\"nexthop\": {\n \"external_subnet_reference\": {\n \"kind\": \"subnet\",\n \"name\": subnet_name,\n \"uuid\": subnet_uuid\n }\n },\n \"destination\": ip_prefix}\n responce[\"spec\"][\"resources\"][\"static_routes_list\"].append(static_route)\n return responce\n\ndef create_static_route(vpc_uuid):\n subnet = @@{external_subnet_details}@@\n subnet_uuid = subnet[\"uuid\"]\n subnet_name = subnet[\"name\"]\n payload = _get_route_spec(vpc_uuid, subnet_uuid, subnet_name)\n url = _build_url(scheme=\"https\",\n resource_type=\"\/vpcs\/%s\/route_tables\"%vpc_uuid)\n data = requests.put(url, json=payload, \n auth=HTTPBasicAuth(pc_username, pc_password), verify=False)\n wait_for_completion(data)\n \ndef wait_for_completion(data):\n if data.status_code in [200, 202]:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Got Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n print(\"Got Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n return data.json()['status']['execution_context']['task_uuid']\n\ndef set_params():\n params = {}\n print(\"##### creating VPC #####\")\n params_dict = @@{vpc_items}@@\n ext_subnet = @@{external_subnet_details}@@\n params['name'] = params_dict['name']\n params['uuid'] = params_dict.get('uuid', \"None\")\n if params_dict.get(\"dns_servers\", \"None\") != \"None\":\n params[\"common_domain_name_server_ip_list\"] = [{}]\n params[\"common_domain_name_server_ip_list\"][0]['ip'] = \\\n params_dict.get('dns_servers', 'None')\n params[\"external_subnet_list\"] = [{}]\n if params_dict.get(\"externally_routable_ip\", \"None\") != \"None\":\n params[\"externally_routable_prefix_list\"] = [{}]\n params[\"externally_routable_prefix_list\"][0][\"ip\"] = \\\n params_dict[\"externally_routable_ip\"]\n params[\"externally_routable_prefix_list\"][0][\"prefix_length\"] = \\\n params_dict[\"externally_routable_ip_prefix\"]\n \n if params_dict.get(\"external_subnet_name\", \"None\") != \"None\":\n params[\"external_subnet_list\"][0][\"external_subnet_reference\"] = {}\n params[\"external_subnet_list\"][0][\"external_subnet_reference\"][\"kind\"] = \"subnet\"\n params[\"external_subnet_list\"][0][\"external_subnet_reference\"][\"name\"] = \\\n params_dict[\"external_subnet_name\"]\n params[\"external_subnet_list\"][0][\"external_subnet_reference\"][\"uuid\"] = ext_subnet[\"uuid\"]\n \n if params_dict.get(\"external_subnet_uuid\", \"None\") != \"None\":\n params[\"external_subnet_list\"][0][\"external_subnet_reference\"][\"uuid\"] = \\\n params_dict['external_subnet_uuid']\n return params\nparams = set_params()\nvpc_details = create_vpc(**params)\nprint(\"vpc_details={}\".format(vpc_details))","eval_variables":["vpc_details"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create Overlay Subnet","attrs":{"exit_status":[],"script":"#script\n\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"@@{PC_IP}@@\".strip()\npc_username = \"@@{prism_central_username}@@\".strip()\npc_password = \"@@{prism_central_passwd}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef _get_default_spec():\n return (\n {\n \"api_version\": \"3.1.0\",\n \"metadata\": {\"kind\": \"subnet\"},\n \"spec\": {\n \"name\": \"\",\n \"resources\": {\n \"ip_config\": {},\n \"subnet_type\": None,\n },\n },\n }\n )\n\ndef _get_ipam_spec(**params):\n ipam_spec = {}\n if params['set_ipam'] == 'yes':\n ipam_spec = _get_default_ipconfig_spec()\n ipam_config = params[\"ipam\"]\n ipam_spec[\"subnet_ip\"] = ipam_config[\"network_ip\"]\n ipam_spec[\"prefix_length\"] = ipam_config[\"network_prefix\"]\n ipam_spec[\"default_gateway_ip\"] = ipam_config[\"gateway_ip\"]\n pools = []\n for ip_pools in params['ip_pool']:\n pools.append({\"range\": \"%s %s\"%(ip_pools['ip_pools_start_ip'], \n ip_pools['ip_pools_end_ip'])}) \n ipam_spec[\"pool_list\"] = pools\n if \"dhcp_options\" in ipam_config:\n dhcp_spec = _get_default_dhcp_spec()\n dhcp_config = ipam_config[\"dhcp_options\"]\n if dhcp_config['domain_name_server_list'] != 'None': \n dhcp_spec[\"domain_name_server_list\"] = dhcp_config[\"domain_name_server_list\"]\n if dhcp_config[\"domain_search_list\"] != 'None':\n dhcp_spec[\"domain_search_list\"] = dhcp_config[\"domain_search_list\"]\n if dhcp_config[\"domain_name\"] != 'None':\n dhcp_spec[\"domain_name\"] = dhcp_config[\"domain_name\"]\n if dhcp_config[\"boot_file_name\"] != 'None':\n dhcp_spec[\"boot_file_name\"] = dhcp_config[\"boot_file_name\"]\n if dhcp_config[\"tftp_server_name\"] != 'None':\n dhcp_spec[\"tftp_server_name\"] = dhcp_config[\"tftp_server_name\"]\n ipam_spec[\"dhcp_options\"] = dhcp_spec\n return ipam_spec\n\ndef _get_default_ipconfig_spec():\n return (\n {\n \"subnet_ip\": None,\n \"prefix_length\": None,\n \"default_gateway_ip\": None,\n \"pool_list\": [],\n }\n )\n\ndef _get_default_dhcp_spec():\n return (\n {\n \"domain_name_server_list\": [],\n \"domain_search_list\": [],\n \"domain_name\": \"\",\n \"boot_file_name\": \"\",\n \"tftp_server_name\": \"\",\n }\n )\n\ndef wait_for_completion(data):\n if data.status_code in [200, 202]:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Got Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n print(\"Got Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n return data.json()['status']['execution_context']['task_uuid'] \n \ndef create_overlay_subnet():\n params = {}\n print(\"##### Creating Overlay Subnets #####\")\n params_dict = @@{overlay_subnet_items}@@\n params['vpc_name'] = params_dict.get('vpc_name', 'None')\n params['ipam'] = {}\n params['set_ipam'] = \"yes\"\n params['ipam']['network_ip'] = params_dict.get('network_ip', 'None')\n params['ipam']['network_prefix'] = params_dict.get('prefix', 'None')\n params['ipam']['gateway_ip'] = params_dict.get('gateway_ip', 'None')\n params['ip_pool'] = params_dict['ip_pool']\n params['dhcp'] = params_dict.get('dhcp', 'None')\n params['ipam']['dhcp_options'] = {}\n params['ipam']['dhcp_options']['domain_name_server_list'] = params_dict.get('dns_servers', 'None')\n params['ipam']['dhcp_options']['domain_search_list'] = params_dict.get('domain_search', 'None')\n params['ipam']['dhcp_options']['domain_name'] = params_dict.get('domain_name', 'None')\n params['ipam']['dhcp_options']['boot_file_name'] = params_dict.get('boot_file', \"None\")\n params['ipam']['dhcp_options']['tftp_server_name'] = params_dict.get('tftp_server', \"None\")\n \n payload = _get_default_spec()\n if params_dict.get('vpc_name', 'None') != 'None':\n vpc_details = @@{vpc_details}@@\n params['vpc_reference'] = {\"kind\": \"vpc\", \"uuid\": vpc_details[\"uuid\"]}\n payload[\"spec\"][\"resources\"][\"vpc_reference\"] = params['vpc_reference']\n payload[\"spec\"]['name'] = params_dict['subnet_name']\n payload[\"spec\"][\"resources\"][\"subnet_type\"] = \"OVERLAY\"\n \n if params_dict.get('network_ip', 'None') != 'None':\n params['ipam_spec'] = _get_ipam_spec(**params)\n print(\"Overlay Subnet IP range - %s\"%params['ip_pool'])\n payload[\"spec\"][\"resources\"][\"ip_config\"] = params['ipam_spec']\n\n\n url = _build_url(scheme=\"https\",\n resource_type=\"\/subnets\") \n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n task_uuid = wait_for_completion(data)\n details = {\"uuid\":data.json()['metadata']['uuid'],\n \"name\": params_dict['subnet_name'],\n \"create_subnet_task_uuid\": task_uuid}\n print(\"overlay_subnet_details={}\".format(details))\ncreate_overlay_subnet()","eval_variables":["overlay_subnet_details"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create Project","attrs":{"exit_status":[],"script":"# script\n\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nROLE_ADMIN = \"Project Admin\"\nROLE_OPERATOR = \"Operator\"\nROLE_DEVELOPER = \"Developer\"\nROLE_CONSUMER = \"Consumer\"\nROOT_OU = 'tenants'\n\nPC_IP = \"localhost\"\nmanagement_username = \"@@{management_pc_username}@@\".strip()\nmanagement_password = \"@@{management_pc_password}@@\".strip()\n\ndef get_role_uuid(role_name):\n api_url = 'https:\/\/{}:9440\/api\/nutanix\/v3\/roles\/list'.format(PC_IP)\n payload = {\n 'filter': 'name=={}'.format(role_name),\n 'kind': 'role',\n 'offset': 0\n }\n r = requests.post(api_url, json=payload, \n auth=HTTPBasicAuth(management_username, management_password), \n timeout=None, verify=False)\n result = json.loads(r.content)\n if result.get('entities', 'None') != 'None':\n return result['entities'][0]['metadata']['uuid']\n else:\n print(\"Error :- {}\".format(r.content))\n exit(1)\n\ndef get_project_specs(project):\n url = _build_url(scheme=\"https\",\n resource_type=\"\/projects_internal\/{}\".format(project))\n data = requests.get(url,\n auth=HTTPBasicAuth(management_username, management_password),\n timeout=None, verify=False)\n if data.ok:\n return data.json()\n else:\n print(data.json())\n \ndef get_spec(role_uuid,user_uuid,user_name,idp_uuid,account_uuid,subnet_uuid,vpc_uuid,project_name,project_uuid,subnet_name):\n project_specs = get_project_specs(project_uuid)\n collection = \"ALL\"\n if \"@@{allow_collaboration}@@\".lower() == \"false\":\n collection = \"SELF_OWNED\"\n external_network = []\n subnet_reference = []\n if \"@@{account_name}@@\".strip() == \"NTNX_LOCAL_AZ\":\n subnet_reference = [\n {\n \"kind\": \"subnet\",\n \"name\": subnet_name,\n \"uuid\": subnet_uuid\n }\n ]\n else:\n external_network = [\n {\n \"name\": subnet_name,\n \"uuid\": subnet_uuid\n }\n ]\n \n return ({\n \"spec\": {\n \"access_control_policy_list\": [\n {\n \"acp\": {\n \"name\": \"ADMIN-ACP-@@{calm_now}@@\",\n \"resources\": {\n \"role_reference\": {\n \"name\": \"Project Admin\",\n \"uuid\": role_uuid,\n \"kind\": \"role\"\n },\n \"user_group_reference_list\": [],\n \"user_reference_list\": [\n {\n \"name\": user_name,\n \"kind\": \"user\",\n \"uuid\": user_uuid\n }\n ],\n \"filter_list\": {\n \"context_list\": [\n {\n \"scope_filter_expression_list\": [\n {\n \"operator\": \"IN\",\n \"left_hand_side\": \"PROJECT\",\n \"right_hand_side\": {\n \"uuid_list\": [\n project_uuid\n ]\n }\n }\n ],\n \"entity_filter_expression_list\": [\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"ALL\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n }\n ]\n },\n {\n \"entity_filter_expression_list\": [\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"image\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"marketplace_item\"\n },\n \"right_hand_side\": {\n \"collection\": \"SELF_OWNED\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"identity_provider\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"directory_service\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"custom_provider\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"virtual_network\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"resource_type\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"role\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"uuid_list\": [\n project_uuid\n ]\n },\n \"left_hand_side\": {\n \"entity_type\": \"project\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"user\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"user_group\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"environment\"\n },\n \"right_hand_side\": {\n \"collection\": \"SELF_OWNED\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"app_icon\"\n }\n },\n {\n \"operator\": \"IN\",\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n },\n \"left_hand_side\": {\n \"entity_type\": \"category\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"app_task\"\n },\n \"right_hand_side\": {\n \"collection\": \"SELF_OWNED\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"app_variable\"\n },\n \"right_hand_side\": {\n \"collection\": \"SELF_OWNED\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"vm_recovery_point\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"cluster\"\n },\n \"right_hand_side\": {\n \"uuid_list\": [\"@@{cluster_uuid}@@\"]\n }\n }\n ]\n },\n {\n \"scope_filter_expression_list\": [\n {\n \"operator\": \"IN\",\n \"left_hand_side\": \"PROJECT\",\n \"right_hand_side\": {\n \"uuid_list\": [\n project_uuid\n ]\n }\n }\n ],\n \"entity_filter_expression_list\": [\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"blueprint\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"environment\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n },\n {\n \"operator\": \"IN\",\n \"left_hand_side\": {\n \"entity_type\": \"marketplace_item\"\n },\n \"right_hand_side\": {\n \"collection\": \"ALL\"\n }\n }\n ]\n }\n ]\n }\n },\n \"description\": \"project admin acp @@{calm_now}@@\"\n },\n \"metadata\": {\n \"kind\": \"access_control_policy\"\n },\n \"operation\": \"ADD\"\n }\n ],\n \"project_detail\": {\n \"name\": project_name,\n \"resources\": {\n \"external_network_list\": external_network,\n \"account_reference_list\": [\n {\n \"kind\": \"account\",\n \"uuid\": account_uuid\n }\n ],\n \"user_reference_list\": [\n {\n \"name\": user_name,\n \"kind\": \"user\",\n \"uuid\": user_uuid\n }\n ],\n \"default_subnet_reference\": {\n \"kind\": \"subnet\",\n \"uuid\": subnet_uuid\n },\n \"vpc_reference_list\": [\n {\n \"kind\": \"vpc\",\n \"uuid\": vpc_uuid\n }\n ],\n \"tunnel_reference_list\": [],\n \"external_user_group_reference_list\": [],\n \"subnet_reference_list\": subnet_reference,\n \"resource_domain\": {},\n \"cluster_reference_list\": [\n {\n \"kind\": \"cluster\",\n \"uuid\": \"@@{cluster_uuid}@@\"\n }\n ],\n \"environment_reference_list\": []\n },\n \"description\": \"Tenant Onboarding Project\"\n },\n \"user_list\": [],\n \"user_group_list\": []\n },\n \"api_version\": project_specs[\"api_version\"],\n \"metadata\": {\n \"kind\": \"project\",\n \"uuid\":project_uuid,\n \"spec_version\":project_specs[\"metadata\"][\"spec_version\"]\n }})\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef _get_default_spec():\n return (\n {\n \"api_version\": \"3.1.0\",\n \"metadata\": {\"kind\": \"project\"},\n \"spec\": {\n \"project_detail\" : {\n \"name\": \"\",\n \"resources\": {}\n }\n }\n }\n )\n \ndef _get_user_spec():\n return ({\n \"api_version\": \"3.1.0\",\n \"metadata\": {\n \"kind\" : \"user\"\n },\n \"spec\": {\n \"resources\": {}\n }\n })\ndef is_user_exist_in_pc(user):\n _url = _build_url(scheme=\"https\",resource_type=\"\/users\/list\") \n _data = requests.post(_url, json={\"kind\":\"user\", \"filter\":\"username==%s\"%user},\n auth=HTTPBasicAuth(management_username, \n management_password),\n timeout=None, verify=False)\n if _data.ok:\n if _data.json()['metadata']['total_matches'] == 1:\n return _data.json()['entities'][0]['metadata']['uuid']\n elif _data.json()['metadata']['total_matches'] > 1:\n print(\"Found more than one user with samename in PC\")\n exit(1)\n else:\n return None\n else:\n print(\"Error while Fetching user details----> \",_data.json())\n exit(1)\n\ndef get_user_uuid(user, **params):\n\n user_uuid = is_user_exist_in_pc(user)\n if not user_uuid:\n payload = _get_user_spec() \n ad = @@{idp_details}@@\n payload['spec']['resources']['identity_provider_user'] = {}\n payload['spec']['resources']['identity_provider_user']\\\n ['username'] = user.strip()\n\n payload['spec']['resources']['identity_provider_user']\\\n ['identity_provider_reference'] = {}\n payload['spec']['resources']['identity_provider_user']\\\n ['identity_provider_reference']['kind'] = \"identity_provider\"\n payload['spec']['resources']['identity_provider_user']\\\n ['identity_provider_reference']['uuid'] = ad[\"uuid\"]\n \n url = _build_url(scheme=\"https\",resource_type=\"\/users\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(management_username, \n management_password),\n timeout=None, verify=False)\n\n if data.ok:\n wait_for_completion(data)\n return data.json()['metadata']['uuid']\n else:\n print(\"Error while Creating user details----> \",data.json())\n exit(1)\n else:\n return user_uuid\n \n # url = _build_url(scheme=\"https\",\n # resource_type=\"\/idempotence_identifiers\/salted\")\n # payload = {\"name_list\":[user]}\n # data = requests.post(url, json=payload,\n # auth=HTTPBasicAuth(management_username, management_password),\n # timeout=None, verify=False) \n # if data.ok:\n # _uuid = data.json()[\"name_uuid_list\"][0][user]\n # print(\"user_uuid----> %s\"%_uuid)\n # return _uuid\n # else:\n # print(\"Error while fetching user details :- \",data.json())\n # exit(1)\n \ndef create_empty_project(project_name):\n payload = {\n \"api_version\": \"3.0\",\n \"metadata\": {\n \"kind\": \"project\"\n },\n \"spec\": {\n \"project_detail\": {\n \"name\": project_name,\n \"resources\": {}\n },\n \"user_list\": [],\n \"user_group_list\": [],\n \"access_control_policy_list\": []\n }\n }\n \n url = _build_url(scheme=\"https\",resource_type=\"\/projects_internal\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(management_username, management_password),\n timeout=None, verify=False)\n if data.ok:\n wait_for_completion(data)\n else:\n print(\"Failed with Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n \n return data.json()[\"metadata\"][\"uuid\"]\n \ndef build_project(**params): \n vpc_details = @@{vpc_details}@@\n admin_role_uuid = get_role_uuid(ROLE_ADMIN)\n operator_role_uuid = get_role_uuid(ROLE_OPERATOR)\n developer_role_uuid = get_role_uuid(ROLE_DEVELOPER)\n consumer_role_uuid = get_role_uuid(ROLE_CONSUMER)\n print('ROLE_ADMIN_UUID={}'.format(admin_role_uuid))\n print('ROLE_OPERATOR_UUID={}'.format(operator_role_uuid))\n print('ROLE_DEVELOPER_UUID={}'.format(developer_role_uuid))\n print('ROLE_CONSUMER_UUID={}'.format(consumer_role_uuid))\n \n overlay_subnets = @@{overlay_subnet_details}@@\n subnet_uuid = overlay_subnets[\"uuid\"]\n subnet_name = overlay_subnets[\"name\"]\n \n account_uuid = \"\"\n if params.get('accounts', 'None') != \"None\":\n url = _build_url(scheme=\"https\",resource_type=\"\/accounts\/list\")\n data = requests.post(url, json={\"kind\":\"account\", \"filter\":\"name==%s\"%params['accounts']},\n auth=HTTPBasicAuth(management_username, management_password),\n timeout=None, verify=False) \n if params['accounts'] in str(data.json()):\n for new_data in data.json()['entities']:\n if new_data['metadata']['name'] == params['accounts']: \n account_uuid = new_data['metadata']['uuid']\n print(\"account_details={}\".format({\"uuid\": account_uuid}))\n else:\n print(\"Error : %s account not present on %s\"%(params['accounts'],PC_IP))\n exit(1) \n \n user_details = []\n all_users = []\n user = \"@@{project_admin_user}@@\".strip()\n user_uuid = get_user_uuid(user, **params)\n if user_uuid != \"None\":\n user_details.append({'name':user, 'uuid':user_uuid})\n print(\"user_details={}\".format(user_details))\n \n idp_uuid = @@{idp_details}@@\n\n #idp_uuid = idp['uuid']\n print(\"group_details={}\".format([]))\n vpc_uuid = @@{vpc_details}@@\n project_uuid = create_empty_project(project_name=params['name'])\n payload = get_spec(role_uuid=admin_role_uuid, \n user_uuid=user_details[0][\"uuid\"], \n user_name=user_details[0][\"name\"], \n idp_uuid=idp_uuid[\"uuid\"], \n account_uuid=account_uuid, \n subnet_uuid=subnet_uuid,\n vpc_uuid=vpc_uuid[\"uuid\"],\n project_name=params['name'],\n project_uuid=project_uuid,\n subnet_name=subnet_name)\n if params.get(\"quotas\", \"None\") != \"None\":\n payload[\"spec\"][\"project_detail\"][\"resources\"][\"resource_domain\"] = {} \n resources = []\n for resource in params['quotas']:\n if resource.get(\"mem_gb\", 0) != 0:\n mem_gb = resource[\"mem_gb\"] * 1024 * 1024 * 1024\n resources.append({\"resource_type\":\"MEMORY\", \"limit\":mem_gb})\n if resource.get(\"storage_gb\", 0) != 0:\n storage_gb = resource['storage_gb'] * 1024 * 1024 * 1024\n resources.append({\"resource_type\":\"STORAGE\", \"limit\":storage_gb})\n if resource.get(\"vcpu\", 0) != 0:\n resources.append({\"resource_type\":\"VCPUS\", \"limit\":resource['vcpu']})\n payload[\"spec\"][\"project_detail\"][\"resources\"][\"resource_domain\"] = {\"resources\": resources}\n \n url = _build_url(scheme=\"https\",resource_type=\"\/projects_internal\/%s\"%project_uuid)\n data = requests.put(url, json=payload,\n auth=HTTPBasicAuth(management_username, management_password),\n timeout=None, verify=False)\n if data.ok:\n wait_for_completion(data)\n else:\n print(\"Failed with Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n \n if 'status' not in data.json():\n print(\"Project %s not created successfully.\"%params['name'])\n print(data.json())\n exit(1)\n task_uuid = data.json()['status']['execution_context']['task_uuid']\n if 'metadata' in data.json():\n print(\"project_details={}\".format({\"uuid\":data.json()['metadata']['uuid'],\n \"name\": params['name'],\n \"create_project_task_uuid\": task_uuid}))\n else:\n print(\"Project not created successfully, Check inputs and payload\")\n print(data.json())\n exit(1)\n \ndef wait_for_completion(data):\n if data.ok:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(management_username,management_password), \n verify=False) \n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Got Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n state = data.json().get('state')\n if \"DUPLICATE_ENTITY\" not in str(data.json()):\n print(\"Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n\nprint(\"##### Creating a Project #####\")\nparams = @@{project_items}@@\nbuild_project(**params) ","eval_variables":["project_details","account_details","user_details","group_details","ROLE_DEVELOPER_UUID","ROLE_ADMIN_UUID","ROLE_OPERATOR_UUID","ROLE_CONSUMER_UUID"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create Tunnel for VPC","attrs":{"script":"#script\n\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"localhost\"\npc_user = \"@@{management_pc_username}@@\".strip()\npc_password = \"@@{management_pc_password}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef get_account_uuid():\n account = \"@@{account_name}@@\".strip()\n url = _build_url(scheme=\"https\",resource_type=\"\/accounts\/list\")\n data = requests.post(url, json={\"kind\":\"account\", \"filter\":\"name==%s\"%account},\n auth=HTTPBasicAuth(pc_user, pc_password),\n timeout=None, verify=False) \n if account in str(data.json()):\n for new_data in data.json()['entities']:\n if new_data['metadata']['name'] == account: \n account_uuid = new_data['metadata']['uuid']\n return account_uuid\n else:\n print(\"Error : %s account not present on %s\"%(account,PC_IP))\n exit(1) \n \ndef get_spec(**params):\n url = _build_url(scheme=\"https\",\n resource_type=\"\/idempotence_identifiers\")\n data = requests.post(url, json={\"count\": 1,\"valid_duration_in_minutes\": 527040},\n auth=HTTPBasicAuth(pc_user, pc_password),\n timeout=None, verify=False) \n if data.ok:\n _uuid = data.json()['uuid_list'][0]\n else:\n print(\"Error :- Failed to generate Idempotence UUID.\")\n exit(1)\n \n #account_uuid = get_account_uuid()\n \n return (\n {\"api_version\": \"3.1.0\",\n \"metadata\": {\n \"kind\": \"network_group_tunnel\"\n },\n \"spec\": {\n \"resources\": {\n \"platform_vpc_uuid_list\": [\n params[\"vpc_uuid\"]\n ],\n \"tunnel_reference\": {\n \"kind\": \"tunnel\",\n \"uuid\": _uuid,\n \"name\": params[\"tunnel_name\"]\n },\n \"account_reference\": {\n \"kind\": \"account\",\n \"uuid\": params[\"account_uuid\"]\n },\n \"tunnel_vm_spec\": {\n \"vm_name\": params[\"tunnel_name\"]+\"_\"+params[\"vpc_name\"]+\"_TunnelVM\",\n \"subnet_uuid\": params[\"overlay_subnet_uuid\"],\n \"cluster_uuid\": params[\"cluster_uuid\"]\n }\n },\n \"name\": params[\"tunnel_name\"]\n }\n })\n\ndef create_tunnel(**params):\n payload = get_spec(**params)\n url = _build_url(scheme=\"https\",\n resource_type=\"network_groups\/tunnels\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_user,pc_password),\n timeout=None, verify=False)\n wait_for_completion(data)\n \ndef wait_for_completion(data):\n if data.ok:\n state = 'PENDING'\n while state == \"PENDING\":\n _uuid = data.json()[\"request_id\"]\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_user, pc_password),\n verify=False) \n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Error occured ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', \n responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"SUCCEEDED\"\n else:\n print(\"Error occured ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n\nvpc = @@{vpc_details}@@\n#account = @@{account_details}@@\noverlay_subnet = @@{overlay_subnet_details}@@\nparams = {\"vpc_name\" : vpc[\"name\"],\n \"vpc_uuid\" : vpc[\"uuid\"],\n \"account_name\" : \"@@{account_name}@@\".strip(),\n \"account_uuid\" : get_account_uuid(),\n \"overlay_subnet_uuid\" : overlay_subnet[\"uuid\"],\n \"cluster_uuid\" : \"@@{cluster_uuid}@@\",\n \"tunnel_name\" : \"@@{tenant_name}@@_VPC_Tunnel\"\n }\ncreate_tunnel(**params)","type":"","command_line_args":"","exit_status":[],"script_type":"static"},"timeout_secs":"0","type":"EXEC","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Set Quota","attrs":{"script":"# script\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"localhost\"\npc_username = \"@@{management_pc_username}@@\".strip()\npc_password = \"@@{management_pc_password}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef cluster_details(cluster=None):\n cluster_name = \"@@{cluster_name}@@\".strip()\n if cluster != None:\n cluster_name = cluster\n payload = {\"kind\": \"cluster\"}\n url = _build_url(scheme=\"https\",\n resource_type=\"\/clusters\/list\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password), \n verify=False)\n if data.ok:\n for _cluster in data.json()['entities']:\n if _cluster['status']['name'] == cluster_name:\n return(str(_cluster['metadata']['uuid']))\n print(\"Input Error :- Given cluster %s not present on %s\"%(cluster_name, PC_IP))\n exit(1)\n else:\n print(\"Error while fetching %s cluster info\"%cluster_name)\n print(data.json().get('message_list',data.json().get('error_detail', data.json())))\n exit(1)\n \ndef add_quotas(account,**params):\n if params.get(\"quotas\", \"None\") != \"None\":\n memory = 0\n disk = 0\n vcpus = 0\n for resource in params['quotas']:\n if resource.get(\"mem_gb\", 0) != 0:\n mem_gb = resource[\"mem_gb\"] * 1024 * 1024 * 1024\n memory = mem_gb\n if resource.get(\"storage_gb\", 0) != 0:\n storage_gb = resource['storage_gb'] * 1024 * 1024 * 1024\n disk = storage_gb\n if resource.get(\"vcpu\", 0) != 0:\n vcpus = resource['vcpu']\n \n cluster_uuid = \"@@{cluster_uuid}@@\"\n project_details = @@{project_details}@@\n account_details = @@{account_details}@@\n entities = {}\n entities[\"account\"]=account_details['uuid']\n entities[\"cluster\"]=cluster_uuid\n entities[\"project\"]=project_details['uuid']\n\n if not account:\n entities = {\"project\": project_details['uuid']}\n \n url = _build_url(scheme=\"https\",\n resource_type=\"\/idempotence_identifiers\")\n data = requests.post(url, json={\"count\": 1,\"valid_duration_in_minutes\": 527040},\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n _uuid = data.json()['uuid_list'][0]\n payload = ({\n \"metadata\": {\n \"kind\": \"quota\",\n \"project_reference\": {\n \"kind\": \"project\",\n \"name\": project_details['name'],\n \"uuid\": project_details['uuid']\n },\n \"uuid\": _uuid\n },\n \"spec\": {\n \"resources\": {\n \"data\": {\n \"disk\": disk,\n \"vcpu\": vcpus,\n \"memory\": memory\n },\n \"entities\": entities,\n \"metadata\": {},\n \"uuid\": _uuid\n }\n }})\n \n url = \"https:\/\/{}:9440\/api\/calm\/v3.0\/quotas\".format(PC_IP)\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username, \n pc_password),\n timeout=None, verify=False)\n wait_for_completion(data) \n else:\n print(\"Quota not set for project %s\"%project_details['name'])\n \n enable_quota_state(account_details['uuid'], project_details['uuid'])\n \ndef enable_quota_state(account, project):\n payload = {\"spec\":{\n \"resources\":{\n \"entities\":{\n \"project\":project},\n \"state\":\"enabled\"\n }\n }\n }\n \n url = \"https:\/\/{}:9440\/api\/calm\/v3.0\/quotas\/update\/state\".format(PC_IP)\n data = requests.put(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n wait_for_completion(data) \n \n payload = {\"spec\":{\n \"resources\":{\n \"entities\":{\n \"account\":account,\n \"project\":project},\n \"state\":\"enabled\"\n }\n }\n }\n \n url = \"https:\/\/{}:9440\/api\/calm\/v3.0\/quotas\/update\/state\".format(PC_IP)\n data = requests.put(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n wait_for_completion(data) \n \ndef wait_for_completion(data):\n if data.status_code in [200, 202]:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(pc_username,pc_username), \n verify=False) \n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Got Error ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n print(\"Got Error ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n\nif (@@{project_vcpu}@@ != 0) or (@@{project_memory}@@ != 0) or (@@{project_disk_size}@@ != 0):\n params = @@{project_items}@@\n add_quotas(account=False,**params)\n params = @@{account_items}@@\n add_quotas(account=True,**params)\nelse:\n print(\"Info : Not setting Projects Quota, All Quota values are zero.\")","type":"","command_line_args":"","exit_status":[],"script_type":"static"},"timeout_secs":"0","type":"EXEC","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create Environment","attrs":{"exit_status":[],"script":"# script\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"@@{PC_IP}@@\".strip()\npc_username = \"@@{prism_central_username}@@\".strip()\npc_password = \"@@{prism_central_passwd}@@\".strip()\n\nmanagement_username = \"@@{management_pc_username}@@\".strip()\nmanagement_password = \"@@{management_pc_password}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef get_cluster_account_uuid():\n cluster_uuid = \"@@{cluster_uuid}@@\".strip()\n account_name = \"@@{account_name}@@\".strip()\n url = _build_url(scheme=\"https\",host=\"localhost\",resource_type=\"\/accounts\/list\")\n data = requests.post(url, json={\"kind\":\"account\",\"length\": 250},\n auth=HTTPBasicAuth(management_username, management_password),\n timeout=None, verify=False)\n if not data.ok:\n print(\"Error while fetching account details. -->\", data.json())\n exit(1)\n\n if account_name in str(data.json()):\n for new_data in data.json()['entities']:\n if new_data['metadata']['name'] == account_name:\n for _account in new_data[\"status\"][\"resources\"][\"data\"][\"cluster_account_reference_list\"]:\n if _account[\"resources\"][\"data\"][\"cluster_uuid\"] == cluster_uuid:\n return _account[\"uuid\"]\n print(\"Error : %s account not present on %s\"%(account_name,PC_IP))\n exit(1)\n else:\n print(\"Error : %s account not present on %s\"%(account_name,PC_IP))\n exit(1)\n\ndef _get_spec():\n tenantuuid = \"@@{tenant_uuid}@@\"\n account = get_cluster_account_uuid()\n print(\"Cluster account uuid : \",account)\n project_account = @@{account_details}@@\n project = @@{project_details}@@\n vpc_details = @@{vpc_details}@@\n project_subnet = @@{overlay_subnet_details}@@\n env_memory = (@@{project_memory}@@ \/ 2) * 1024\n subnet_references = []\n\n connection_type = \"POWERSHELL\"\n connection_port = 5985\n connection_protocol = \"http\"\n if \"@@{environment_os}@@\" == \"Linux\":\n connection_type = \"SSH\"\n connection_port = 22\n connection_protocol = \"\"\n\n nic_list = []\n nics = {}\n nics['subnet_reference'] = {'uuid': project_subnet[\"uuid\"]}\n subnet_references.append({'uuid': project_subnet[\"uuid\"]})\n nic_list.append(nics)\n\n url = _build_url(scheme=\"https\",\n resource_type=\"\/idempotence_identifiers\")\n data = requests.post(url, json={\"count\": 2,\"valid_duration_in_minutes\": 527040},\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n creds_uuid = \"\"\n substrate_uuid = \"\"\n if data.ok:\n creds_uuid = data.json()['uuid_list'][0]\n substrate_uuid = data.json()['uuid_list'][1]\n\n _creds_type = \"@@{credential_type}@@\"\n credential_definition_list = [\n \t\t{\n \t\t\"name\": \"@@{tenant_name}@@_cred\",\n \t\t\"type\": _creds_type,\n \t\t\"username\": \"@@{credential_username}@@\".strip(),\n \t\t\"secret\": {\n \t\t\"attrs\": {\n \t\t\"is_secret_modified\": True,\n \t\"secret_reference\" : {}\n \t\t},\n \t\t\"value\": \"\"\"@@{password_or_key}@@\"\"\"\n \t\t},\n \t\t\"uuid\": creds_uuid\n \t\t}]\n\n if _creds_type == \"KEY\":\n _pass = {\"passphrase\": {\n \"attrs\": {\n \"is_secret_modified\": True,\n },\n \"value\": \"@@{prism_central_passwd}@@\".strip()\n }\n }\n credential_definition_list[0].update(_pass)\n\n gpu_list = []\n disk_list = []\n boot_type = \"LEGACY\"\n boot_adapter = \"SCSI\"\n image_uuid = \"\"\n boot_index = 0\n boot_adapter = \"SCSI\"\n url = _build_url(scheme=\"https\",host=\"@@{PC_IP}@@\".strip(), resource_type=\"\/images\/list\")\n data = requests.post(url, json={\"kind\":\"image\", \"filter\":\"name==%s\"%\"@@{image_name}@@\".strip()},\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n if data.ok:\n if data.json()[\"metadata\"][\"total_matches\"] == 1:\n image_uuid = data.json()['entities'][0]['metadata']['uuid']\n else:\n print(\"There are '%s' total images with name - @@{image_name}@@\"%(\\\n data.json()[\"metadata\"][\"total_matches\"]))\n exit(1)\n else:\n print(\"Error -- %s Image not present on %s\"%(\"@@{image_name}@@\", PC_IP))\n disk_list.append({\n \"data_source_reference\": {\n \"kind\": \"image\",\n \"name\": \"@@{image_name}@@\".strip(),\n \"uuid\": image_uuid\n },\n \"device_properties\": {\n \"device_type\": \"DISK\",\n \"disk_address\": {\n \"device_index\": 0,\n \"adapter_type\": \"SCSI\"\n }\n }\n })\n\n serial_port = []\n serial_port.append({\"index\": 0, \"is_connected\": True})\n\n return ({\n \t\t\"api_version\": \"3.0\",\n \t\t\"metadata\": {\n \t\t\"kind\": \"environment\",\n \t\t\"project_reference\": {\n \t\t\"kind\": \"project\",\n \t\t\"name\": project['name'],\n \t\t\"uuid\": project['uuid']\n \t\t}\n \t\t},\n \t\t\"spec\": {\n \t\t\"name\": project['name']+\"_Environment\",\n \t\t\"description\": tenantuuid+project['name'],\n \t\t\"resources\": {\n \t\t\"substrate_definition_list\": [\n \t\t{\n \t\t\"variable_list\": [],\n \t\t\"type\": \"AHV_VM\",\n \t\t\"os_type\": \"@@{environment_os}@@\",\n \t\t\"action_list\": [],\n \t\t\"create_spec\": {\n \t\t\"name\": project['name']+\"_VM_@@{calm_random}@@\",\n \"categories\": {},\n \"cluster_reference\": {\n \"kind\": \"cluster\",\n \"name\": \"@@{cluster_name}@@\".strip(),\n \"uuid\": \"@@{cluster_uuid}@@\".strip()\n },\n \t\t\"resources\": {\n \t\t\"disk_list\": disk_list,\n \"gpu_list\": gpu_list,\n \"serial_port_list\": serial_port,\n \t\t\"nic_list\": nic_list,\n #\"power_state\": \"ON\",\n \t\t\"boot_config\": {\n \t\t\"boot_device\": {\n \t\t\"disk_address\": {\n \t\t\"device_index\": boot_index,\n \t\t\"adapter_type\": boot_adapter\n \t\t}\n \t\t},\n \t\t\"boot_type\": boot_type\n \t\t},\n \t\t\"num_sockets\": 2,\n \t\t\"num_vcpus_per_socket\": 1,\n \t\t\"memory_size_mib\": env_memory,\n \t\t\"account_uuid\": account\n\n \t\t},\n \t\t\"categories\": {\"TenantName\":\"@@{tenant_name}@@\".strip()}\n \t\t},\n \t\t\"readiness_probe\": {\n \t\t\"disable_readiness_probe\": True,\n \t\t\"connection_type\": connection_type,\n \t\t\"connection_port\": connection_port,\n \"connection_protocol\": connection_protocol,\n \"delay_secs\": \"5\",\n \t\t\"login_credential_local_reference\": {\n \t\t\"kind\": \"app_credential\",\n \t\t\"uuid\": creds_uuid\n \t\t},\n \"address\": \"\"\n \t\t},\n \t\t\"name\": \"@@{tenant_name}@@\".strip(),\n \"uuid\": substrate_uuid\n \t\t}\n \t\t],\n \t\t\"credential_definition_list\": credential_definition_list,\n \t\t\"infra_inclusion_list\": [\n \t\t{\n \t\t\"account_reference\": {\n \t\t\"uuid\": project_account['uuid'],\n \t\t\"kind\": \"account\"\n \t\t},\n \t\t\"type\": \"nutanix_pc\",\n \t\t\"subnet_references\": subnet_references,\n \t\t\"default_subnet_reference\": subnet_references[0],\n \"vpc_references\": [{\"uuid\":vpc_details[\"uuid\"]}],\n \"cluster_references\": [{\"uuid\":\"@@{cluster_uuid}@@\"}]\n \t\t}\n \t\t]\n \t\t}\n \t\t}})\n\ndef create_env():\n payload = _get_spec()\n guest_customization = {}\n if \"\"\"@@{guest_customization_script}@@\"\"\".lower() not in [\"\".strip(), \"none\", \"na\"]:\n if \"@@{environment_os}@@\" == \"Windows\":\n guest_customization = {\"sysprep\":{\"install_type\": 'FRESH',\n \"unattend_xml\": \"\"\"@@{guest_customization_script}@@\"\"\"}}\n else:\n guest_customization = {\"cloud_init\":{\"user_data\": \"\"\"@@{guest_customization_script}@@\"\"\"}}\n payload['spec']['resources']['substrate_definition_list'][0]['create_spec']\\\n ['resources']['guest_customization'] = guest_customization\n\n url = _build_url(scheme=\"https\",host=\"localhost\", resource_type=\"\/environments\")\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(management_username,management_password),\n timeout=None, verify=False)\n if not data.ok:\n print(\"Error while creating environment ---> \",data.json().get('message_list',\n data.json().get('error_detail', data.json())))\n exit(1)\n return {\"uuid\": data.json()['metadata']['uuid'],\n \t\t\t\"name\":payload['spec']['name'],\n \"default\": True}\nenvironment = {}\nif \"@@{create_environment}@@\".lower() == \"yes\":\n environment = create_env()\nprint(\"environment_details={}\".format(environment))\n","eval_variables":["environment_details"],"eval_scope":"local","type":"","script_type":"static"},"timeout_secs":"0","type":"SET_VARIABLE","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Update Project","attrs":{"script":"# script\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"localhost\"\npc_username = \"@@{management_pc_username}@@\".strip()\npc_password = \"@@{management_pc_password}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n \ndef _get_spec(project):\n url = _build_url(scheme=\"https\",\n resource_type=\"\/projects_internal\/{}\".format(project))\n data = requests.get(url,\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n return data.json()\n \ndef update_project(**params):\n project = @@{project_details}@@\n project_items = @@{project_items}@@\n payload = _get_spec(project['uuid'])\n for x in ['categories', 'categories_mapping', 'creation_time', 'last_update_time', 'owner_reference']:\n del payload['metadata'][x]\n del payload['status']\n payload['spec']['access_control_policy_list'][0]['operation'] = \"UPDATE\"\n #payload['spec']['access_control_policy_list'][0]['acp']\\\n # ['resources']['filter_list']['context_list'][0]\\\n # ['scope_filter_expression_list'][0]['right_hand_side']['uuid_list'] = [project['uuid']]\n \n #payload['spec']['access_control_policy_list'][0]['acp']['resources']\\\n # ['filter_list']['context_list'][1]['entity_filter_expression_list']\\\n # [4]['right_hand_side']['uuid_list'] = [project['uuid']]\n \n \n #payload['spec']['access_control_policy_list'][0]['acp']['resources']\\\n # ['filter_list']['context_list'][2]['scope_filter_expression_list']\\\n # [0]['right_hand_side']['uuid_list'] = [project['uuid']]\n \n environment_details = @@{environment_details}@@\n payload['spec']['project_detail']['resources']['environment_reference_list'] = []\n if \"@@{create_environment}@@\".lower() == \"yes\":\n payload['spec']['project_detail']['resources']\\\n ['environment_reference_list'].append({\"kind\":\"environment\",\n \"uuid\":environment_details['uuid']})\n payload['spec']['project_detail']['resources']\\\n [\"default_environment_reference\"] = {\"kind\":\"environment\",\n \"uuid\":environment_details['uuid']}\n \n url = _build_url(scheme=\"https\",\n resource_type=\"\/projects_internal\/{}\".format(project['uuid']))\n data = requests.put(url, json=payload,\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False)\n if data.ok:\n task = wait_for_completion(data) \n print(\"Project %s updated successfully\"%project['name'])\n else:\n print(\"Error while updating project : %s\"%data.json())\n exit(1)\n \ndef wait_for_completion(data):\n if data.ok:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(\n pc_username, pc_password),\n verify=False)\n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Error in project update ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n state = data.json().get('state')\n print(\"Error in project update ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n\nparams = @@{project_items}@@\nupdate_project(**params)","type":"","command_line_args":"","exit_status":[],"script_type":"static"},"timeout_secs":"0","type":"EXEC","variable_list":[]},{"retries":"0","description":"","inherit_target":false,"child_tasks_local_reference_list":[],"name":"Create Protection Policy","attrs":{"script":"# script\nimport requests\nfrom requests.auth import HTTPBasicAuth\n\nPC_IP = \"localhost\"\npc_username = \"@@{management_pc_username}@@\".strip()\npc_password = \"@@{management_pc_password}@@\".strip()\n\ndef _build_url(scheme, resource_type, host=PC_IP, **params):\n _base_url = \"\/api\/nutanix\/v3\"\n url = \"{proto}:\/\/{host}\".format(proto=scheme, host=host)\n port = params.get('nutanix_port', '9440')\n if port:\n url = url + \":{0}\".format(port) + _base_url\n if resource_type.startswith(\"\/\"):\n url += resource_type\n else:\n url += \"\/{0}\".format(resource_type)\n return url\n\ndef get_policy_spec(**params):\n url = _build_url(scheme=\"https\",\n resource_type=\"\/idempotence_identifiers\")\n data = requests.post(url, json={\"count\": 1,\"valid_duration_in_minutes\": 527040},\n auth=HTTPBasicAuth(pc_username, pc_password),\n timeout=None, verify=False) \n _uuid = \"\"\n if data.ok:\n _uuid = data.json()['uuid_list'][0]\n else:\n print(\"Error :- Failed to generate UUID for app_protection_rule\")\n exit(1)\n return (\n {\n \"api_version\": \"3.0\",\n \"metadata\": {\n \"kind\": \"app_protection_policy\",\n \"project_reference\": {\n \"kind\": \"project\",\n \"uuid\": params['project_uuid']\n }\n },\n \"spec\": {\n \"name\": \"Snapshot_Policy_@@{tenant_name}@@\",\n \"description\": \"\",\n \"resources\": {\n \"is_default\": True,\n \"ordered_availability_site_list\": [\n {\n \"environment_reference\": {\n \"kind\": \"environment\",\n \"uuid\": params['environment']\n },\n \"infra_inclusion_list\": {\n \"type\": \"nutanix_pc\",\n \"account_reference\": {\n \"kind\": \"account\",\n \"uuid\": params['account_uuid']\n },\n \"cluster_references\": [\n {\n \"kind\": \"cluster\",\n \"uuid\": params['cluster_uuid']\n }\n ]\n }\n }\n ],\n \"app_protection_rule_list\": [\n {\n \"name\": \"Protection_rule_@@{tenant_name}@@\",\n \"enabled\": True,\n \"local_snapshot_retention_policy\": {\n \"snapshot_expiry_policy\": {\n \"multiple\": 0\n }\n },\n \"first_availability_site_index\": 0,\n \"second_availability_site_index\": 0,\n \"uuid\": _uuid\n }\n ]\n }\n }\n })\n\ndef protection_policy(**params):\n payload = get_policy_spec(**params)\n url = \"https:\/\/%s:9440\/api\/calm\/v3.0\/app_protection_policies\"%PC_IP\n data = requests.post(url, json=payload,\n auth=HTTPBasicAuth(pc_username,pc_password),\n timeout=None, verify=False)\n #print(\"protection_policy_uuid={}\".format(data.json()[\"metadata\"][\"uuid\"]))\n #print(\"protection_rule_uuid={}\".format(data.json()[\"spec\"]\\\n # [\"resources\"][\"app_protection_rule_list\"][0][\"uuid\"]))\n wait_for_completion(data)\n \ndef wait_for_completion(data):\n if data.ok:\n state = data.json()['status'].get('state')\n while state == \"PENDING\":\n _uuid = data.json()['status']['execution_context']['task_uuid']\n url = _build_url(scheme=\"https\",\n resource_type=\"\/tasks\/%s\"%_uuid)\n responce = requests.get(url, auth=HTTPBasicAuth(\n pc_username, pc_password),\n verify=False)\n if responce.json()['status'] in ['PENDING', 'RUNNING', 'QUEUED']:\n state = 'PENDING'\n sleep(5) \n elif responce.json()['status'] == 'FAILED':\n print(\"Failed to create Snapshot Policy ---> \",responce.json().get('message_list', \n responce.json().get('error_detail', responce.json())))\n state = 'FAILED'\n exit(1)\n else:\n state = \"COMPLETE\"\n else:\n state = data.json().get('state')\n print(\"Failed to create Snapshot Policy ---> \",data.json().get('message_list', \n data.json().get('error_detail', data.json())))\n exit(1)\n \nparams = {}\nproject = @@{project_details}@@\nenvironment = @@{environment_details}@@\naccount = @@{account_details}@@\n\nparams['project_uuid'] = project['uuid']\nparams['environment'] = environment.get('uuid',None)\nparams['account_uuid'] = account['uuid']\nparams['cluster_uuid'] = \"@@{cluster_uuid}@@\"\n\nif environment:\n protection_policy(**params)\n print(\"Snapshot Policy Created Successfully.\")\nelse:\n print(\"Add environments to start creating snapshot policies.\")","type":"","command_line_args":"","exit_status":[],"script_type":"static"},"timeout_secs":"0","type":"EXEC","variable_list":[]}],"description":"","name":"a4e81cce_runbook","main_task_local_reference":{"kind":"app_task","name":"8ee0af0e_dag"},"variable_list":[{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"SECRET","name":"management_pc_username","value":"6ET8pClJeQh0gIGl5wP+YSGPByh\/NFAPOL7NAYpWHFHjeC7FRQ==:utf-8","label":"Management PC Username","attrs":{"is_secret_modified":false,"secret_reference":{},"type":"SECRET"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"SECRET","name":"management_pc_password","value":"fzoF+DqbjxO9qiJ9X+DWkubYLpzHpt1J4xeJQGSWjYSAkc0eD6yCLsvldg==:utf-8","label":"Management PC Password","attrs":{"is_secret_modified":false,"secret_reference":{},"type":"SECRET"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":""},"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"tenant_name","value":"at1","label":"Tenant Name","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"Click \"yes\" to cleanup any previous failed setup.","data_type":"BASE","type":"LOCAL","name":"delete_existing","value":"Yes","label":"Delete Existing setup","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":["Yes","No"]}},{"val_type":"STRING","is_mandatory":true,"description":"Example :- 10.44.46.56","data_type":"BASE","type":"LOCAL","name":"PC_IP","value":"10.44.76.167","label":"Workload PC IP","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^.*$"},"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"SECRET","name":"prism_central_username","value":"RkVZ68astd4pV+ljZqVfpt0KuKV\/enZ3Kw2uPNGpCvQZGCrg4g==:utf-8","label":"Workload PC Username","attrs":{"is_secret_modified":false,"secret_reference":{},"type":"SECRET"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"SECRET","name":"prism_central_passwd","value":"0H7joGr7+8jQM0fbC8mNJOPs8MQ\/eiGhkgfGwv5Veap6d1yNBOGBzhI4iA==:utf-8","label":"Workload PC Password","attrs":{"is_secret_modified":false,"secret_reference":{},"type":"SECRET"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":false,"description":"If IDP present on PC, Please provide same IDP Name.","data_type":"BASE","type":"LOCAL","name":"idp_name","value":"Calm_IDP","label":"IDP Name","attrs":{"type":""},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^(.|\\n)*$"},"val_type":"MULTILINE_STRING","is_mandatory":true,"description":"IDP Metadata XML Script","data_type":"BASE","type":"LOCAL","name":"idp_metadata","value":"<\/ds:Transforms>nMlSq1WMAjN5K5WXDsKhA0huZqilVn7SyY1V\/HyX4Rw=<\/ds:DigestValue><\/ds:Reference><\/ds:SignedInfo>ru1yfFhraJa\/sb4EoXqrrR7+\/e5DVTR\/riGdsJztHbR0E5uPrrn1wfCwdeLYAPj4dDGOT2S7lo49wMfVEVmheyfpdmaZVOvcUpRoZCbavlsWB+sUx6Vczgi70kceBVk0lb\/DPO\/VGq8FqBf9h2iOqnezwbt4RNSG+k6XXkIYLGUVP5BmU\/B8JvzTo9\/+MCUWV4mh1YAYum1XY8s5DfyG9io\/66t6cSG58BTNZ1mMxCfrxJ01zcci6ZxJFTCNATnsRmhNLTDv4PsjlWGcSECC010G8w8ryWos0v04a2h8Qq4cYaba8iB+ZYh9P69ooEusNjW+dPeEQznsDrq4CI6QRw==<\/ds:SignatureValue>MIIC9jCCAd6gAwIBAgIQUpnb\/DY\/iLVHyOoCXhftVzANBgkqhkiG9w0BAQsFADA3MTUwMwYDVQQDEyxBREZTIFNpZ25pbmcgLSBwaHhkZXZhZGZzMDEuY2FsbXNhYXN0ZXN0LmNvbTAeFw0yMTExMTcxMjQwMDdaFw0yMjExMTcxMjQwMDdaMDcxNTAzBgNVBAMTLEFERlMgU2lnbmluZyAtIHBoeGRldmFkZnMwMS5jYWxtc2Fhc3Rlc3QuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyR3yptRX8Huqhh2IkThm9BWiNKl8VQ2ca++zcF+Rrq79LfJEPNXHnYadCBp+kbWf43Sd+mPzujVdqq6MS2+zFsplxIm8h6lfZSAAxfqkHx7m2bD2TPdfBrO\/zdQ+9U3MVqcoZOu6ppIuGm8i9gpjOdArYYy\/k5HFkWvmm2zNSWPf0Vsg4iiU7lVpte\/5J7uVcoFazJFdKZNd7fjDw5favLzft+4EP\/nAf7vCHfAi8izfZcWn2+mcxddRb0WGSFAKNuCs6zUXHwcMJt6tfG7FFwaLL4k3tzTv2Z6TEmHpPwpONcEPs2Fxw5jO4kFPAdN2dXJDRWPQmEqwF5duODiPbwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBVleq4dFYrf1QdGfCBQqn6pt4nfhNLhqz1zwGl\/IJ84msx7gMLgN7c0XzzwA5NcJw5T\/r\/G9Sx+Wr9\/y6uSnPv5XQUwgFdpPqPsfi\/+u67Xr\/aKtNtw+MSdeZDTL+2EEj7RtBjmuq5a8VWuMHcyAHWp3QC3KJ4Uo3gFfeC6A3gAFUpx0zqr1sQQNhtcD0Wmytw+8mPRx2pPK3BrTP8Z7DOmylyESUdDErYifTp\/5xIC5ecgdIZesTG4rIT6nLlGyvcfaiA27SxXAwgXas0rnVo+BJpecKBwBJnHP9ifVmsxOu+hZNMN9h5CJHE0JpRBz0Lt+DoEjZaSKScjN7ubMpI<\/X509Certificate><\/X509Data><\/KeyInfo><\/ds:Signature>MIIC\/DCCAeSgAwIBAgIQXrVlrYCLCrNFzUpPABkaCzANBgkqhkiG9w0BAQsFADA6MTgwNgYDVQQDEy9BREZTIEVuY3J5cHRpb24gLSBwaHhkZXZhZGZzMDEuY2FsbXNhYXN0ZXN0LmNvbTAeFw0yMTExMTcxMjQwMDRaFw0yMjExMTcxMjQwMDRaMDoxODA2BgNVBAMTL0FERlMgRW5jcnlwdGlvbiAtIHBoeGRldmFkZnMwMS5jYWxtc2Fhc3Rlc3QuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7t7bbyGdj3LP+zUeezpZWrVBXhuGak4jg5qMxxAcsQBnEnXFHVbbc7NDHrxJD\/\/GCW8xKYnyf68gryhJ58sOm1uIkN+fQovlDPVx3gNg0p3KYUZJz\/uD2CT0lpLoGXr4a49iOTZJDbIpqIJlSsQdW4VtrA8wXUF9KmD7hYZHnmvHYXVu6Qbu0IA90T7t2AvGFLgqt5lR3xRfpqUUjfGCwPTgeq5E9Bxa+J8R+QFbdw84829ly+ij+qLwJSBn19lnbTwpBeKdJzT8H844+EF24Oj0KzYyJ+LA+F6nQXtNZ9pmA98ndqUapd9rmFr1ltOA1PUthCQ\/H02NrwFAiPmitwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQA0CniMj1WENmWoENigOxlujrj9QBuhggR1UtJp8BXl5wKcMEqfMDjppqpRiQBW6AJXI1EwUVKgNSeosgyCbGtEDYlu7pGv+5NRkp+z+5Nb\/VmpATgKPaVX9aQsmegWl5tfRVaRU5s\/qks5lmXrBdl7OTtYtf6J49561wkyyq3ZKT0rLQbR7YpkDMfcBG6LbcseLh10+FPJNUeJlFTIWEW8y0JxeOPInp6Vr5a+hQW+nCmsR27wNB1TKDP0CPat+TyajRyIIYlvWlnBRgAEEZJDMaoXsUhvvoiQ4XkFtFS5W3KeYdxViVsMPuicPvEEhh2mj2ELyRZnzefPoEC\/DuzI<\/X509Certificate><\/X509Data><\/KeyInfo><\/KeyDescriptor>E-Mail Address<\/auth:DisplayName>The e-mail address of the user<\/auth:Description><\/auth:ClaimType>Given Name<\/auth:DisplayName>The given name of the user<\/auth:Description><\/auth:ClaimType>Name<\/auth:DisplayName>The unique name of the user<\/auth:Description><\/auth:ClaimType>UPN<\/auth:DisplayName>The user principal name (UPN) of the user<\/auth:Description><\/auth:ClaimType>Common Name<\/auth:DisplayName>The common name of the user<\/auth:Description><\/auth:ClaimType>AD FS 1.x E-Mail Address<\/auth:DisplayName>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0<\/auth:Description><\/auth:ClaimType>Group<\/auth:DisplayName>A group that the user is a member of<\/auth:Description><\/auth:ClaimType>AD FS 1.x UPN<\/auth:DisplayName>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0<\/auth:Description><\/auth:ClaimType>Role<\/auth:DisplayName>A role that the user has<\/auth:Description><\/auth:ClaimType>Surname<\/auth:DisplayName>The surname of the user<\/auth:Description><\/auth:ClaimType>PPID<\/auth:DisplayName>The private identifier of the user<\/auth:Description><\/auth:ClaimType>Name ID<\/auth:DisplayName>The SAML name identifier of the user<\/auth:Description><\/auth:ClaimType>Authentication time stamp<\/auth:DisplayName>Used to display the time and date that the user was authenticated<\/auth:Description><\/auth:ClaimType>Authentication method<\/auth:DisplayName>The method used to authenticate the user<\/auth:Description><\/auth:ClaimType>Deny only group SID<\/auth:DisplayName>The deny-only group SID of the user<\/auth:Description><\/auth:ClaimType>Deny only primary SID<\/auth:DisplayName>The deny-only primary SID of the user<\/auth:Description><\/auth:ClaimType>Deny only primary group SID<\/auth:DisplayName>The deny-only primary group SID of the user<\/auth:Description><\/auth:ClaimType>Group SID<\/auth:DisplayName>The group SID of the user<\/auth:Description><\/auth:ClaimType>Primary group SID<\/auth:DisplayName>The primary group SID of the user<\/auth:Description><\/auth:ClaimType>Primary SID<\/auth:DisplayName>The primary SID of the user<\/auth:Description><\/auth:ClaimType>Windows account name<\/auth:DisplayName>The domain account name of the user in the form of domain\\user<\/auth:Description><\/auth:ClaimType>Is Registered User<\/auth:DisplayName>User is registered to use this device<\/auth:Description><\/auth:ClaimType>Device Identifier<\/auth:DisplayName>Identifier of the device<\/auth:Description><\/auth:ClaimType>Device Registration Identifier<\/auth:DisplayName>Identifier for Device Registration<\/auth:Description><\/auth:ClaimType>Device Registration DisplayName<\/auth:DisplayName>Display name of Device Registration<\/auth:Description><\/auth:ClaimType>Device OS type<\/auth:DisplayName>OS type of the device<\/auth:Description><\/auth:ClaimType>Device OS Version<\/auth:DisplayName>OS version of the device<\/auth:Description><\/auth:ClaimType>Is Managed Device<\/auth:DisplayName>Device is managed by a management service<\/auth:Description><\/auth:ClaimType>Forwarded Client IP<\/auth:DisplayName>IP address of the user<\/auth:Description><\/auth:ClaimType>Client Application<\/auth:DisplayName>Type of the Client Application<\/auth:Description><\/auth:ClaimType>Client User Agent<\/auth:DisplayName>Device type the client is using to access the application<\/auth:Description><\/auth:ClaimType>Client IP<\/auth:DisplayName>IP address of the client<\/auth:Description><\/auth:ClaimType>Endpoint Path<\/auth:DisplayName>Absolute Endpoint path which can be used to determine active versus passive clients<\/auth:Description><\/auth:ClaimType>Proxy<\/auth:DisplayName>DNS name of the federation server proxy that passed the request<\/auth:Description><\/auth:ClaimType>Application Identifier<\/auth:DisplayName>Identifier for the Relying Party<\/auth:Description><\/auth:ClaimType>Application policies<\/auth:DisplayName>Application policies of the certificate<\/auth:Description><\/auth:ClaimType>Authority Key Identifier<\/auth:DisplayName>The Authority Key Identifier extension of the certificate that signed an issued certificate<\/auth:Description><\/auth:ClaimType>Basic Constraint<\/auth:DisplayName>One of the basic constraints of the certificate<\/auth:Description><\/auth:ClaimType>Enhanced Key Usage<\/auth:DisplayName>Describes one of the enhanced key usages of the certificate<\/auth:Description><\/auth:ClaimType>Issuer<\/auth:DisplayName>The name of the certificate authority that issued the X.509 certificate<\/auth:Description><\/auth:ClaimType>Issuer Name<\/auth:DisplayName>The distinguished name of the certificate issuer<\/auth:Description><\/auth:ClaimType>Key Usage<\/auth:DisplayName>One of the key usages of the certificate<\/auth:Description><\/auth:ClaimType>Not After<\/auth:DisplayName>Date in local time after which a certificate is no longer valid<\/auth:Description><\/auth:ClaimType>Not Before<\/auth:DisplayName>The date in local time on which a certificate becomes valid<\/auth:Description><\/auth:ClaimType>Certificate Policies<\/auth:DisplayName>The policies under which the certificate has been issued<\/auth:Description><\/auth:ClaimType>Public Key<\/auth:DisplayName>Public Key of the certificate<\/auth:Description><\/auth:ClaimType>Certificate Raw Data<\/auth:DisplayName>The raw data of the certificate<\/auth:Description><\/auth:ClaimType>Subject Alternative Name<\/auth:DisplayName>One of the alternative names of the certificate<\/auth:Description><\/auth:ClaimType>Serial Number<\/auth:DisplayName>The serial number of a certificate<\/auth:Description><\/auth:ClaimType>Signature Algorithm<\/auth:DisplayName>The algorithm used to create the signature of a certificate<\/auth:Description><\/auth:ClaimType>Subject<\/auth:DisplayName>The subject from the certificate<\/auth:Description><\/auth:ClaimType>Subject Key Identifier<\/auth:DisplayName>Describes the subject key identifier of the certificate<\/auth:Description><\/auth:ClaimType>Subject Name<\/auth:DisplayName>The subject distinguished name from a certificate<\/auth:Description><\/auth:ClaimType>V2 Template Name<\/auth:DisplayName>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.<\/auth:Description><\/auth:ClaimType>V1 Template Name<\/auth:DisplayName>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.<\/auth:Description><\/auth:ClaimType>Thumbprint<\/auth:DisplayName>Thumbprint of the certificate<\/auth:Description><\/auth:ClaimType>X.509 Version<\/auth:DisplayName>The X.509 format version of a certificate<\/auth:Description><\/auth:ClaimType>Inside Corporate Network<\/auth:DisplayName>Used to indicate if a request originated inside corporate network<\/auth:Description><\/auth:ClaimType>Password Expiration Time<\/auth:DisplayName>Used to display the time when the password expires<\/auth:Description><\/auth:ClaimType>Password Expiration Days<\/auth:DisplayName>Used to display the number of days to password expiry<\/auth:Description><\/auth:ClaimType>Update Password URL<\/auth:DisplayName>Used to display the web address of update password service<\/auth:Description><\/auth:ClaimType>Authentication Methods References<\/auth:DisplayName>Used to indicate all authentication methods used to authenticate the user<\/auth:Description><\/auth:ClaimType>Client Request ID<\/auth:DisplayName>Identifier for a user session<\/auth:Description><\/auth:ClaimType><\/fed:ClaimTypesRequested>
https:\/\/phxdevadfs01.calmsaastest.com\/adfs\/services\/trust\/2005\/issuedtokenmixedasymmetricbasic256<\/Address><\/EndpointReference>
https:\/\/phxdevadfs01.calmsaastest.com\/adfs\/services\/trust\/2005\/issuedtokenmixedsymmetricbasic256<\/Address><\/EndpointReference>
https:\/\/phxdevadfs01.calmsaastest.com\/adfs\/services\/trust\/13\/issuedtokenmixedasymmetricbasic256<\/Address><\/EndpointReference>
https:\/\/phxdevadfs01.calmsaastest.com\/adfs\/services\/trust\/13\/issuedtokenmixedsymmetricbasic256<\/Address><\/EndpointReference>
https:\/\/phxdevadfs01.calmsaastest.com\/adfs\/ls\/<\/Address><\/EndpointReference>
http:\/\/phxdevadfs01.calmsaastest.com\/adfs\/services\/trust<\/Address><\/EndpointReference><\/fed:TargetScopes>
https:\/\/phxdevadfs01.calmsaastest.com\/adfs\/services\/trust\/2005\/issuedtokenmixedasymmetricbasic256<\/Address><\/EndpointReference><\/fed:ApplicationServiceEndpoint>
https:\/\/phxdevadfs01.calmsaastest.com\/adfs\/ls\/<\/Address><\/EndpointReference><\/fed:PassiveRequestorEndpoint><\/RoleDescriptor>MIIC9jCCAd6gAwIBAgIQUpnb\/DY\/iLVHyOoCXhftVzANBgkqhkiG9w0BAQsFADA3MTUwMwYDVQQDEyxBREZTIFNpZ25pbmcgLSBwaHhkZXZhZGZzMDEuY2FsbXNhYXN0ZXN0LmNvbTAeFw0yMTExMTcxMjQwMDdaFw0yMjExMTcxMjQwMDdaMDcxNTAzBgNVBAMTLEFERlMgU2lnbmluZyAtIHBoeGRldmFkZnMwMS5jYWxtc2Fhc3Rlc3QuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyR3yptRX8Huqhh2IkThm9BWiNKl8VQ2ca++zcF+Rrq79LfJEPNXHnYadCBp+kbWf43Sd+mPzujVdqq6MS2+zFsplxIm8h6lfZSAAxfqkHx7m2bD2TPdfBrO\/zdQ+9U3MVqcoZOu6ppIuGm8i9gpjOdArYYy\/k5HFkWvmm2zNSWPf0Vsg4iiU7lVpte\/5J7uVcoFazJFdKZNd7fjDw5favLzft+4EP\/nAf7vCHfAi8izfZcWn2+mcxddRb0WGSFAKNuCs6zUXHwcMJt6tfG7FFwaLL4k3tzTv2Z6TEmHpPwpONcEPs2Fxw5jO4kFPAdN2dXJDRWPQmEqwF5duODiPbwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBVleq4dFYrf1QdGfCBQqn6pt4nfhNLhqz1zwGl\/IJ84msx7gMLgN7c0XzzwA5NcJw5T\/r\/G9Sx+Wr9\/y6uSnPv5XQUwgFdpPqPsfi\/+u67Xr\/aKtNtw+MSdeZDTL+2EEj7RtBjmuq5a8VWuMHcyAHWp3QC3KJ4Uo3gFfeC6A3gAFUpx0zqr1sQQNhtcD0Wmytw+8mPRx2pPK3BrTP8Z7DOmylyESUdDErYifTp\/5xIC5ecgdIZesTG4rIT6nLlGyvcfaiA27SxXAwgXas0rnVo+BJpecKBwBJnHP9ifVmsxOu+hZNMN9h5CJHE0JpRBz0Lt+DoEjZaSKScjN7ubMpI<\/X509Certificate><\/X509Data><\/KeyInfo><\/KeyDescriptor><\/fed:TokenTypesOffered>E-Mail Address<\/auth:DisplayName>The e-mail address of the user<\/auth:Description><\/auth:ClaimType>Given Name<\/auth:DisplayName>The given name of the user<\/auth:Description><\/auth:ClaimType>Name<\/auth:DisplayName>The unique name of the user<\/auth:Description><\/auth:ClaimType>UPN<\/auth:DisplayName>The user principal name (UPN) of the user<\/auth:Description><\/auth:ClaimType>Common Name<\/auth:DisplayName>The common name of the user<\/auth:Description><\/auth:ClaimType>AD FS 1.x E-Mail Address<\/auth:DisplayName>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0<\/auth:Description><\/auth:ClaimType>Group<\/auth:DisplayName>A group that the user is a member of<\/auth:Description><\/auth:ClaimType>AD FS 1.x UPN<\/auth:DisplayName>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0<\/auth:Description><\/auth:ClaimType>Role<\/auth:DisplayName>A role that the user has<\/auth:Description><\/auth:ClaimType>Surname<\/auth:DisplayName>The surname of the user<\/auth:Description><\/auth:ClaimType>PPID<\/auth:DisplayName>The private identifier of the user<\/auth:Description><\/auth:ClaimType>Name ID<\/auth:DisplayName>The SAML name identifier of the user<\/auth:Description><\/auth:ClaimType>Authentication time stamp<\/auth:DisplayName>Used to display the time and date that the user was authenticated<\/auth:Description><\/auth:ClaimType>Authentication method<\/auth:DisplayName>The method used to authenticate the user<\/auth:Description><\/auth:ClaimType>Deny only group SID<\/auth:DisplayName>The deny-only group SID of the user<\/auth:Description><\/auth:ClaimType>Deny only primary SID<\/auth:DisplayName>The deny-only primary SID of the user<\/auth:Description><\/auth:ClaimType>Deny only primary group SID<\/auth:DisplayName>The deny-only primary group SID of the user<\/auth:Description><\/auth:ClaimType>Group SID<\/auth:DisplayName>The group SID of the user<\/auth:Description><\/auth:ClaimType>Primary group SID<\/auth:DisplayName>The primary group SID of the user<\/auth:Description><\/auth:ClaimType>Primary SID<\/auth:DisplayName>The primary SID of the user<\/auth:Description><\/auth:ClaimType>Windows account name<\/auth:DisplayName>The domain account name of the user in the form of domain\\user<\/auth:Description><\/auth:ClaimType>Is Registered User<\/auth:DisplayName>User is registered to use this device<\/auth:Description><\/auth:ClaimType>Device Identifier<\/auth:DisplayName>Identifier of the device<\/auth:Description><\/auth:ClaimType>Device Registration Identifier<\/auth:DisplayName>Identifier for Device Registration<\/auth:Description><\/auth:ClaimType>Device Registration DisplayName<\/auth:DisplayName>Display name of Device Registration<\/auth:Description><\/auth:ClaimType>Device OS type<\/auth:DisplayName>OS type of the device<\/auth:Description><\/auth:ClaimType>Device OS Version<\/auth:DisplayName>OS version of the device<\/auth:Description><\/auth:ClaimType>Is Managed Device<\/auth:DisplayName>Device is managed by a management service<\/auth:Description><\/auth:ClaimType>Forwarded Client IP<\/auth:DisplayName>IP address of the user<\/auth:Description><\/auth:ClaimType>Client Application<\/auth:DisplayName>Type of the Client Application<\/auth:Description><\/auth:ClaimType>Client User Agent<\/auth:DisplayName>Device type the client is using to access the application<\/auth:Description><\/auth:ClaimType>Client IP<\/auth:DisplayName>IP address of the client<\/auth:Description><\/auth:ClaimType>Endpoint Path<\/auth:DisplayName>Absolute Endpoint path which can be used to determine active versus passive clients<\/auth:Description><\/auth:ClaimType>Proxy<\/auth:DisplayName>DNS name of the federation server proxy that passed the request<\/auth:Description><\/auth:ClaimType>Application Identifier<\/auth:DisplayName>Identifier for the Relying Party<\/auth:Description><\/auth:ClaimType>Application policies<\/auth:DisplayName>Application policies of the certificate<\/auth:Description><\/auth:ClaimType>Authority Key Identifier<\/auth:DisplayName>The Authority Key Identifier extension of the certificate that signed an issued certificate<\/auth:Description><\/auth:ClaimType>Basic Constraint<\/auth:DisplayName>One of the basic constraints of the certificate<\/auth:Description><\/auth:ClaimType>Enhanced Key Usage<\/auth:DisplayName>Describes one of the enhanced key usages of the certificate<\/auth:Description><\/auth:ClaimType>Issuer<\/auth:DisplayName>The name of the certificate authority that issued the X.509 certificate<\/auth:Description><\/auth:ClaimType>Issuer Name<\/auth:DisplayName>The distinguished name of the certificate issuer<\/auth:Description><\/auth:ClaimType>Key Usage<\/auth:DisplayName>One of the key usages of the certificate<\/auth:Description><\/auth:ClaimType>Not After<\/auth:DisplayName>Date in local time after which a certificate is no longer valid<\/auth:Description><\/auth:ClaimType>Not Before<\/auth:DisplayName>The date in local time on which a certificate becomes valid<\/auth:Description><\/auth:ClaimType>Certificate Policies<\/auth:DisplayName>The policies under which the certificate has been issued<\/auth:Description><\/auth:ClaimType>Public Key<\/auth:DisplayName>Public Key of the certificate<\/auth:Description><\/auth:ClaimType>Certificate Raw Data<\/auth:DisplayName>The raw data of the certificate<\/auth:Description><\/auth:ClaimType>Subject Alternative Name<\/auth:DisplayName>One of the alternative names of the certificate<\/auth:Description><\/auth:ClaimType>Serial Number<\/auth:DisplayName>The serial number of a certificate<\/auth:Description><\/auth:ClaimType>Signature Algorithm<\/auth:DisplayName>The algorithm used to create the signature of a certificate<\/auth:Description><\/auth:ClaimType>Subject<\/auth:DisplayName>The subject from the certificate<\/auth:Description><\/auth:ClaimType>Subject Key Identifier<\/auth:DisplayName>Describes the subject key identifier of the certificate<\/auth:Description><\/auth:ClaimType>Subject Name<\/auth:DisplayName>The subject distinguished name from a certificate<\/auth:Description><\/auth:ClaimType>V2 Template Name<\/auth:DisplayName>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.<\/auth:Description><\/auth:ClaimType>V1 Template Name<\/auth:DisplayName>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.<\/auth:Description><\/auth:ClaimType>Thumbprint<\/auth:DisplayName>Thumbprint of the certificate<\/auth:Description><\/auth:ClaimType>X.509 Version<\/auth:DisplayName>The X.509 format version of a certificate<\/auth:Description><\/auth:ClaimType>Inside Corporate Network<\/auth:DisplayName>Used to indicate if a request originated inside corporate network<\/auth:Description><\/auth:ClaimType>Password Expiration Time<\/auth:DisplayName>Used to display the time when the password expires<\/auth:Description><\/auth:ClaimType>Password Expiration Days<\/auth:DisplayName>Used to display the number of days to password expiry<\/auth:Description><\/auth:ClaimType>Update Password URL<\/auth:DisplayName>Used to display the web address of update password service<\/auth:Description><\/auth:ClaimType>Authentication Methods References<\/auth:DisplayName>Used to indicate all authentication methods used to authenticate the user<\/auth:Description><\/auth:ClaimType>Client Request ID<\/auth:DisplayName>Identifier for a user session<\/auth:Description><\/auth:ClaimType><\/fed:ClaimTypesOffered>
https:\/\/phxdevadfs01.calmsaastest.com\/adfs\/services\/trust\/2005\/certificatemixed<\/Address>
https:\/\/phxdevadfs01.calmsaastest.com\/adfs\/services\/trust\/mex<\/Address><\/wsx:MetadataReference><\/wsx:MetadataSection><\/Metadata><\/Metadata><\/EndpointReference><\/fed:SecurityTokenServiceEndpoint>
https:\/\/phxdevadfs01.calmsaastest.com\/adfs\/ls\/<\/Address><\/EndpointReference><\/fed:PassiveRequestorEndpoint><\/RoleDescriptor>MIIC\/DCCAeSgAwIBAgIQXrVlrYCLCrNFzUpPABkaCzANBgkqhkiG9w0BAQsFADA6MTgwNgYDVQQDEy9BREZTIEVuY3J5cHRpb24gLSBwaHhkZXZhZGZzMDEuY2FsbXNhYXN0ZXN0LmNvbTAeFw0yMTExMTcxMjQwMDRaFw0yMjExMTcxMjQwMDRaMDoxODA2BgNVBAMTL0FERlMgRW5jcnlwdGlvbiAtIHBoeGRldmFkZnMwMS5jYWxtc2Fhc3Rlc3QuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7t7bbyGdj3LP+zUeezpZWrVBXhuGak4jg5qMxxAcsQBnEnXFHVbbc7NDHrxJD\/\/GCW8xKYnyf68gryhJ58sOm1uIkN+fQovlDPVx3gNg0p3KYUZJz\/uD2CT0lpLoGXr4a49iOTZJDbIpqIJlSsQdW4VtrA8wXUF9KmD7hYZHnmvHYXVu6Qbu0IA90T7t2AvGFLgqt5lR3xRfpqUUjfGCwPTgeq5E9Bxa+J8R+QFbdw84829ly+ij+qLwJSBn19lnbTwpBeKdJzT8H844+EF24Oj0KzYyJ+LA+F6nQXtNZ9pmA98ndqUapd9rmFr1ltOA1PUthCQ\/H02NrwFAiPmitwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQA0CniMj1WENmWoENigOxlujrj9QBuhggR1UtJp8BXl5wKcMEqfMDjppqpRiQBW6AJXI1EwUVKgNSeosgyCbGtEDYlu7pGv+5NRkp+z+5Nb\/VmpATgKPaVX9aQsmegWl5tfRVaRU5s\/qks5lmXrBdl7OTtYtf6J49561wkyyq3ZKT0rLQbR7YpkDMfcBG6LbcseLh10+FPJNUeJlFTIWEW8y0JxeOPInp6Vr5a+hQW+nCmsR27wNB1TKDP0CPat+TyajRyIIYlvWlnBRgAEEZJDMaoXsUhvvoiQ4XkFtFS5W3KeYdxViVsMPuicPvEEhh2mj2ELyRZnzefPoEC\/DuzI<\/X509Certificate><\/X509Data><\/KeyInfo><\/KeyDescriptor>MIIC9jCCAd6gAwIBAgIQUpnb\/DY\/iLVHyOoCXhftVzANBgkqhkiG9w0BAQsFADA3MTUwMwYDVQQDEyxBREZTIFNpZ25pbmcgLSBwaHhkZXZhZGZzMDEuY2FsbXNhYXN0ZXN0LmNvbTAeFw0yMTExMTcxMjQwMDdaFw0yMjExMTcxMjQwMDdaMDcxNTAzBgNVBAMTLEFERlMgU2lnbmluZyAtIHBoeGRldmFkZnMwMS5jYWxtc2Fhc3Rlc3QuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyR3yptRX8Huqhh2IkThm9BWiNKl8VQ2ca++zcF+Rrq79LfJEPNXHnYadCBp+kbWf43Sd+mPzujVdqq6MS2+zFsplxIm8h6lfZSAAxfqkHx7m2bD2TPdfBrO\/zdQ+9U3MVqcoZOu6ppIuGm8i9gpjOdArYYy\/k5HFkWvmm2zNSWPf0Vsg4iiU7lVpte\/5J7uVcoFazJFdKZNd7fjDw5favLzft+4EP\/nAf7vCHfAi8izfZcWn2+mcxddRb0WGSFAKNuCs6zUXHwcMJt6tfG7FFwaLL4k3tzTv2Z6TEmHpPwpONcEPs2Fxw5jO4kFPAdN2dXJDRWPQmEqwF5duODiPbwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBVleq4dFYrf1QdGfCBQqn6pt4nfhNLhqz1zwGl\/IJ84msx7gMLgN7c0XzzwA5NcJw5T\/r\/G9Sx+Wr9\/y6uSnPv5XQUwgFdpPqPsfi\/+u67Xr\/aKtNtw+MSdeZDTL+2EEj7RtBjmuq5a8VWuMHcyAHWp3QC3KJ4Uo3gFfeC6A3gAFUpx0zqr1sQQNhtcD0Wmytw+8mPRx2pPK3BrTP8Z7DOmylyESUdDErYifTp\/5xIC5ecgdIZesTG4rIT6nLlGyvcfaiA27SxXAwgXas0rnVo+BJpecKBwBJnHP9ifVmsxOu+hZNMN9h5CJHE0JpRBz0Lt+DoEjZaSKScjN7ubMpI<\/X509Certificate><\/X509Data><\/KeyInfo><\/KeyDescriptor>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress<\/NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent<\/NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient<\/NameIDFormat><\/SPSSODescriptor>MIIC\/DCCAeSgAwIBAgIQXrVlrYCLCrNFzUpPABkaCzANBgkqhkiG9w0BAQsFADA6MTgwNgYDVQQDEy9BREZTIEVuY3J5cHRpb24gLSBwaHhkZXZhZGZzMDEuY2FsbXNhYXN0ZXN0LmNvbTAeFw0yMTExMTcxMjQwMDRaFw0yMjExMTcxMjQwMDRaMDoxODA2BgNVBAMTL0FERlMgRW5jcnlwdGlvbiAtIHBoeGRldmFkZnMwMS5jYWxtc2Fhc3Rlc3QuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7t7bbyGdj3LP+zUeezpZWrVBXhuGak4jg5qMxxAcsQBnEnXFHVbbc7NDHrxJD\/\/GCW8xKYnyf68gryhJ58sOm1uIkN+fQovlDPVx3gNg0p3KYUZJz\/uD2CT0lpLoGXr4a49iOTZJDbIpqIJlSsQdW4VtrA8wXUF9KmD7hYZHnmvHYXVu6Qbu0IA90T7t2AvGFLgqt5lR3xRfpqUUjfGCwPTgeq5E9Bxa+J8R+QFbdw84829ly+ij+qLwJSBn19lnbTwpBeKdJzT8H844+EF24Oj0KzYyJ+LA+F6nQXtNZ9pmA98ndqUapd9rmFr1ltOA1PUthCQ\/H02NrwFAiPmitwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQA0CniMj1WENmWoENigOxlujrj9QBuhggR1UtJp8BXl5wKcMEqfMDjppqpRiQBW6AJXI1EwUVKgNSeosgyCbGtEDYlu7pGv+5NRkp+z+5Nb\/VmpATgKPaVX9aQsmegWl5tfRVaRU5s\/qks5lmXrBdl7OTtYtf6J49561wkyyq3ZKT0rLQbR7YpkDMfcBG6LbcseLh10+FPJNUeJlFTIWEW8y0JxeOPInp6Vr5a+hQW+nCmsR27wNB1TKDP0CPat+TyajRyIIYlvWlnBRgAEEZJDMaoXsUhvvoiQ4XkFtFS5W3KeYdxViVsMPuicPvEEhh2mj2ELyRZnzefPoEC\/DuzI<\/X509Certificate><\/X509Data><\/KeyInfo><\/KeyDescriptor>MIIC9jCCAd6gAwIBAgIQUpnb\/DY\/iLVHyOoCXhftVzANBgkqhkiG9w0BAQsFADA3MTUwMwYDVQQDEyxBREZTIFNpZ25pbmcgLSBwaHhkZXZhZGZzMDEuY2FsbXNhYXN0ZXN0LmNvbTAeFw0yMTExMTcxMjQwMDdaFw0yMjExMTcxMjQwMDdaMDcxNTAzBgNVBAMTLEFERlMgU2lnbmluZyAtIHBoeGRldmFkZnMwMS5jYWxtc2Fhc3Rlc3QuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyR3yptRX8Huqhh2IkThm9BWiNKl8VQ2ca++zcF+Rrq79LfJEPNXHnYadCBp+kbWf43Sd+mPzujVdqq6MS2+zFsplxIm8h6lfZSAAxfqkHx7m2bD2TPdfBrO\/zdQ+9U3MVqcoZOu6ppIuGm8i9gpjOdArYYy\/k5HFkWvmm2zNSWPf0Vsg4iiU7lVpte\/5J7uVcoFazJFdKZNd7fjDw5favLzft+4EP\/nAf7vCHfAi8izfZcWn2+mcxddRb0WGSFAKNuCs6zUXHwcMJt6tfG7FFwaLL4k3tzTv2Z6TEmHpPwpONcEPs2Fxw5jO4kFPAdN2dXJDRWPQmEqwF5duODiPbwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBVleq4dFYrf1QdGfCBQqn6pt4nfhNLhqz1zwGl\/IJ84msx7gMLgN7c0XzzwA5NcJw5T\/r\/G9Sx+Wr9\/y6uSnPv5XQUwgFdpPqPsfi\/+u67Xr\/aKtNtw+MSdeZDTL+2EEj7RtBjmuq5a8VWuMHcyAHWp3QC3KJ4Uo3gFfeC6A3gAFUpx0zqr1sQQNhtcD0Wmytw+8mPRx2pPK3BrTP8Z7DOmylyESUdDErYifTp\/5xIC5ecgdIZesTG4rIT6nLlGyvcfaiA27SxXAwgXas0rnVo+BJpecKBwBJnHP9ifVmsxOu+hZNMN9h5CJHE0JpRBz0Lt+DoEjZaSKScjN7ubMpI<\/X509Certificate><\/X509Data><\/KeyInfo><\/KeyDescriptor>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress<\/NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent<\/NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient<\/NameIDFormat><\/IDPSSODescriptor><\/EntityDescriptor>","label":"IDP Metadata","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"Example :- pjadmin@corp.company.ca","data_type":"BASE","type":"LOCAL","name":"project_admin_user","value":"idpuser5@calmsaastest.com","label":"Project Admin","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"cluster_name","value":"auto_cluster_prod_f38da47d51f4","label":"Cluster Name","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"virtual_switch","value":"vs0","label":"Virtual Switch Name","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^[\\d]*$"},"val_type":"INT","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"external_vlan_id","value":"82","label":"External VLAN ID","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"Example :- 10.20.30.0\/24","data_type":"BASE","type":"LOCAL","name":"external_subnet_ip","value":"10.10.13.0\/24","label":"External Subnet IP with Prefix","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"Enter Start IP followed by End IP. Example :- 10.20.30.2-10.20.30.10","data_type":"BASE","type":"LOCAL","name":"external_subnet_ip_pool","value":"10.10.13.2-10.10.13.10","label":"External Subnet IP Pool Range","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"Example :- 10.20.30.1","data_type":"BASE","type":"LOCAL","name":"external_subnet_gateway_ip","value":"10.10.13.1","label":"External Subnet Gateway IP","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"external_subnet_nat","value":"True","label":"External Subnet NAT","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":["True","False"]}},{"val_type":"STRING","is_mandatory":true,"description":"Example :- 10.10.10.0\/24","data_type":"BASE","type":"LOCAL","name":"overlay_subnet_ip","value":"10.10.10.0\/24","label":"Overlay Subnet IP With Prefix","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"overlay_subnet_gateway_ip","value":"10.10.10.1","label":"Overlay Subnet Gateway IP","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"account_name","value":"policy_account","label":"Account Name","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^[\\d]*$"},"val_type":"INT","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"project_vcpu","value":"6","label":"Quota : vCPUs ","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^[\\d]*$"},"val_type":"INT","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"project_memory","value":"12","label":"Quota : Memory in GB","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^[\\d]*$"},"val_type":"INT","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"project_disk_size","value":"50","label":"Quota : Disk Size in GB","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"allow_collaboration","value":"True","label":"Allow Project Collaboration","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":["True","False"]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"create_environment","value":"No","label":"Create Project Environment with Default Values","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":["Yes","No"]}},{"val_type":"STRING","is_mandatory":true,"description":"Required only if creating environment with default values.","data_type":"BASE","type":"LOCAL","name":"environment_os","value":"Linux","label":"Environment operating system","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":["Linux","Windows"]}},{"val_type":"STRING","is_mandatory":true,"description":"Required only if creating environment with default values.","data_type":"BASE","type":"LOCAL","name":"image_name","value":"Centos7HadoopMaster","label":"Image Name","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"regex":{"should_validate":false,"value":"^(.|\\n)*$"},"val_type":"MULTILINE_STRING","is_mandatory":false,"description":"Should be base64 encoded for Linux and XML for Windows.","data_type":"BASE","type":"LOCAL","name":"guest_customization_script","value":"I2Nsb3VkLWNvbmZpZwp1c2VyczoKICAtIG5hbWU6IG51dGFuaXgKICAgIHNzaC1hdXRob3JpemVkLWtleXM6CiAgICAgIC0gc3NoLXJzYSBLRVkKICAgIHN1ZG86IFsnQUxMPShBTEwpIE5PUEFTU1dEOkFMTCddCiAgICBncm91cHM6IHN1ZG8KICAgIHNoZWxsOiAvYmluL2Jhc2gKCnBhY2thZ2VzOgogIC0gaHR0cGQ=","label":"Guest Customization Script","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"credential_username","value":"root","label":"Environment Credential Username","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}},{"val_type":"STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"credential_type","value":"KEY","label":"Credential Type","attrs":{"type":"LOCAL"},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":["PASSWORD","KEY"]}},{"regex":{"should_validate":false,"value":"^(.|\\n)*$"},"val_type":"MULTILINE_STRING","is_mandatory":true,"description":"","data_type":"BASE","type":"LOCAL","name":"password_or_key","value":"-----BEGIN OPENSSH PRIVATE KEY-----\nb3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS\n1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQR9WZPeBSvixkhjQOh9yCXXlEx5CN9M\nyh94CJJ1rigf8693gc90HmahIR5oMGHwlqMoS7kKrRw+4KpxqsF7LGvxAAAAqJZtgRuWbY\nEbAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH1Zk94FK+LGSGNA\n6H3IJdeUTHkI30zKH3gIknWuKB\/zr3eBz3QeZqEhHmgwYfCWoyhLuQqtHD7gqnGqwXssa\/\nEAAAAgBzKpRmMyXZ4jnSt3ARz0ul6R79AXAr5gQqDAmoFeEKwAAAAOYWpAYm93aWUubG9j\nYWwBAg==\n-----END OPENSSH PRIVATE KEY-----","label":"Password Or Key","attrs":{"type":""},"editables":{"value":true},"is_hidden":false,"options":{"type":"PREDEFINED","choices":[]}}]}},"name":"Tenant Onboarding with IDP"},"api_version":"3.0","metadata":{"last_update_time":"1717585460703358","kind":"runbook","spec_version":1,"creation_time":"1717585425009616","name":"Tenant Onboarding with IDP"}} diff --git a/scripts/Tenant_onboarding_IDP/create_environment.py b/scripts/Tenant_onboarding_IDP/create_environment.py index 0f41fa1..97b9d79 100644 --- a/scripts/Tenant_onboarding_IDP/create_environment.py +++ b/scripts/Tenant_onboarding_IDP/create_environment.py @@ -20,9 +20,9 @@ def _build_url(scheme, resource_type, host=PC_IP, **params): else: url += "/{0}".format(resource_type) return url - + def get_cluster_account_uuid(): - cluster_name = "@@{cluster_name}@@".strip() + cluster_uuid = "@@{cluster_uuid}@@".strip() account_name = "@@{account_name}@@".strip() url = _build_url(scheme="https",host="localhost",resource_type="/accounts/list") data = requests.post(url, json={"kind":"account","length": 250}, @@ -31,19 +31,19 @@ def get_cluster_account_uuid(): if not data.ok: print("Error while fetching account details. -->", data.json()) exit(1) - + if account_name in str(data.json()): for new_data in data.json()['entities']: if new_data['metadata']['name'] == account_name: - for _cluster in new_data["status"]["resources"]["data"]["cluster_account_reference_list"]: - if _cluster["resources"]["data"]["cluster_name"] == cluster_name: - return _cluster["uuid"] + for _account in new_data["status"]["resources"]["data"]["cluster_account_reference_list"]: + if _account["resources"]["data"]["cluster_uuid"] == cluster_uuid: + return _account["uuid"] print("Error : %s account not present on %s"%(account_name,PC_IP)) exit(1) else: print("Error : %s account not present on %s"%(account_name,PC_IP)) exit(1) - + def _get_spec(): tenantuuid = "@@{tenant_uuid}@@" account = get_cluster_account_uuid() @@ -54,7 +54,7 @@ def _get_spec(): project_subnet = @@{overlay_subnet_details}@@ env_memory = (@@{project_memory}@@ / 2) * 1024 subnet_references = [] - + connection_type = "POWERSHELL" connection_port = 5985 connection_protocol = "http" @@ -62,13 +62,13 @@ def _get_spec(): connection_type = "SSH" connection_port = 22 connection_protocol = "" - + nic_list = [] nics = {} nics['subnet_reference'] = {'uuid': project_subnet["uuid"]} subnet_references.append({'uuid': project_subnet["uuid"]}) nic_list.append(nics) - + url = _build_url(scheme="https", resource_type="/idempotence_identifiers") data = requests.post(url, json={"count": 2,"valid_duration_in_minutes": 527040}, @@ -95,7 +95,7 @@ def _get_spec(): }, "uuid": creds_uuid }] - + if _creds_type == "KEY": _pass = {"passphrase": { "attrs": { @@ -143,7 +143,7 @@ def _get_spec(): serial_port = [] serial_port.append({"index": 0, "is_connected": True}) - + return ({ "api_version": "3.0", "metadata": { @@ -191,7 +191,7 @@ def _get_spec(): "num_vcpus_per_socket": 1, "memory_size_mib": env_memory, "account_uuid": account - + }, "categories": {"TenantName":"@@{tenant_name}@@".strip()} }, @@ -239,13 +239,13 @@ def create_env(): guest_customization = {"cloud_init":{"user_data": """@@{guest_customization_script}@@"""}} payload['spec']['resources']['substrate_definition_list'][0]['create_spec']\ ['resources']['guest_customization'] = guest_customization - + url = _build_url(scheme="https",host="localhost", resource_type="/environments") data = requests.post(url, json=payload, auth=HTTPBasicAuth(management_username,management_password), timeout=None, verify=False) if not data.ok: - print("Error while creating environment ---> ",data.json().get('message_list', + print("Error while creating environment ---> ",data.json().get('message_list', data.json().get('error_detail', data.json()))) exit(1) return {"uuid": data.json()['metadata']['uuid'], @@ -254,4 +254,4 @@ def create_env(): environment = {} if "@@{create_environment}@@".lower() == "yes": environment = create_env() -print("environment_details={}".format(environment)) \ No newline at end of file +print("environment_details={}".format(environment)) diff --git a/scripts/Tenant_onboarding_runbook/create_environment.py b/scripts/Tenant_onboarding_runbook/create_environment.py index ba31051..97b9d79 100644 --- a/scripts/Tenant_onboarding_runbook/create_environment.py +++ b/scripts/Tenant_onboarding_runbook/create_environment.py @@ -20,9 +20,9 @@ def _build_url(scheme, resource_type, host=PC_IP, **params): else: url += "/{0}".format(resource_type) return url - + def get_cluster_account_uuid(): - cluster_name = "@@{cluster_name}@@".strip() + cluster_uuid = "@@{cluster_uuid}@@".strip() account_name = "@@{account_name}@@".strip() url = _build_url(scheme="https",host="localhost",resource_type="/accounts/list") data = requests.post(url, json={"kind":"account","length": 250}, @@ -31,19 +31,19 @@ def get_cluster_account_uuid(): if not data.ok: print("Error while fetching account details. -->", data.json()) exit(1) - + if account_name in str(data.json()): for new_data in data.json()['entities']: if new_data['metadata']['name'] == account_name: - for _cluster in new_data["status"]["resources"]["data"]["cluster_account_reference_list"]: - if _cluster["resources"]["data"]["cluster_name"] == cluster_name: - return _cluster["uuid"] + for _account in new_data["status"]["resources"]["data"]["cluster_account_reference_list"]: + if _account["resources"]["data"]["cluster_uuid"] == cluster_uuid: + return _account["uuid"] print("Error : %s account not present on %s"%(account_name,PC_IP)) exit(1) else: print("Error : %s account not present on %s"%(account_name,PC_IP)) exit(1) - + def _get_spec(): tenantuuid = "@@{tenant_uuid}@@" account = get_cluster_account_uuid() @@ -54,7 +54,7 @@ def _get_spec(): project_subnet = @@{overlay_subnet_details}@@ env_memory = (@@{project_memory}@@ / 2) * 1024 subnet_references = [] - + connection_type = "POWERSHELL" connection_port = 5985 connection_protocol = "http" @@ -62,13 +62,13 @@ def _get_spec(): connection_type = "SSH" connection_port = 22 connection_protocol = "" - + nic_list = [] nics = {} nics['subnet_reference'] = {'uuid': project_subnet["uuid"]} subnet_references.append({'uuid': project_subnet["uuid"]}) nic_list.append(nics) - + url = _build_url(scheme="https", resource_type="/idempotence_identifiers") data = requests.post(url, json={"count": 2,"valid_duration_in_minutes": 527040}, @@ -95,7 +95,7 @@ def _get_spec(): }, "uuid": creds_uuid }] - + if _creds_type == "KEY": _pass = {"passphrase": { "attrs": { @@ -143,7 +143,7 @@ def _get_spec(): serial_port = [] serial_port.append({"index": 0, "is_connected": True}) - + return ({ "api_version": "3.0", "metadata": { @@ -191,7 +191,7 @@ def _get_spec(): "num_vcpus_per_socket": 1, "memory_size_mib": env_memory, "account_uuid": account - + }, "categories": {"TenantName":"@@{tenant_name}@@".strip()} }, @@ -239,13 +239,13 @@ def create_env(): guest_customization = {"cloud_init":{"user_data": """@@{guest_customization_script}@@"""}} payload['spec']['resources']['substrate_definition_list'][0]['create_spec']\ ['resources']['guest_customization'] = guest_customization - + url = _build_url(scheme="https",host="localhost", resource_type="/environments") data = requests.post(url, json=payload, auth=HTTPBasicAuth(management_username,management_password), timeout=None, verify=False) if not data.ok: - print("Error while creating environment ---> ",data.json().get('message_list', + print("Error while creating environment ---> ",data.json().get('message_list', data.json().get('error_detail', data.json()))) exit(1) return {"uuid": data.json()['metadata']['uuid'],