-
Notifications
You must be signed in to change notification settings - Fork 9
Expand file tree
/
Copy pathesxi_password_seed.ps1
More file actions
38 lines (34 loc) · 1.49 KB
/
esxi_password_seed.ps1
File metadata and controls
38 lines (34 loc) · 1.49 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
# Performs a discovery of the VMware hosts within vCenter and
# saves them to Vault with with a supplied password.
# Pass the vcenter, vaultserver, host password and vault token as parameters.
#
# Workflow:
# a. Login into vCenter and list all ESXi hosts
# b. For each host set a specified password into Vault in the sytemcreds/esxihosts
param (
[Parameter(Mandatory=$true)][string]$vcenter,
[Parameter(Mandatory=$true)][string]$vaultserver,
[Parameter(Mandatory=$true)][string]$hostpwd,
[Parameter(Mandatory=$true)][string]$vaulttoken
)
write-output "VCenter Server: $vcenter"
write-output "Vault Server: $vaultserver"
write-output "Vault Token: $vaulttoken"
# Connect to vCenter or ESXi Host and enumerate hosts to be updated
Connect-VIServer $vcenter
$hosts = @()
Get-VMHost | sort | Get-View | Where {$_.Summary.Config.Product.Name -match "i"} | % { $hosts+= $_.Name }
Disconnect-VIServer -confirm:$false
# Commit new password to Vault
foreach ($vmhost in $hosts) {
# Commit the password to vault
write-host "Updating Vault for $vmhost..."
$JSON="{ `"options`": { `"max_versions`": 10 }, `"data`": { `"password`": `"$hostpwd`" } }"
Invoke-RestMethod -Headers @{"X-Vault-Token" = $vaulttoken} -Method POST -Body $JSON -Uri $vaultserver/v1/systemcreds/data/esxihosts/$vmhost
if($?) {
Write-Output "Root password was stored in Vault for ESXi host - $vmhost"
}
else {
Write-Output "Error saving new password to Vault."
}
}