VMware Cloud Expert

Lab 02 - Cloud Operations Automation (PowerCLI, APIs)



With diverse applications deployed across multiple clouds, your IT portfolio is becoming increasingly complicated. Simplify your multi-cloud operations with VMware.

The VMware Cloud Operating Model is a framework that binds your business, application, and cloud strategies together to accelerate agility, optimize performance, and control your multi-cloud environment. It brings people, process, and technology together for consistent service delivery, operations, and governance wherever workloads reside, for today and the future by:

  • Transforming IT Ops by delivering self-service clouds, with rapid elasticity and a full set of consumable APIs.
  • Align to CloudOps and embrace your existing clouds to optimize your investments, strengthen security and governance, and deliver a framework for accountability and clarity.
  • Efficiently extend cloud management processes and capabilities to new public cloud services and environments through a repeatable on boarding process.

With the emergence of Multi-Cloud adoption for a myriad of reasons by organizations of all sizes, we can see even clearer the challenges that abound when managing workloads in multiple environments, by different teams attempting to ensure governance and organization policy adherence, while using different tools, each dedicated to a given environment. With the VMware Cloud Operating Model you use traditional VMware On-Premises Operations Management tools which have now been optimized for Cloud Management as well, to mange your On-Premises environment, VMware assets, running in one or more Hyper-Scalers (AWS, AZURE, Google Cloud, IBM Cloud, etc...), as well as Native Cloud workloads and services


Task 1 - Gather Cloud vCenter Information

PowerCLI is a PowerShell-based command-line interface for managing VMware vSphere. VMware describes PowerCLI as "a powerful command-line tool that lets you automate all aspects of vSphere management, including network, storage, VM, guest. PowerCLI can also be used to manage and automate other VMware Technologies such as:

  • HCX
  • VMC on AWS
  • NSX-T
  • etc...

In Multi-Cloud scenarios PowerCLI is a compelling tool that can be used for Day-0 through Day-2 operations. Everything from Creating a new SDDC, to adding adding Clusters, and even deploying and managing workloads.

In this lab task we will use PowerCLI to:

  • Create a Content Library
  • Upload an OVF to the content library
  • Deploy a Virtual Machine


  1. From your Virtual Desktop, launch the Web Browser (Google Chrome Preferred)
    and go https://vmc.vmware.com/console/sddcs

NOTE: For instructions on accessing your Virtual Desktop please see "Lab 1 - Accessing the Environment"

  1. Login with your VMC on AWS console credentials provided by your instructor.
  2. Type <Your Assigned login Credentials> in the email address field i.e. vmcexpert#-XX@vmware-hol.com (where # is your Environment ID, and XX is your assigned student number)
  3. Click NEXT
  4. Type VMware1! in the Password field
  5. Click SIGN IN

If you didn't do so in Lab 1, bookmark this page so you can access it quicker in subsequent steps

NOTE: Upon signing in you'll notice there are two or more SDDCs named VMCExpert#-XX (Where XX indicates your student number). Unless instructed to, only use the SDDC that matches your assigned Student number

Identify your SDDC, (VMCexpert#-XX, where XX is your Student Number). At the top left  of the SDDC tile (i.e. VMCExpert3-31).

  1. Click VIEW DETAILS on your SDDC Tile
  2. Click the Settings Tab
  3. Under vCenter Information Identify and record the Cloud vCenter FQDN and/or Public IP (I.E. vcenter.sddc-xx-xx-xx-xx.vmwarevmc.com)
  4. Identify and record the Default vCenter User Account Username and Password

NOTE: You will use this FQDN and credential with PowerCLI in the next task

Task 2 - Infrastructure Management with PowerCLI
  1. From your Virtual Desktop, launch PowerShell 7 or Windows Terminal
  2. type the following commands to confirm the PowerCLI Configuration and PowerShell Execution Policy
Connect-VIServer {Your_Cloud_vCenter_FQDN or IP} -Username cloudadmin@vmc.local -Password {Your_Default_vCenter_User_Password}


  1. In PowerShell or Windows Terminal type the following command to create a Content Library and Upload an Ubuntu Desktop Virtual Appliance
New-ContentLibrary -Name {YourStudentName}_CL -Published -Datastore 'WorkloadDatastore'

New-ContentLibraryItem -ContentLibrary {Your_Content_Library} -Name 'Ubuntu-21_Desktop' -Files @("C:\Lab_Files\OVAs\Ubuntu-OVF\Ubuntu21-DT.mf", "C:\Lab_Files\OVAs\Ubuntu-OVF\Ubuntu21-DT.ovf", "C:\Lab_Files\OVAs\Ubuntu-OVF\Ubuntu21-DT-1.vmdk", "C:\Lab_Files\OVAs\Ubuntu-OVF\Ubuntu21-DT-2.nvram") -ItemType 'ovf'
  1. Access your SDDC Console Browser tab, and log into your SDDC is required
  4. Copy and Record the Default vCenter Credentials Password
  6. Log into vCenter as:
    • cloudadmin@vmc.local
    • {Default_vCenter_User_Password} (Copied from step 7)
  7. Bookmark this page and save the cloudadmin username and password for quicker access to vCenter
  8. In the upper left-hand corner Click the Hamburger Menu (3 vertical lines)
  9. Click Content Libraries
  10. Click {Your Content Library} to inspect it
  11. Click Templates, then OVF & OVA Templates. Your Ubuntu Virtual Appliance should be present
  1. Type the following command to create a Virtual Machine Folder in the vCenter Inventory
New-Folder -name CloudProxies -Location (Get-Folder vm)
  1. Back in the browser window for vCenter, go to the VMs and Templates view to confirm that the folder appears.

We will now create a virtual machine from the Content Library

  1. Return to or launch PowerShell or Windows Terminal
  2. Type the following commands, first to create the Virtual Machine, then to Power it

Please wait for the 1st command to complete before running the 2nd command (Start-VM). Also, when prompted to confirm the VM power-on operation type Y

Get-ContentLibraryItem -Name Ubuntu-21_Desktop | New-VM -name Ubuntu-DT -Location 'Workloads' -ResourcePool 'Compute-ResourcePool'

Start-VM -VM 'Ubuntu-DT' -Confirm -RunAsync
  1. Back in the browser window for vCenter, confirm that the "Ubuntu-DT" VM deployed successfully and is powered-on

In Multi-Cloud scenarios, it is not uncommon to have multiple SDDC and Multiple vSphere clusters running across VMC on AWS, Azure VMware Solution, Google Cloud VMware Engine, IBM Cloud, just to name a few. The challenge however is to ensure each environment has a standardized inventory hierarchy, the required golden templates and virtual appliances needed to deploy workloads, customization specifications, and even the appropriate RBAC to control user access. In all these cases, standard PowerCLI commands (the same as those used on-premises) can be used to standardize these cloud-based vSphere environments.


Task 3 - Using the VMware.VMC PowerShell Module

VMware.VMC is a PowerShell Module for Managing VMware Cloud on AWS. Using this module you can do the following:

  1. Retrieve your AWS Account & VPC Information
  2. Connect to VMware Cloud
  3. Retrieve your VMC on AWS Organization Information
  4. Create and Manage SDDCs
  5. Create & Manage SDDC Clusters
  6. etc...

To use this module you must 1st generate an API Key. API Tokens are used to authenticate when authorized API connections are instantiated. Previously called an OAuth Refresh token, an API token is exchanged for an access token and authorizes access per organization. API tokens are generated from the account page in Cloud Services Console or through the VMware Cloud Services.

In this lab task you will do the following:

  1. Generate an API Token
  2. Retrieve your VMC on AWS Organization, SDDC and Cluster Information
  1. From your Virtual Desktop,  go to your SDDC Console https://vmc.vmware.com/console/sddcs
    and Login if required.

NOTE: Login steps can be found in steps 2 through 6 of Task 1

  1. In the Upper right-hand corner Click the {Username/Org} Dropdown
  2. Click My Account
  1. Click the API Tokens Tab
  3. Select the following Options and Value(s):
    • Token Name: {Your_Student_Acct}_API_Token (I.E. VMCExpert3-31_API_Token)
    • Organization Roles: Organization Owner
    • Service Roles: 
      • VMware Cloud on AWS
      • VMware vRealize Log Insight Cloud
      • VMware vRealize Network Insight
      • VMware vRealize Operations Cloud 
      • VMware Cloud Assembly
      • VMware Code Stream
      • VMware Service Broker
  4. Click GENERATE
  5. Click COPY
  6. Click CONTINUE
  1. Open Notepad, Paste in the API Key and save the file on the desktop

Make sure to save this refresh token in a safe place to be used in the next section when using API’s in Postman.

Now let’s attach to the VMC server, input the command below and append the refresh token after the -refreshtoken parameter

  1. From the Virtual desktop Launch Powershell or Windows Terminal, if neither is no longer open
  2. Type the following command in the PowerShell or Windows Terminal Window
Connect-VMC -RefreshToken {"Your_API_Token_From_Step_7"}
  1. Type the following commands in the PowerShell or Windows Terminal Window

Get-VMCOrganization -Name {Your_VMC_Organization_Name}


Get-VMCSDDCDefaultCredential -Org {Your_VMC_Organization}
Task 4 - Work with the VMC on AWS REST APIs

The VMC on AWS APIs allows you to Build, Automate and Manage your Software Defined Data Centers (SDDCs) running on VMware Cloud on Amazon Web Services 

The VMware Cloud on AWS APIs are organized around REST (“Representational State Transfer”) operations for performing create, retrieve, update and delete operations on VMware Cloud on AWS resources. For ease of use and security, REST builds on the standard web protocols HTTP and HTTPS, using the normal network ports 80 and 443, which are both open in most data centers, and uses standard HTTP response codes and verbs.

As a Cloud Service VMware Cloud on AWS APIs are not publicly available and require an API Token for programmatic use. You will need a VMware Cloud Services account to generate an API Token which you will use to programmatically call APIs from your programming language of choice.

In this task we will be using the VMware Cloud on AWS REST API to get some basic information about your VMware Cloud on AWS Organization and SDDC deployment. To do this we will be using the new Developer Center feature in VMware Cloud on AWS. This was built specifically to focus on using APIs and scripts to create SDDCs, add and remove hosts, plus connect to and use the full vCenter API set. To get started, let go back to your VMC environment.

  1. From your Virtual Desktop, launch the Web Browser (Google Chrome Preferred)
    and go https://vmc.vmware.com/console/sddcs if  prompted
  2. If your Browser window is still logged in from Task 3, click Services, then VMware Cloud on AWS. If not, you can skip this step
  3. Click Developer Center
  4. Click Code Samples
  5. Type Powershell in the Search Textbox
  6. Click on Download in the “PowerCLI - VMC Example Script” Tile
  1. After the Download Completes, Click on the File and Extract its Content
  2. In the extracted folder navigate to PowerCLI-Example-Scripts-master\Scripts\VMware_Cloud_on_AWS
  3. Right-Click the VMC Example Script File and Click Edit

This will open the PowerShell ISE environment. Now you can see the PowerShell commands you used in the previous task as well as other commands you can use with your SDDC. Review the commands and close the PowerShell ISE windows

  1. In the SDDC Console browser window, click on the API Explorer tab
  2. In the SDDC Drop-Down, Select your SDDC (I.E. VMCExpert3-31)
  3. Expand the VMware VMware Cloud on AWS Menu,  Click General
  4. Under API Category expand orgs
  5. Click Execute, Yous VMC Organization(s) will be displayed
  1. Expand the Response for your Organization and Inspect the output
  2. Take not of and save the organization ID
  1. Scroll down and expand sddc
  2. Expand GET    /orgs{org}/sddcs
  3. Confirm that the correct org id is displayed in the org field, if not, please input the correct ID
  4. Click Execute
  1. Review the Response Output


Organizations must decide on a cloud strategy that meets the needs of their business, whether that is hybrid cloud and/or multi-cloud. Hybrid cloud is defined as the use of private cloud, and public cloud platforms to provide a flexible mix of cloud computing services, allowing for consistent infrastructure, simplified workload migration and placement. Multi-cloud, by comparison, is defined as the use of two or more public cloud providers with or without any existing private cloud infrastructure. Multi-cloud is an emerging strategy employed by organizations that need to meet specific technical requirements and business outcomes by leveraging services across multiple cloud providers simultaneously. Organizations adopt this approach when faced with a scenario where no one cloud platform is able to meet all their technical requirements or deliver all the necessary outcomes for the business. This often occurs through mergers and acquisitions (M&A), where businesses find themselves with application, operational and financial ownership across clouds that may not align with their initial cloud strategy. This model affords organizations the flexibility, choice, and unique opportunity to be intentional about their approach to infrastructure and application modernization (e.g., refactor/build, replatform, rehost/migrate, retain, or retire)

  • Refactor / Build involves changing the application at the source code level. Typically, applications are re-written to take advantage of cloud micro-services architecture and to incorporate new services such as IoT, machine learning, and others.
  • Replatform involves changing the operating system, such as going from Windows to Linux, modifying the application middleware, such as going from a self-managed database to a cloud provider managed database or from a virtual machine to a container image.
  • Rehost / Migrate involves either changing the hypervisor. (e.g., migrate applications from one virtualized environment to another) which is known as Rehost or moving an application without changing the underlying hypervisor or application at a source code level (e.g., migrate VMs from one virtualized environment to another without requiring changes) which is known as Relocate.
  • Retain means leaving workloads in a private cloud environment
  • Retire means decommissioning workloads and/or converting to SaaS

For most organizations, the need for a multi-cloud strategy is rapidly becoming an inevitability. Considerations for multi-cloud are not limited to just technical decisions. Service level agreements (SLAs) and service level objectives (SLOs), instance types or node specifications, region/availability zone (AZ) placement, storage, and network performance characteristics are important factors, but do not stand alone. Business considerations such as existing commercial agreements, regulatory compliance requirements, organizational culture and cloud perception, skills availability, and many others are also critical concepts to weigh in when building out a complete multi-cloud strategy. The VMware Multi-Cloud Management Framework provides cross-cloud/cross platform tools for system-wide management.


Add your comment

E-Mail me when someone replies to this comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.