Change password rotation to a custom value, in SDDC manager, via Developer center
Article ID: 370275
Updated On:
Products
Issue/Introduction
Password rotation for components is documented in VMware Cloud Foundation 5.2 Administration Guide.
Default values, as per the aforementioned documentation are:
You can set the password rotation interval (30 days, 60 days, or 90 days). You can also deactivate the schedule.
This document outline how to set a custom rotation interval value.
Resolution
Before proceeding, a snapshot of the SDDC Manager is required.
- In The SDDC Manager UI Navigate to Developer center -> filter for "passwords" -> APIs for managing Credentials -> select PATCH /v1/credentials
- Using the example below, modify the "frequencyInDays" to set a custom rotation interval value.
{ "operationType" : "UPDATE_AUTO_ROTATE_POLICY", "elements" : [ { "resourceName" : "FQDN", "resourceType" : "VCENTER", "credentials" : [ { "credentialType" : "SSH", "username" : "root" } ] } ], "autoRotatePolicy" : { "frequencyInDays" : "5",
"enableAutoRotatePolicy": true } }
Note: The detailed information on the API below
{
"operationType" : "UPDATE_AUTO_ROTATE_POLICY", < this is the value in question, other options include "UPDATE, ROTATE, REMEDIATE, UPDATE_AUTO_ROTATE_POLICY"
"elements" : [ {
"resourceName" : "<FQDN of Component>", < for what component we change the password
"resourceType" : "<NSXT_MANAGER used as example>", < other options include "ESXI, VCENTER, PSC, NSX_MANAGER, NSX_CONTROLLER, NSX_EDGE, NSXT_MANAGER, NSXT_EDGE, VRLI, VROPS, VRA, WSA, VRSLCM, VXRAIL_MANAGER, BACKUP"
"credentials" : [ {
"credentialType" : "SSH",
"username" : "<root or admin or audit>" < MANDATORY
} ]
} ],
"autoRotatePolicy" : {
"frequencyInDays" : "<number of days>", < MANDATORY - set to a specific number of days - e.g. 5 days
"enableAutoRotatePolicy": true < MANDATORY - Value are true or false
}
}
Feedback
