Identifying the users, roles and their privileges in Telco Cloud Automation from the database

search cancel

Identifying the users, roles and their privileges in Telco Cloud Automation from the database

book

Article ID: 399994

calendar_today

Updated On:

Products

VMware Telco Cloud Automation

Issue/Introduction

Procedure to fetch user accounts that have access to Telco Cloud Automation from postgres database

Environment

Telco Cloud Automation 3.X

Resolution

A) SSH to TCA Manager VM using admin account

debug-tca-cluster
wait for 15 seconds
debug-tca
select options on prompt to 'Connect to Postgres'
Connecting to Postgres pod postgres-0 in namespace tca-mgr
kubectl exec -it -n tca-mgr -c pg-container postgres-0 -- /bin/bash -c psql -U tca_admin -d tca

B) SSH to TCA Manager VM using admin account

kubectl exec -it postgres-0 -n tca-mgr -- psql -d tca -U tca_admin -h localhost

1. tca=> select val ->> 'name' as name, val ->> 'roleId' as roleid, val -> 'usersAndGroups' as userandgroups from "RbacPermissions";

[ RECORD 1 ]-+-------------------------------------
name | Tcf Admin Permission
roleid | 0f19a136-60ac-40a6-bc17-2798161873e3
userandgroups | ["admin"]
-[ RECORD 2 ]-+-------------------------------------
name | System Admin Permission
roleid | edf27bb9-d3de-4737-8c25-0bece2d591ad
userandgroups | ["vsphere.telco.com\\administrator"]

2. tca=> select * from "ApplianceConfig";

id | 4
val | {"config": {"url": "https://vc.telco.com", "UUID": "3b8a4515-6138-476c-ae71-6c58d9cd18f0", "name": "resvcenter.telco.com", "osType": "linux-x64", "vcuuid": "70330d35-6e45-4cb2-8834-732886920afc", "version": "8.0.3.24022515", "password": "7RoDqujPdAkJIcTpJer2d+QB1Nw9QOp6xCMvjoVr/Qg=", "userName": "[email protected]", "buildNumber": "24022515"}, "section": "vcenter", "isDeleted": false, "enterprise": "HybridityAdmin", "creationUser": "HybridityAdmin", "organization": "HybridityAdmin", "lastUpdateUser": "HybridityAdmin", "creationTenantId": "default", "creationEnterprise": "HybridityAdmin", "creationOrganization": "HybridityAdmin", "lastUpdateEnterprise": "HybridityAdmin", "lastUpdateOrganization": "HybridityAdmin"}
creationDate | 2025-02-16 13:19:17.464657
lastUpdated | 2025-05-19 10:21:15.684723

3. tca=> select val -> 'interfaceInfo' ->> 'url' as url, val -> 'accessInfo' ->> 'username' as username from "Extension" where val ->> 'extensionSubtype' = 'Harbor';

-[ RECORD 1 ]-------------------------
url | https://harbor.telco.com
username | admin
-[ RECORD 2 ]-------------------------
url | https://harborcnf.telco.com
username | admin

C) SSH to Harbor VM using root account

docker exec -it harbor-db /bin/bash
postgres [ / ]$ psql -d registry
psql (15.10)
Type "help" for help.

registry=# select username,realname from harbor_user;
username | realname
-----------+----------------
anonymous | anonymous user
admin | system admin
test | test account
(3 rows)

Additional Information

More details on Telco Cloud Automation Privileges and Roles

Feedback

thumb_up Yes

thumb_down No