5.6
Table Of Contents
- vCloud Air Platform Programmer's Guide
- Contents
- About this Programmer's Guide
- About the vCloud Air Platform APIs
- The VMware APIs for Cloud Automation
- XML Namespace Identifiers
- Overview of Object Types
- Link Relationships in the Object Types
- API Versioning
- Roles for the APIs for Cloud Automation
- Authentication and Authorization
- vCloud Air Platform APIs Schema Reference
- Java Code Samples for Cloud Automation
- About the Examples in this Programmer's Guide
- Hello vCloud Air : A RESTful Workflow
- Index
Additionally, the combination of the vCloud Air Platform APIs and the vCloud API require that a client
obtain the version of the vCloud instance and its API version. Specifically, the client must obtain which
version of vCloud is supported by a given vCloud instance. vCloud Air might be deployed with more than
one version of the vCloud instance.
vCloud Air can support multiple versions of the vCloud instance. A client can access the vCloud instance
deployed with vCloud Air regardless of its version. When a client sends a GET Compute request, the client
receives a response containing a VCloudSession element, which includes a VdcRef reference. The VdcRef
reference includes an href to the virtual data center.
Roles for the APIs for Cloud Automation
vCloud Air includes predefined roles. Each of these roles includes a set of default rights.
For information about the rights available for each predefined role invCloud Air, see User Privileges by
Role.
The following roles have access to the vCloud Air Platform API:
n
Virtual infrastructure administrator – allows management of virtual data centers, virtual machines, and
backup settings
n
Read-Only administrator – read access to all administration objects
n
End User role – read write access
These vCloud Air roles map the following roles in vCloud API as follows:
Table 1‑2. vCloud Air Roles Mapped to vCloud API Roles
vCloud Air vCloud API – Dedicated Cloud vCloud API – Virtual Private Cloud
Virtual Infrastructure Administrator Dedicated VPC Administrator VPC Administrator
Read-Only Administrator Read-Only VPC Administrator Read-Only VPC Administrator
End User VPC User VPC User
Each of the vCloud API roles—Dedicated VPC Administrator, Read-Only VPC Administrator, and VPC
User—provide access to vCloud functionality. See the following VMware Knowledgebase article for the
access list for each of the vCloud API roles:
Understanding user roles within VMware vCloud Air (2053484)
Authentication and Authorization
Users authenticate with vCloud Air by supplying credentials established when the vCloud Air user was
created. User credentials are authenticated by the identity management system for vCloud Air.
Authenticating with vCloud Air returns a vCloud Air authorization token that the client can use to receive
an authorization token from vCloud. The client only needs to present authentication credentials once to
access each functional boundary (vCloud Air and vCloud) surfaced by the API.
Authentication with vCloud Air
HTTP communications between a vCloud Air client and server are secured with SSL. vCloud Air
implements Basic HTTP authentication, as defined by RFC 2617, which enables a client to authenticate by
including an Authorization header in the request. The Authorization header contains the basic credentials
in Base64 encoding containing a user name and password.
The authentication for this exchange uses the following format:
Chapter 1 About the vCloud Air Platform APIs
VMware, Inc. 11