If you do not have access to Pure1, or you want to customize the FlashArray connections as added, you can manually authenticate each FlashArray or Cloud Block Store storage platform. To do so, navigate to the Import FlashArray certificate from URL workflow under Library > Everpure > FlashArray Connection Management. Right-click and choose Start workflow:
Enter in the FQDN of the FlashArray management address and choose whether or not to accept an untrusted certificate. Click Submit.
Now right-click on the workflow Add FlashArray Connection and choose Start workflow.
Enter in the following pieces of information:
- Name. This is a friendly name and can be anything.
- IP/FQDN. Enter in whatever you entered when adding the certificate.
- REST API version. If you have added the certificate, the workflow will pull all available REST API versions and will choose the latest available on on that array. If this list does not show up (make sure autopopulate is set to yes), it means either the certificate was not loaded, or the IP/FQDN was entered incorrectly.
- Credentials. Enter in a user name and password.
The vRO Plugin does not yet support REST API version 2.x on the FlashArray so those versions are filtered out. Support for that will be in a future release.
Click Submit to add the FlashArray.
Once added it will appear in the vRO inventory. Navigate to the inventory tab, then click on Everpure. A FlashArray will be added to the Pure1 organization owning it if the Pure1 organization is authenticated in vRO. If it is not, it will be added to the default group called Uncategorized. Both FlashArrays and Cloud Block Storage connections will appear under the FlashArray Connection folder.
Permission Requirements of a FlashArray Connection
A FlashArray or Cloud Block Store supports a variety of permission levels:
While vRO does not require a certain level, the higher level credentials you provide, the more you can do with the plugin. If you plan on orchestrating array configuration or pod creation/management, you will need array admin permissions. If you plan to only configure and provision storage, storage admin will suffice.
It is recommended, however, to create a local service account (or through LDAP/active directory) to authenticate the plugin.