VMware Skyline – An Adventure with API and PowerBI – Part 1
Introduction
I’ve known about the VMware Skyline API capabilities since they were released in December 2021 but never really had an opportunity to look into them and a use for them. As I write this, I feel that I should clarify that I am a VMware employee and my use of VMware Skyline is to assist my customers to help avoid issues within their environments by focusing on rectifying the proactive findings that Skyline generates for them.
As of writing this, there is the public facing Skyline Advisor Pro site designed for customer use with a similar internal Skyline Viewer site for relevant VMware staff to assist their customers. The API capabilities are only made available through the Skyline Advisor Pro site, and therefore access and usability of these capabilities as a VMware staff member have been limited.
As additional background information, I have not really used any API capabilities myself in earnest before, so this has been a real adventure learning a little about APIs, the Skyline APIs and a potential use within PowerBI. I was also surprised to see that there was actually very little mentioned across the web of how to utilise PowerBI to connect to APIs in general and especially with regards to utilising a changing bearer token when you need to access the APIs for an update, but we’ll come to that later. I will try to provide references to sources that have helped through this journey but I apologise if I have missed anyone.
Part 2 of this series can be found here:
https://www.virtualworlduk.co.uk/wordp/2023/10/13/vmware-skyline-an-adventure-with-api-and-powerbi-part-2/
Part 3 of this series can be found here:
https://www.virtualworlduk.co.uk/wordp/2023/10/19/vmware-skyline-an-adventure-with-api-and-powerbi-part-3/
The Goal
The goal of this little adventure was to try to find a repeatable method to connect PowerBI to the VMware Skyline APIs to extract useful information on current findings related to the customer that could then be manipulated within PowerBI to provide useful information and summaries… almost filling some of the reporting gaps within Skyline.
Just for clarification, this blog series will focus on the journey from Skyline APIs to PowerBI and I hope that this will form a starting point for others to utilise to create useful reports within PowerBI where they manipulate the available data and then share the results with the world.
Getting Started
Rather than reinventing the wheel with regards to getting started with enabling the API User role within Skyline and generating the API token etc., I would refer you to the information created by Sonny Nguyen here: https://blogs.vmware.com/kb/2021/12/skyline-insights-api-getting-started.html
The basics
If you have followed the instructions provided by Sonny in the link above, then you should have given yourself the API User role and generated your API token. Your API token is similar to your username, when you run the correct command with your API token to the Skyline environment, you’ll be provided with a time sensitive access token… similar to a two-factor authentication code.
This means that although your API token won’t change (unless you need to reset it), your access token will change on a frequent basis. The result of the access token changing on a frequent basis is that quite often you would need to generate a new access token each time you wished to refresh any exported data. The fact that this access token changes frequently is one of the challenges we need to overcome as part of the PowerBI report. We cannot use a static value for the access token within the report, as the access token value changes… but we’ll tackle that later.
Testing Access Token Creation - outside of PowerBI
We’ll use the following method to create the access token and then test that the Access Token is created correctly.
There are a couple of methods of using Curl on a Windows machine. The Curl commands that Sonny listed on his blog post could be used with the Curl command line for windows or by using Postman. To keep things simple, I have preferred to use the Curl command line interface in Windows, from the command prompt. To install Curl, I would suggest following the instructions here:https://www.thewindowsclub.com/how-to-install-curl-on-windows-10
Once the Curl command line has been downloaded and installed, we can use the Curl commands that Sonny provided to generate the access token.
Open up a command prompt and paste the following code into it, remembering to replace the ‘YOUR-API-TOKEN’ with the API token you generated earlier in Skyline.
curl -s -X POST https://console.cloud.vmware.com/csp/gateway/am/api/auth/api-tokens/authorize?grant_type=refresh_token \
--header 'Accept: application/json' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode "refresh_token=YOUR-API-TOKEN" | jq -r .access_tokenIf you press return after entering the code, you should see a response similar to below:
As you may understand, the access_token that is generated appears directly under the command that we just entered. I have blocked out the majority of the access_token as this is sensitive data but the access_token is multiple lines in length and needs to be copied in its entirety into the next section.
As you will remember this access token is time sensitive, and therefore you will need to perform the next action quickly after creating the access token to avoid it expiring before being able to use it.
If you remember from the previous blog post you would go to the Insights APIs part of Skyline Advisor and then click the ‘View API Explorer’ button to start up the GraphiQL site where we can test the token.
The following code is the code that Sonny provided and is best to test this using the GraphiQL interface from within Skyline Advisor Pro.
Remember to replace the ‘YOUR-ACCESS-TOKEN’ section with your access token generated earlier.
curl -s -X POST https://skyline.vmware.com/public/api/data -H "Authorization: Bearer YOUR-ACCESS-TOKEN" -H 'Content-Type: application/json' -d '{"query": "
{
activeFindings(
start: 0
limit: 1
orderBy: { field: OBJECTS_COUNT, order: ASC }
) {
findings {
findingId
kbLinkURLs
affectedObjects {
objects {
sourceName
objectName
}
}
}
}
}
"}' | jq .
}Hopefully at this point everything has been tested and you have seen a list of responses from the previous command.
In the next part of this blog series we’ll look at building the first part of the PowerBI report. When testing the data collection part of the PowerBI report we’ll be manually adding in the access_token value, we’ll try to auto-generate the access_token in a later part of the series.