In my role at the current organization, I have been in charge of the deployment of the VMware Aria Suite, formerly known as “vRealize”. This suite is particularly beneficial for environments that heavily depend on VMware. A key component of this suite is Aria Automation. This tool is renowned for its cloud-agnostic VM provisioning capabilities, utilizing Infrastructure-as-Code principles through YAML blueprint templates. This enables users to effortlessly create VMs on-demand through a self-service catalog. Complementing Aria Automation is Aria Orchestrator, which facilitates various workflows to optimize the VM build process.

Advantages of Aria Automation

Stepping Stone to IaC

Despite the existence of more popular tools like Terraform, Aria Automation stands out for its simplicity and accessibility, especially for organizations transitioning to Infrastructure-as-Code methodologies. It’s ideal for companies that still rely on manual, step-by-step instructions for VM builds, documented in formats like Word. Aria Automation’s user-friendly graphical schema interface requires minimal coding knowledge, making it an attractive choice for businesses with existing VMware licenses and no automated VM build workflows.

Integration with Orchestrator

When the Aria Automation Event Broker reports on each step of the provisioning process, Orchestrator can be triggered at any of these steps via Subscriptions. Within Aria Automation itself, you are limited to using cloud-init for post-provision setup, but various Orchestrator workflows and actions can rep by taking advantage of existing scripts and working with third-party solutions, like ones for IPAM to automatically assign an address and update the IPAM. These actions can also populate the drop-down fields of values in the Aria Automation catalog forms, so that instead of needing to manually input, for example, all of the distributed port groups in your environment: an Orchestrator action can retrieve all of them on the fly when a user loads the form.

Challenges with Aria Automation

Inadequate Documentation

One major drawback of Aria Automation and Aria Orchestrator is VMware’s underwhelming documentation. The official guides are superficial and lack comprehensive details and practical examples. This gap in information forced me to rely on outdated blog posts for understanding and implementing the provisioning workflow, including the interplay between Aria Automation and Aria Orchestrator. This inadequacy in guidance has led many businesses to seek VMware’s Professional Services, rather than attempting in-house implementation.

User Account Control (UAC) Limitations

A significant challenge I encountered was related to the “Run process in Guest OS” workflow. This workflow is useful for executing Batch or PowerShell scripts but requires actions within these scripts to be non-interactive, avoiding any User Account Control (UAC) prompts. Although there is an option to set up an interactive session, it’s only effective if the user account used by Orchestrator is already logged into the machine graphically. This requirement is impractical for fully automating setup procedures. I particularly found this limitation hindering when installing multiple security agents that needed elevated execution privileges.