Sorting bits into bytes...

vSAN Policy in vROps (vSAN2vROps) Script

## Introduction

Managing and monitoring virtual environments in VMware vSphere can be a challenging task for VMware administrators. One of the critical aspects of maintaining these environments is managing Storage Policy-Based Management (SPBM) in VMware vSAN. As configurations change over time, it becomes essential to track these changes to ensure consistent performance and efficiency.

In this blog, we will introduce the `vSAN2vROps` script, developed by Kabir Ali, a valuable tool for VMware administrators using vSAN and vRealize Operations (vROps). This script enables administrators to keep track of changes made to vSAN Storage Policies and update them in vROps, ensuring alignment between the two systems.

## What is vSAN2vROps?

The `vSAN2vROps` script is a PowerShell-based utility designed to synchronize vSAN Storage Policies with vRealize Operations (vROps). It allows VMware administrators to detect any discrepancies between the vSAN Storage Policies configured in the vCenter Server and those present in vROps. By keeping these policies in sync, administrators can have a clearer view of their storage configurations and proactively address any inconsistencies.

## Key Features

1. **Automatic Policy Tracking**: The script scans the vCenter Server for virtual machines and their associated vSAN Storage Policies, comparing them with the information stored in vROps. This automated process ensures real-time visibility into any policy changes.

2. **vROps API Integration**: The script leverages the vROps API to fetch information about VMs and their corresponding vSAN Storage Policies. The API integration enhances the accuracy and efficiency of data retrieval.

3. **Timestamped Metrics**: The script adds timestamps to the vSAN Storage Policy metrics in vROps, enabling historical tracking of changes and facilitating troubleshooting.

4. **Ease of Use**: VMware administrators can run the script via PowerShell with straightforward parameters, making it accessible to both experienced and novice users.

## Script Usage

To use the `vSAN2vROps` script, simply run it from PowerShell and provide the following mandatory parameters:

– **vCenter**: The address of the vCenter Server.
– **vCenter_User**: The vCenter Server username.
– **vCenter_Pass**: The vCenter Server password.
– **vROpsServer**: The address of the vROps Server.
– **vROps_User**: The vROps username.
– **vROps_Pass**: The vROps password.

## Why Every VMware Admin Should Use vSAN2vROps

As a VMware administrator, you might wonder why the `vSAN2vROps` script is a valuable addition to your toolset. Here are some compelling reasons:

1. **Policy Consistency**: Maintaining consistent vSAN Storage Policies across vCenter and vROps is crucial for optimal performance and resource allocation. The script automates this process, minimizing the risk of manual errors.

2. **Real-time Tracking**: With the script’s ability to update vROps with timestamped metrics, administrators can track policy changes as they happen, ensuring transparency and accountability.

3. **Proactive Troubleshooting**: Identifying and rectifying policy discrepancies promptly can prevent potential performance issues and improve the overall health of the virtual environment.

4. **Simplified Auditing**: The timestamped metrics generated by the script facilitate auditing processes, making it easier to comply with security and governance requirements.

5. **Efficient Resource Allocation**: Accurate policy tracking allows administrators to make informed decisions about resource allocation based on the specific requirements of VMs.

## Script Development and Version Updates

Kabir Ali is the author of the `vSAN2vROps` script, demonstrating the commitment to enhancing the VMware administrator’s experience. The script’s first version (0.1) was released on May 24, 2023.

## Conclusion

The `vSAN2vROps` script is a powerful utility that brings a higher level of efficiency and control to VMware administrators responsible for managing vSAN Storage Policies. By automating the synchronization between vCenter and vROps, the script empowers administrators to maintain a consistent storage policy landscape, optimize resource allocation, and proactively address potential issues.

To benefit from the enhanced visibility and efficiency offered by `vSAN2vROps`, download and integrate it into your VMware vSphere environment today.

*Disclaimer: Always test new scripts in a non-production environment before deploying them to your production systems.*

Thank you for reading, and feel free to reach out to Kabir Ali at for feedback or further inquiries.


Author: Kabir Ali -
Scriptname: vSAN Policy in vROps (vSAN2vROps)
Version: 1.0 (Tested)
Date: May 24 2023
Why: Because there is a need to track changes made to the SPBM

Version updates:
1.0 - May/24/2023 - First release

.\vSAN2vROps.ps1 -vCenter "vCenter@local.domain" -vCenter_User "administrator@vsphere.local" -vCenter_Pass "VMware123!" -vROpsServer "vrops01@local.domain" -vROps_User "admin" -vROps_Pass "VMware1!"

Param (
    [Parameter(Mandatory = $true)][string]$vCenter,
    [Parameter(Mandatory = $true)][string]$vCenter_User,
    [Parameter(Mandatory = $true)][string]$vCenter_Pass,
    [Parameter(Mandatory = $true)][string]$vROpsServer,
    [Parameter(Mandatory = $true)][string]$vROps_User,
    [Parameter(Mandatory = $true)][string]$vROps_Pass

# Functions are required
function ConvertTo-UnixTimestamp {
    $epoch = Get-Date -Year 1970 -Month 1 -Day 1 -Hour 0 -Minute 0 -Second 0    
     $input | % {        
        $milliSeconds = [math]::truncate($_.ToUniversalTime().Subtract($epoch).TotalMilliSeconds)
        Write-Output $milliSeconds
function Get-TimeStamp {
    return "[{0:MM/dd/yy} {0:HH:mm:ss}]" -f (Get-Date)

# Function to find the VM ID based on VM name
function Get-VMID ($Current_VM) {
    $VMNameURI = $vROpsURL+"resources?resourceKind=virtualmachine&name="+$Current_VM
    $VM_ID_vROps = (Invoke-RestMethod -Method GET -Uri $VMNameURI -Headers $vROpsSessionHeader -ContentType $Type).resourceList.identifier
    if ($VM_ID_vROps.Count -ne 1) {
        $resourceState = (Invoke-RestMethod -Method GET -Uri $VMNameURI -Headers $vROpsSessionHeader -ContentType $Type).resourceList
        $VM_ID_vROps = ($resourceState | where {$_.resourceHealth -ne "GREY"}).identifier | Select-Object -First 1
    return $VM_ID_vROps

# Function to get vSAN metric of VM
function Get-VP-Metric ($VM_ID, $VM_vDisk) {
    $VM_ID_URI = $vROpsURL+"resources/properties?resourceId="+$VM_ID
    $Metric_output = ((Invoke-RestMethod -Method GET -Uri $VM_ID_URI -ContentType $Type -Headers $vROpsSessionHeader) | where {$_ -like "*vSAN|vSAN Policy|$VM_vDisk*"}).value
    return $Metric_output

# Function to update vROps
function Update-Metric ($VM_ID, $VM_vDisk, $vSAN_Policy) {
    $EpochTimeNow = (Get-Date | ConvertTo-UnixTimestamp)
    $jsonbody = '
            "property-content": [{
                "statKey": "vSAN|vSAN Policy|'+$VM_vDisk+'",
                "timestamps": ['+$EpochTimeNow+'],
                "values": ["'+$vSAN_Policy+'"]
    $Update_vROps_URI = $vROpsURL+"resources/"+$VM_ID+"/properties"
    Invoke-RestMethod -Method POST -Body $jsonbody -Uri $Update_vROps_URI -TimeoutSec 100 -Headers $vROpsSessionHeader -ContentType $Type | out-null

# Connect vCenter
try {
    Connect-VIServer -Server $vCenter -User $vCenter_User -Password $vCenter_Pass  -ErrorAction Stop

Catch {
    Write-Warning -Message "Error: Failed to connect to the vCenter: $($vCenter). Stopping script."

# Building vROps API string & invoking REST API
$vROpsURL = "https://" + $vROpsServer + "/suite-api/api/"
$vROpsAuthURL = "https://" + $vROpsServer + "/suite-api/api/auth/token/acquire"
$Type = "application/json"
# Creating JSON for Auth Body
$AuthJSON =
  ""username"": ""$vROps_User"",
  ""password"": ""$vROps_Pass""
# Authenticating with API
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Try {
    $vROpsSessionResponse = Invoke-RestMethod -Method POST -Uri $vROpsAuthURL -Body $AuthJSON -ContentType $Type
Catch {
    $error[0] | Format-List -Force
    Write-Output "Error: Failed to connect to the vROps: $($vROpsServer). Stopping script."
# Extracting the session ID from the response
$vROpsSessionHeader = @{"Authorization"="vRealizeOpsToken "+$vROpsSessionResponse.'auth-token'.token

# Get VMs from vCenter
$VMs = get-vm -Server $vCenter

# Loop VM list
[array]$VM_Disks = @()
foreach ($VM_Name in $VMs) {
    # Get polciy of every vDisk of the VM
    foreach ($disks in (Get-SpbmEntityConfiguration -HardDisk (Get-HardDisk -VM $VM_name))) {
        $VM_Disks += New-Object PSObject -Property @{
            "Hard Disk" = $
            "Storage Policy" = $disks.StoragePolicy
            "VM Name" = $

# Loop VM list
foreach ($VM in $VM_Disks) {
    # Generate output
    Write-Output "Working on VM: $($VM.'VM Name') and disk: $($VM.'Hard Disk')"
    # Use function to get the ID from vROps for the current VM
    $VM_ID = Get-VMID -Current_VM $VM.'VM Name'
    # Current vSAN policy of the VM
    $vSAN_Policy = $VM.'Storage Policy'.Name
    # Get vDisk of VM
    $VM_vDisk = $VM.'Hard Disk'
    # Use function to lookup vSAN Policy in vROps of the current VM
    $Current_Policy = Get-VP-Metric -VM_ID $VM_ID -VM_vDisk $VM_vDisk
    # Update vROps if the vSAN Policy found in vCenter does not match vROps vSAN Policy
    if ($Current_Policy -eq $vSAN_Policy) {
    else {
        write-output "Updating metric in vROps for VM: $($VM.'VM Name')"
        Update-Metric -VM_ID $VM_ID -VM_vDisk $VM_vDisk -vSAN_Policy $vSAN_Policy

# Release vROps token
Write-Output "All done. Releasing vROps API token and disconnecting vCenter."
Invoke-RestMethod -Method POST -Uri https://$vROpsServer/suite-api/api/auth/token/release -Headers $vROpsSessionHeader -ContentType $Type

# Disconnect vCenter
Disconnect-VIServer -Server * -Confirm:$false


Leave a Reply