Afaik, you can only do this via the CLI through a SSH session.
I use the Posh-SSH module to have SSH functionality.
I get the credentials for the VAMI REST API and the VAMI SSH access via the VICredentialStore, which I use as a credentials repository.
$vamiHostName = 'vcsa.mylocal.lab'
$vamiStoreName = 'vami'
$cmd = @'
shell
chage -l root
'@
# Get the VAMI REST API credentials
$vamiSSOStore = Get-VICredentialStoreItem -Host $vamiHostName
$secPswd = ConvertTo-SecureString $vamiSSOStore.Password -AsPlainText -Force
$vamiSSOCred = New-Object System.Management.Automation.PSCredential ($vamiSSOStore.User, $secPswd)
# Get the VAMI SSH credentials
$vamiStore = Get-VICredentialStoreItem -Host $vamiStoreName
$secPswd = ConvertTo-SecureString $vamiStore.Password -AsPlainText -Force
$vamiCred = New-Object System.Management.Automation.PSCredential ($vamiStore.User, $secPswd)
# Check if SSH is enabled
Connect-CisServer -Server $vamiHostName -Credential $vamiSSOCred | Out-Null
$sshService = Get-CisService -Name com.vmware.appliance.access.ssh
$sshEnabled = $sshService.get()
Disconnect-CisServer -Server $vamiHostName -Confirm:$false
# Fetch the password expiration settings
if($sshEnabled){
$session = New-SSHSession -ComputerName $vamiHostName -Credential $vamiCred –AcceptKey
$result = Invoke-SSHCommand -SSHSession $session -Command $cmd
Remove-SSHSession -SSHSession $session | Out-Null
$result.Output
}
else{
Write-Output "SSH is not enabled"
}
The output is something like this