VMware Cloud on AWS is a unified Software Define Data Centre (SDDC) platform that integrates vSAN, VMware vSphere, and NSX virtualization technologies.
It is optimized to run on a very flexible, dedicated, bare-metal Amazon Web Services infrastructure and offers a variety of AWS services including functionalities, elasticity, and security. The vSphere allows administrators to operate their virtual machines just in a similar way they run their on-prem architecture and manage cloud resources with VMware tools that are familiar. VSAN acts as a storage platform and NSX used for all the networking functionalities. The cloud SDDC can function on its own, but most administrators prefer a Hybrid cloud technology. Hybrid a feature in VMware AWS allows on-prem and cloud vCentre instances to share data while maintaining separate administration platform. In this article, our primary focus is a pure cloud; Configuration of VMware cloud on AWS.

Components of VMware Cloud on AWS

Software-Defined Data Center (SDDC) consists of:

  • VMware vSphere ESXi runs on elastic bare metal the hosts are deployed in AWS
  • VMware vCenter Server Appliance
  • VMware NSX for vSphere for power networking
  • VMware vSAN aggregates storage based on hosts into a shared data store.
Components of VMware Cloud on AWS
Fig 1. Components of VMware Cloud on AWS

Why VMware cloud on AWS?

  • Enterprise-Grade Capabilities – It integrates VMware technologies from vSphere, NSX, Storage (vSAN) and optimizes to operate on next-generation, flexible, bare-metal AWS infrastructure besides optimization of access to AWS services. It also adopts a disaster protection and site recovery leveraging workload.
    Consistent and straightforward Operations – With simplified steps, it provides SDDC environments on AWS and allows administrators to use their standard VMware technologies to manage their AWS environment.
  • Flexible – Costs alignment with business needs allows flexible consumption options and investment protection.
  • Delivery as a Service from VMware – VMware is responsible for the patches and upgrade of the components, they also provide a single point of contact for support, and it supports all VM types.
  • Migration – Enhances easy migration of workloads from vSphere based workloads on-prem to VMware cloud on AWS. It reduces migration costs as well as uses VMware tools and skillset that accelerate cloud migration.
  • Disaster Recovery – Business continuity is delivered efficiently on-demand recovery as the service is available in VMware cloud on AWS.

Step by Step Configuration of VMware Cloud on AWS

Deploying A Software Defined Data Centre (SDDC)

Deploying SDDC to host your data center workload provides a simple control panel, with this you can manage securely your applications running on both private and public cloud. VMWare AWS Centralizes and provides clear visibility to your data center. When you deploy A SDDC, IN VMware AWS VMware creates and manages Virtual Private Cloud.

i. Sign in to your VMware Cloud Services, using your correct VMware credentials, then click Next.

VMware Cloud Services Login Page
Fig 2. VMware Cloud Services Login Page

ii. The below is the console landing page screen is displayed.

Fig 3. VMware Clouds Services Landing Page

iii. Click Open in VMware Cloud on AWS tab.

VMware Cloud on AWS
Fig 4. VMware Cloud on AWS

iv. The below page is displayed, Select Create SDDC.

Creating an SDDC Page
Fig 5. Creating an SDDC Page

v. The below page is displayed, connect to your AWS Account as a first step, Click Next.

vi. Select AWS account from the drop-down. Connect to an AWS account or existing account

vii. Open AWS Console select CloudFormation. A new page is displayed.

viii. Click Create Stack, acknowledge the message and click Create. Monitor progress from the console.

Connecting to AWS Account
Fig 6. Connecting to AWS Account

ix. Specify your SDDC Properties as below, specify AWS Region and SDDC Name, number of hosts, then click Next:

SDDC Properties
Fig 7. SDDC Properties

x. Configure your management Network. Define the CIDR range for the management network
Enter IP address Range in CIDR Block. Click Deploy SDDC.

Note: if you have plans to connect your SDDC to an on-prem data center the IP address should be different to avoid IP conflict. Maximum host SDDC can have is dependent on the size of the CIDR block you specify.

Configure Network
Fig 8. Configure Network

xi. SDDC Deployment configuration in progress…

SDDC Deployment process
Fig 9. SDDC Deployment process

xii. Upon SDDC Deployment completion, the default management page is displayed.

SDDC Default management page
Fig 10. SDDC Default management page

xiii. When you click to view details, the below page is displayed. It is the SDDC default management page:

  • Summary tab enables you View CPU Memory and Storage information.
  • Network tab provides a detailed diagram of your network configuration Connection
  • Info: gives you access to your vSphere web client, vCentre server and vCentre Server API
  • Support tab primarily for support.
Configuration Summary
Fig 11. Configuration Summary

Management Gateway Firewall Rules and DNS

Network optimization is one of the significant benefits of using VMWare Cloud on AWS. It enables operational visibility compliance of workloads and control of your datacenter.

SDDC Configuration is not complete without the Network configurations. Network configuration involves:

Network connection Overview
Fig 12. Network connection Overview

i. Configuring Management Gateway Firewall Rules

Deny default in the management gateway sets all traffic firewall rule (inbound and outbound). Configure additional rules to allow traffic as needed. For this article, we shall configure a firewall rule allowing access to vCenter over the internet.

When you click on open vCentre, you receive the prompt below to configure your gateway firewall rule.Access to your vCentre is through allowing traffic in the management gateway by creating a firewall rule. Click on Firewall Rule. Note: One can configure as many firewall rules on a need basis.

vCentre prompt to configure a firewall rule
Fig 13. vCentre prompt to configure a firewall rule

You are automatically redirected to Firewall rules tab, under Network in the Management gateway console.

Configure a firewall rule to enable vCentre at this point, as below:

  • Enter the Rule name, Action: Ensure Allow is selected,
  • Source (this is the public IP of your management gateway that can be obtained from your network diagram, see second figure below.
  • The destination set to vCentre,
  • Service HTTPS (TCP 443)
  • Ports: 443

Click save.

Management Gateway Firewall rule
Fig 14. Management Gateway Firewall rule

At this point, your firewall rule to enable vCentre access is successfully configured.

Configuring management Gateway DNS

ii. Configuring management Gateway DNS

1. On the Network Tab
2. Click the arrow next to DNS to Expand
3. Click Edit settings

DNS Configuration
Fig 15. DNS Configuration

4. Enter your preferred DNS Server 1 and DNS Server 2 settings, as in our case and, then Save.

DNS Configuration
Fig 16. DNS Configuration

This step completes the management Gateway Configuration steps.

Note: VMWare cloud on AWS provides connectivity information for your vCentre server, the authentication credentials, and the PowerCLI Connection information, can be found on the connection info tab as shown below:

Connection Information
Fig 17. Connection Information

Your Cloud environment is configured at this point, on the Summary tab when you click on Open vCentre, your environment setup on AWS is displayed as below.
The enterprise capabilities of the product are visible as shown, i.e., the ESXi, NSX, and Storage

vCentre Overview
Fig 18. vCentre Overview


The agility to use a private, public or hybrid environment is the primary drive to adopting cloud environments. VMware Cloud on AWS enables this by providing operational consistency for environments and allowing the balance of workload.

VMware and AWS solution jointly provides a rich portfolio that leverages unique technologies from both AWS and VMware enabling the building of application architectures with minimal latency and network overhead.

Administrators, therefore, can seamlessly perform all the tasks on VMware cloud on AWS just like they do on-prem.