Summary Prerequisites and limitations Architecture Tools Epics Related resources

Deploy a VMware SDDC on AWS by using VMware Cloud on AWS

Created by Deepak Kumar (AWS) and Derek Cox (AWS)

Environment: Production	Technologies: Hybrid cloud; Infrastructure	Workload: All other workloads
AWS services: Amazon VPC

Summary

Notice: As of April 30, 2024, VMware Cloud on AWS is no longer resold by AWS or its channel partners. The service will continue to be available through Broadcom. We encourage you to reach out to your AWS representative for details.

This pattern describes how to create a VMware-based Software-Defined Data Center (SDDC) that’s hosted in the Amazon Web Services (AWS) Cloud. You can deploy an SDDC to migrate your VMware vSphere-based workloads to the AWS Cloud and take advantage of AWS services while you use your existing VMware tools and skills. You can use this SDDC to run your production applications across VMware vSphere-based private, public, and hybrid cloud environments, with optimized access to AWS services. For example, you can use the SDDC as a secondary site for disaster recovery or to extend your data center to different geographical locations.

VMware Cloud on AWS is a pay-as-you-go (on-demand) service that enables enterprises of all sizes to run workloads across VMware vSphere-based cloud environments by using a wide range of AWS services. You can start with a minimum of 2 hosts per SDDC cluster and scale up to 16 hosts per cluster in your production environment. For more information, see the VMware Cloud on AWS website. To learn more about SDDCs, see About Software-Defined Data Centers in the VMware documentation.

Prerequisites and limitations

Prerequisites

Sign up for a MyVMware account and fill out all fields.
Sign up for an AWS account. For instructions, see the AWS Knowledge Center.
Sign up for an MyVMware Cloud on AWS account. An activation link is sent to the email address you specify when you sign up.

Limitations

See VMware Cloud on AWS configuration limits pages on the VMware website.

Product versions

See VMware Cloud on AWS Release Notes in the VMware documentation.

Architecture

Target technology stack

The following diagram shows the VMware software stack, including vSphere, vCenter, vSAN, and NSX-T, running on AWS bare-metal dedicated infrastructure. You can manage your VMware-based resources and tools on AWS with seamless integration with other AWS services such as Amazon Elastic Compute Cloud (Amazon EC2), Amazon Simple Storage Service (Amazon S3), Amazon Redshift, AWS Direct Connect, Amazon Relational Database Service (Amazon RDS), and Amazon DynamoDB.

VMware software stack running on AWS bare-metal dedicated infrastructure

The basic entity of VMware Cloud on AWS is an SDDC, which includes the following components:

Compute: The compute component is the lowest layer of the VMware Cloud on AWS SDDC. VMware Cloud on AWS runs on Amazon EC2 bare metal instance types. These include i3.metal, i3en.metal, and i4i.metal, and provide direct access to physical resources such as processors and memory.
Important: The i3.metal instance type for VMware Cloud on AWS, including on-demand and subscription options of one-year and three-year terms, is set to reach its end of life and end of support on December 31, 2026. Additionally, new customers are currently not able to request i3.metal instances. For more information, see the announcement on the VMware Cloud Blog.
Storage: SDDC clusters support VMware vSAN with an all-flash configuration for storage using non-volatile memory express (NVMe) flash storage, which provides fast and high-performance storage. Starting with SDDC version 1.20, VMware Cloud on AWS offers support for two types of external storage: Amazon FSx for NetApp ONTAP and VMware Cloud Flex Storage.
Networking: Networking capabilities and policies are managed by using VMware NSX-T in the SDDC cluster. Multi-tier virtual networks are created in the SDDC cluster to separate network resources from physical equipment. This enables VMware Cloud on AWS users to create logical, software-defined networks.

Tools

VMware Cloud on AWS is an integrated cloud offering jointly developed by AWS and VMware.

Epics

Task	Description	Skills required
Sign in to your AWS account.	Sign in to your AWS account with credentials that have administrator permissions.	Cloud administrator
Create a new VPC.	In this step, you define a virtual private cloud (VPC) that links to the SDDC. If you already have a VPC you want to use for the SDDC, skip this step. Choose the AWS Region to deploy your VMware Cloud on AWS SDDC. Open the Amazon VPC console at https://console.aws.amazon.com/vpc/. In the navigation pane, choose Your VPCs. Choose Create VPC. Specify VPC settings such as the VPC name tag, IPv4 CIDR block, Tenancy (keep as Default), and then choose Create VPC. When the VPC has been created, choose Close. For more information, see Create and configure your VPC in the AWS documentation.	Cloud administrator
Create a private subnet.	You will now create a private subnet for the elastic network interface (ENI) for each Availability Zone. We recommend that you use a subnet without an internet gateway attached. Open the Amazon VPC console at https://console.aws.amazon.com/vpc/. In the navigation pane, choose Subnets. Choose Create Subnet. On the Create Subnet page, choose the VPC that you created earlier. Complete the settings for the subnet, including a subnet name, Availability Zone, and IPv4 CIDR block. Choose Create Subnet. Repeat these steps to create subnets for each Availability Zone in the Region.	Cloud administrator

Task

Description

Skills required

Cloud administrator

Create a new VPC.

In this step, you define a virtual private cloud (VPC) that links to the SDDC. If you already have a VPC you want to use for the SDDC, skip this step.

Choose the AWS Region to deploy your VMware Cloud on AWS SDDC.
Open the Amazon VPC console at https://console.aws.amazon.com/vpc/.
In the navigation pane, choose Your VPCs.
Choose Create VPC.
Specify VPC settings such as the VPC name tag, IPv4 CIDR block, Tenancy (keep as Default), and then choose Create VPC.
When the VPC has been created, choose Close.

For more information, see Create and configure your VPC in the AWS documentation.

Cloud administrator

Create a private subnet.

You will now create a private subnet for the elastic network interface (ENI) for each Availability Zone. We recommend that you use a subnet without an internet gateway attached.

Open the Amazon VPC console at https://console.aws.amazon.com/vpc/.
In the navigation pane, choose Subnets.
Choose Create Subnet.
On the Create Subnet page, choose the VPC that you created earlier.
Complete the settings for the subnet, including a subnet name, Availability Zone, and IPv4 CIDR block.
Choose Create Subnet.

Repeat these steps to create subnets for each Availability Zone in the Region.

Cloud administrator

Task	Description	Skills required
Activate the service.	When you sign up for a MyVMware account, VMware sends you a welcome email and activation link to the email address you specified. Open the Activate Service link from the welcome email in your browser. Log in with MyVMware credentials. Review and accept the terms and conditions for the use of services. Complete the account activation process. You will be redirected to the VMware Cloud on AWS console. (Note: VMware Cloud on AWS accounts are based on an organization, which represents a group or line of business subscribed to the account. This organization has no relationship to AWS Organizations.) On the Select or Create Organization page, create an organization that is linked to the MyVMware account. Enter the Organization Name and Address for logical distinction. Select Create Organization to complete the process. For more information about this process, see SDDC Deployment and Best Practices Guide on AWS in the AWS documentation.	Cloud administrator
Assign IAM roles.	When the organization has been created, assign privileged access to specific users to access the Cloud Services and SDDC console, SDDC, and NSX components. For instructions, see Assign a VMC Service Role to an Organization Member in the VMware documentation. There are two types of organization roles: Organization owners can add, remove, and modify users and access all cloud resources. Organization members can access cloud resources only.	Cloud administrator

Task

Description

Skills required

Activate the service.

When you sign up for a MyVMware account, VMware sends you a welcome email and activation link to the email address you specified.

Open the Activate Service link from the welcome email in your browser.
Log in with MyVMware credentials.
Review and accept the terms and conditions for the use of services.
Complete the account activation process. You will be redirected to the VMware Cloud on AWS console. (Note: VMware Cloud on AWS accounts are based on an organization, which represents a group or line of business subscribed to the account. This organization has no relationship to AWS Organizations.)
On the Select or Create Organization page, create an organization that is linked to the MyVMware account.
Enter the Organization Name and Address for logical distinction.
Select Create Organization to complete the process.

For more information about this process, see SDDC Deployment and Best Practices Guide on AWS in the AWS documentation.

Cloud administrator

Assign IAM roles.

When the organization has been created, assign privileged access to specific users to access the Cloud Services and SDDC console, SDDC, and NSX components. For instructions, see Assign a VMC Service Role to an Organization Member in the VMware documentation.

There are two types of organization roles:

Organization owners can add, remove, and modify users and access all cloud resources.
Organization members can access cloud resources only.

Cloud administrator

Task	Description	Skills required
Deploy an SDDC in your VMware Cloud on AWS account.	Important: After an AWS account has been associated with a VMware Organization as the seller of record, the AWS account number cannot be updated. There can be only one AWS seller of record per VMware Organization. To deploy an SDDC: Log in to the VMC console at https://vmc.vmware.com. Choose VMware Cloud on AWS Service from the available services. Choose Create SDDC. Enter SDDC properties such as AWS Region, Deployment (Single Host, Multi-Host, or Stretched Cluster), Host Type, SDDC Name, Number of Hosts, Host Capacity, and Total Capacity, and then choose Next. Connect to your AWS account, and then choose Next. Select your previously configured VPC and subnet, and then choose Next. Enter the management subnet CIDR block for the SDDC, and then choose NEXT. For more information, see Selecting IP Subnets and Connectivity for your SDDC on the VMware Cloud Blog. Select the two check boxes to acknowledge that you take responsibility for the costs for deploying an SDDC, and then choose Deploy SDDC. You’ll be charged when you choose Deploy SDDC. You won’t be able to pause or cancel the deployment process, which takes some time to complete. For more information about creating an SDDC, see Deploy an SDDC from the VMC Console in the VMware documentation.	Cloud administrator, Cloud architect

Task

Description

Skills required

Deploy an SDDC in your VMware Cloud on AWS account.

Important: After an AWS account has been associated with a VMware Organization as the seller of record, the AWS account number cannot be updated. There can be only one AWS seller of record per VMware Organization.

To deploy an SDDC:

Log in to the VMC console at https://vmc.vmware.com.
Choose VMware Cloud on AWS Service from the available services.
Choose Create SDDC.
Enter SDDC properties such as AWS Region, Deployment (Single Host, Multi-Host, or Stretched Cluster), Host Type, SDDC Name, Number of Hosts, Host Capacity, and Total Capacity, and then choose Next.
Connect to your AWS account, and then choose Next.
Select your previously configured VPC and subnet, and then choose Next.
Enter the management subnet CIDR block for the SDDC, and then choose NEXT. For more information, see Selecting IP Subnets and Connectivity for your SDDC on the VMware Cloud Blog.
Select the two check boxes to acknowledge that you take responsibility for the costs for deploying an SDDC, and then choose Deploy SDDC.

You’ll be charged when you choose Deploy SDDC. You won’t be able to pause or cancel the deployment process, which takes some time to complete.

For more information about creating an SDDC, see Deploy an SDDC from the VMC Console in the VMware documentation.

Cloud administrator, Cloud architect

Related resources

Deploying and Managing a Software-Defined Data Center (VMware documentation)
VMware Cloud on AWS features (AWS website)
Accelerate Cloud Migration and Modernization with VMware Cloud on AWS (video)

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Configure vRealize Automation to provision VMs on VMware Cloud on AWS

Integrate VMware vRealize Network Insight with VMware Cloud on AWS