You can configure network isolation for your VMware Cloud on AWS deployment needs by specifying and using on-demand network settings in a network profile.
You can specify an isolated network by using a security group or by using on-demand network settings. In this example, you configure network isolation by specifying on-demand network settings in the network profile. Later, you access the network in a cloud template and use the cloud template in a VMware Cloud on AWS deployment.
Unless otherwise indicated, the step values that you enter in this procedure are for this example workflow only.
- Complete the Configure a basic VMware Cloud on AWS workflow in VMware Aria Automation workflow.
- Review Configure an isolated network in VMware Cloud on AWS workflow in VMware Aria Automation.
- This procedure assumes that you have the required administrator credentials, including VMware Cloud on AWS CloudAdmin credentials for the target SDDC in vCenter. See Credentials required for working with cloud accounts in VMware Aria Automation.
- This procedure assumes that you have the cloud administrator user role. See What are the VMware Aria Automation user roles.
- Open the network profile that you used in the basic VMware Cloud on AWS workflow, for example vmc-network1. See Configure network and storage profiles for VMware Cloud on AWS deployments in VMware Aria Automation.
- You do not need to make any selections on the Networks tab.
- Click the Network Policies tab.
- Select the Create an on-demand network option and select the default cgw network domain. Specify an appropriate CIDR and subnet size.
- Click Save.
When you use this network profile, machines are deployed to a network in the default network domain. The network is isolated from other networks by using private or outbound network access.