You integrate supported SDDC components with the Workspace ONE Access cluster to enable authentication through the identity and access management services.

After the integration, information security and access control configurations for the integrated SDDC products can be configured.

Table 1. Workspace ONE Access SDDC Integration

SDDC Component

Integration

Considerations

vCenter Server

Not Supported

For directory services you must connect vCenter Server directly to Active Directory. See Identity and Access Management for VMware Cloud Foundation.

SDDC Manager

Not Supported

SDDC Manager uses vCenter Single Sign-On. For directory services, you must connect vCenter Server directly to Active Directory

NSX-T Data Center

Supported

If you intend to scale out to an environment multiple VMware Cloud Foundation instance, for example, for disaster recovery, you must deploy an additional standalone instance of Workspace ONE Access in each VMware Cloud Foundation instance. The clustered instance might fail over between physical locations which will impact the authentication to NSX-T Data Center in the first VMware Cloud Foundation instance. See Identity and Access Management for VMware Cloud Foundation.

vRealize Suite Lifecycle Manager

Supported

None.

See VMware Cloud Foundation Validated Solutions for the design for specific vRealize Suite components including identity management.

Table 2. Design Decisions on Integrations for Workspace ONE Access

Decision ID

Design Decision

Design Justification

Design Implication

VCF-VRS-WSA-SEC-001

Configure the Workspace ONE Access instance as the authentication provider for each supported SDDC component.

Enables authentication through Workspace ONE Access identity and access management services for vRealize Suite solutions that require mobility across VMware Cloud Foundation instances.

Required for vRealize Automation authentication.

The Workspace ONE Access cluster must be online and operational before you can authenticate to vRealize Automation.