You utilize the compute, storage and network resources of a VMware Cloud on AWS SDDC to recover workloads running on a VMware Cloud Foundation instance in the event of a disaster caused by a ransomware attack.

Recovery SDDC Deployment Model

VMware Cloud Disaster Recovery offers two recovery SDDC deployment models as shown in the following table.

VMware Cloud Disaster Recovery Deployment Model Description
On-Demand You build the recovery SDDC immediately before executing a recovery plan.
Pilot Light You pre-build the recovery SDDC which you can scale up during the recovery process.

For a detailed list of design considerations, see Deployment Models of VMware Cloud Disaster Recovery.

Table 1. Design Decisions on VMware Cloud on AWS for VMware Cloud Disaster Recovery

Decision ID

Design Decision

Design Justification

Design Implication


Deploy a pilot light VMware Cloud on AWS recovery SDDC.

  • Provides the lowest recovery time objective (RTO) due to the recovery SDDC being available instantly.

  • Provides a platform to perform networking configurations required at recovery time.

A minimal footprint VMware Cloud on AWS SDDC is always online.


Deploy a VMware Cloud on AWS recovery SDDC with a minimum of two nodes.

Ensures that the pre-provisioned recovery SDDC remains available. A single node expires after 60 days.

A pre-provisioned recovery SDDC consumes infrastrucutre that incurs a regular charge.


Configure the management gateway to allow access to VMware Cloud on AWS recovery SDDC vCenter Server over the internet.

Ensures that users can access the vCenter Server UI of the recovery SDDC over the internet.

You must manually manage access to the vCenter Server by using an NSX group.