Compute inventory groups categorize compute VMs using criteria such as names, IP addresses, and tags.

Because compute inventory groups are made up of the compute VMs you deploy on your compute network segments. VMware Cloud on AWS GovCloud cannot create them for you. You'll need to create them yourself before you can develop compute gateway firewall rules.

Procedure

  1. Log in to the VMware Cloud on AWS GovCloud at https://www.vmc-us-gov.vmware.com/.
  2. On the Networking & Security tab, click Inventory > Groups.
  3. On the Groups card, click COMPUTE GROUPS, then click ADD GROUP and give the group a Name and an optional Description.
    To modify an existing group, select it and click the ellipsis button at the beginning of the group row.
  4. Click Set Members to open the Select Members page.
    Management groups contain VMs on the Management Network. Management group members must be specified by IP address. Compute groups contain VMs or network objects such as segments in the Compute network. There are several ways to designate membership in a compute group.
    Option Description
    Membership Criteria Click ADD CRITERIA and use the drop-down controls to specify one or more criteria in the form of
    Object Type, Property, Condition, Value
    tuples. For example,a group with these criteria:
    Virtual Machine Name Contains db_
    includes VMs whose names contain the string db_ in the group. You can also create groups of tagged network segments, segment ports, or IP sets by specifying a tag, or
    Segment Tag Equals testbeds
    to include network segments that have the tag testbeds.

    Objects that match all of the selected criteria are included in the group.

    Members Select a membership category from the Select Category drop-down list, then select members from the list.
    IP/MAC address Enter an IP address, MAC addresses, CIDR block, or a range of IP addresses in the form ip-ip (for example 192.168.1.1-192.168.1.100) .
  5. (Optional) Tag the group.

    See Add Tags to an Object in the NSX-T Data Center Administration Guide for more information about tagging NSX-T objects.

  6. Click SAVE to create the group.

What to do next

To review group members, select a group and click View Members to review the list of group members to view group members and membership criteria. Click Where Used to see a list of firewall rules that include the group.