Use VMware Cloud on AWS Networking & Security inventory to create groups of VMs and network services that you can use when you create firewall rules.

Firewall rules typically apply to a group of VMs that have certain common characteristics including:
  • names that follow a naming convention (like Win* for Windows VMs or Photon* for Photon VMs)
  • IP addresses within a specific range or CIDR block
  • tags
They can also apply to network services, which are distinguished by characteristics like service type and network protocol. The VMware Cloud on AWS Networking & Security Inventory feature simplifies the process of creating groups of VMs that have similar needs for firewall protection. It also allows you to add new network services to the built-in list of services, so that you can include those services in firewall rules.

VMware Cloud on AWS creates management groups and a service inventory in all new SDDCs. It also maintains a list of your workload VMs and their tags. You can add or modify your own inventory groups of management or compute VMs.