Connect SDDC Groups in VMware Cloud on AWS

An organization administrator can create connections among SDDC groups in the organization. These group-to-group connections can span up to three regions and include up to three groups.

An organization that has SDDC groups spread across two or three AWS regions can improve administrative control over routing between workloads in those SDDC groups by peering the groups' VTGWs with each other. The Connectivity between SDDC Groups workflow automates peering of up to three VTGW instances.

When you connect multiple SDDC groups, only networks within the SDDCs themselves are shared across the connection. These networks include the SDDC management CIDR, routed segments attached to the default CGW, and any compute networks advertised to the local SDDC group via route aggregations. External connections (such as DXGW, VPC, and TGW) to an SDDC group are accessible only by members of the group to which they're attached. If SDDCs in connected groups require access to these resources, you must attach them to each group individually.

Note:

Group-to-group connections incur an additional cost, based on AWS TGW attachment pricing, for each region for each connected group. See AWS Transit Gateway pricing for details.

Prerequisites

You must be logged into the VMC console as a user with a VMC service role of Administrator or Administrator (Delete Restricted).

Procedure

Log in to the VMware Cloud Console at https://vmc.vmware.com.
On the Inventory page, click SDDC Groups.
Click VIEW DETAILS on a group card to open the group Summary page.
This page includes a Members grid that lists all SDDCs in the group and a Connectivity between SDDC Groups grid that shows existing connections between your SDDC groups.
Click CREATE NEW CONNECTION to connect this SDDC group to another one in your organization.
The New Connection card shows the name and region of this SDDC group (the Local SDDC Group) and a drop-down control you can use to select a Peer SDDC Group to connect with. When you select a Peer SDDC Group and click CONNECT, the Connectivity between SDDC Groups grid displays the Peer SDDC Group ID and connection Status of IN PROGRESS and the VMware Cloud Console displays a status message tracking the VTGW peering operation.

When the peering operation completes, the connection Status changes to CONNECTED.

What to do next

To remove a peer SDDC group from a group-to-group connection:

Click VIEW DETAILS on the group card and open the local group Summary page.
Expand the Connectivity between SDDC Groups grid and select the group you want to disconnect.
Click REMOVE CONNECTION to remove the TGW peering connection.

When you confirm your choice by clicking REMOVE on the Remove Connection card, the Status of the peer SDDC group in the Connectivity between SDDC Groups grid changes to IN PROGRESS and the VMware Cloud Console displays a status message tracking the removal of VTGW peering connection. When the removal is complete, the peer SDDC no longer appears in the grid.