You can access an S3 bucket in your connected AWS account by creating an S3 endpoint.

Procedure

  1. Create an S3 endpoint.
    1. Log in to your AWS account.
    2. Click VPC and then click Endpoints.
    3. Click Create Endpoint.
    4. In the VPC drop down, select the VPC that is connected to your VMware Cloud™ on AWS account.
    5. In the Service drop down, select the S3 service.
    6. Click Next Step.
    7. Select the route table for the subnet you selected when you deployed your SDDC.
    8. Click Create Endpoint.
  2. Configure the security group for your connected Amazon VPC to allow traffic to the logical network associated with the VM in your SDDC.
    1. Select VPC.
    2. Click Security Groups
    3. Click your connected Amazon VPC's security group and click the Inbound tab.
    4. Click Edit.
    5. Click Add Rule.
    6. In the Type dropdown menu, select HTTPS.
    7. In the Source text box, enter the CIDR block for the logical network that the VMs in your SDDC are attached to.
    8. Repeat steps 2f through 2h for each logical network that you want to be able to connect to.
    9. Click Save.
  3. Create a compute gateway firewall rule to allow https access to the connected Amazon VPC.
    1. Log in to the VMC Console at https://vmc.vmware.com.
    2. View Details
    3. Network
    4. Add a compute gateway firewall rule with the following parameters.

      Option

      Description

      Source

      The CIDR block for the logical network that the VM in your SDDC is connected to.

      Destination

      Select All Linked AWS VPC.

      Service

      Select HTTPS.

Results

VMs in your SDDC can now access files on the S3 bucket using their https paths.