vSphere in a cloud software-defined data center like your VMware Cloud on AWS SDDC works in the same way that your on-premises vSphere does. In the SDDC, some vSphere components are owned and managed by VMware, so some on-premises administrative workflows that you're familiar with have differences or aren't needed.
What's Different in the Cloud?
- VMware Cloud on AWS users don't have physical access to ESXi host hardware and cannot log in to the ESXi host operating system. Procedures that require this kind of access are performed by VMware staff.
- Global Permissions defined in your on-premises vCenter Server do not apply to objects that VMware manages for you, like SDDC hosts and datastores, so they aren't replicated from your on-premises to the vCenter Server in your cloud SDDC.
|vSphere Managed Inventory Objects||Each VMware Cloud on AWS SDDC has a single data center named SDDC-Datacenter. The data center defines the namespace for networks and datastores. The names for these objects must be unique within a data center. You cannot have two datastores with the same name within a single data center. Virtual machines, templates, and clusters need not be unique within the data center, but must be unique within their folder.|
|VMware Cloud on AWS users don't have physical access to access ESXi host hardware and cannot log in to the ESXi host operating system. Procedures that require this kind of access are performed by VMware staff.|
|Securing vCenter Server Systems||In an on-premises SDDC, you are responsible for ensuring the security of your vCenter Server system. In VMware Cloud on AWS, VMware performs most of these tasks for you. You are responsible for following security best practices, especially for the VMs in your environment, and might want to be aware of some other aspects of vCenter Server and vCenter Single Sign-On such as password and lockout policies.|
|vSphere Authentication with vCenter Single Sign-On||
When you change the password for your SDDC from the vSphere Client, the new password is not synchronized with the password that is displayed on the Default vCenter Credentials page. That page shows only the Default credentials. If you change the credentials, you are responsible for keeping track of the new password. Contact Technical Support and request a password change.
After installation, firstname.lastname@example.org has administrator access to both vCenter Single Sign-On and vCenter Server. That user can also add identity sources, set the default identity source, and set policies in the vmc.local domain. Certain management operations in the vmc.local domain are restricted to VMware Cloud on AWS operations staff.