For VMware Cloud on AWS protected SDDCs, you can leverage VMware Transit Connect™ to provide high-bandwidth, low-latency connections between your protected SDDCs and VMware Live Cyber Recovery.

Note: VMware Transit Connect is designed for protected SDDCs, and only applies to VMware Cloud on AWS customers. If you are a non- VMware Cloud on AWS customer and want to protect an on-premised vSphere, you can use AWS Direct Connect for dedicated private connections between your site and VMware Live Cyber Recovery.
The first step in using VMware Transit Connect is to set up a private connection CIDR block.
Note: VMware Transit Connect uses the AWS Transit Gateway (TGW) construct. It provides high bandwidth and low latency connectivity between SDDCs in an SDDC Group within a single AWS Region. Using the gateway incurs charges when you use it, per-hour and per-GB of data processed, per-gateway. For more information, see AWS Transit Gateway pricing.

Create an SDDC Group for Protected SDDC

After you set the CIDR block for the connection, log in to VMware Cloud and create an SDDC group. When you create an SDDC group, a VMware Managed Transit Gateway is also created that provides organized management of network connections between SDDC groups and other entities.

The VMware Managed Transit Gateway provides an organized management of network connections between SDDC groups and other entities. A VMware Managed Transit Gateway is an AWS resource owned and managed by VMware.
Note: Creating and operating of a VMware Managed Transit Gateway incurs additional charges on your VMware Cloud on AWS bill. For more information, see AWS Transit Gateway pricing.
Adding the first member to an SDDC Group creates a VMware Managed Transit Gateway and assigns it to the group. After you create the SDDC group (with the protected SDDC added), you can configure the private connection between the SDDC and VMware Live Cyber Recovery.
Note: You can also add the SDDC to an existing SDDC group, if the group is in the same Organization.
After you set up a private connection CIDR block and create an SDDC group, you can configure VMware Transit Connect to use for your protected SDDCs by connecting SDDC groups containing protected SDDCs.
Note: VMware Transit Connect will only function if SDDC compute CIDRs are non-overlapping. This restriction only applies to the compute segments where the Cyber Recovery connector will be deployed). Other segments can overlap.
  1. Log in to the VMC Console at https://vmc.vmware.com.
  2. On your organization landing page, from the VMware Cloud tile click Launch Service.
  3. Click Inventory from the left navigation.
  4. On the protected SDDC, select the SDDC Groups tab.
  5. Click Create Group.
  6. Give the group a Name and optional Description, then click Next.
  7. On the Membership grid, select the protected SDDC you want to use for a private connection with VMware Managed Transit Gateway. To qualify for membership in the group, the protected SDDC must meet several criteria:
    • It must be at SDDC version 1.11 or later.
    • Its management network CIDR block cannot overlap the management CIDR block of any other group member.
    • It cannot be a member of another SDDC group.
  8. When you have finished selecting members, click Next.
  9. Acknowledge that you understand and take responsibility for the costs you incur when you create an SDDC group, then click Create Group to create the SDDC Group and its VMware Transit Connect network.

    You cannot pause or cancel the process after it starts. Group members won't be able to use the group's VMware Transit Connect network until deployment is complete. Deployment typically takes about fifteen minutes. When deployment is complete, the group's Connectivity Status changes from PENDING to CONNECTED.

Configure a Private Connection with VMware Transit Connect

To configure the private connection with VMware Transit Connect, perform these steps:
  1. From the left navigation, select Settings and then click Private Network Connection.
  2. In the Private network connection dialog box, under Transit Connect SDDC groups, click Connect next to the SDDC groups (with protected SDDCs) that you want to use the Transit Connect private connection.

    Private connnection dialog box showing Transit Connect Gateway.

  3. In the Connect SDDC group dialog box, you can see the SDDCs in the group
  4. After the group and SDDCs are connected, the Connection to VMware Live Cyber Recovery column shows the group's connection status as Available. Click Close.