NSX Advanced Load Balancer integrates with Amazon Web Services (AWS) for providing IPAM services to applications running on instances in AWS.

If the NSX Advanced Load Balancer cloud type is AWS, there is support for IPAM by default, without the need for a separate IPAM configuration. A separate IPAM configuration (as described below) is required only for cases where AWS provides the infrastructure service for other clouds. For instance, Mesos Cluster running on AWS instances.

AWS IPAM is supported only for North-South IPAM Provider.

Configuring IPAM

  1. To use AWS as the IPAM provider, one of the following types of credentials is required:

  2. Identity and Access Management (IAM) roles: Set of policies that define access to resources within AWS. If using the IAM role method to define access for an NSX Advanced Load Balancer installation in AWS, Select AWS IPAM as type and Use IAM Roles to set up the IAM roles before beginning deployment of the Controller EC2 instance.

  3. AWS Customer Account Key: Unique authentication key associated with the AWS account. If Using Access Key, select AWS and select Use Access Keys, and enter the following information:

    1. Access Key ID: AWS customer key ID.

    2. Secret Access Key: customer key.

    3. Select the AWS region into which the VIPs will be deployed.

    4. Select Access AWS through Proxy if access to AWS endpoints requires a proxy server.

    5. Select Use Cross-Account AssumeRole if the AWS credentials or role is being leveraged to access across accounts. For more information, see AWS User Cross-Account AssumeRole section in VMware NSX Advanced Load BalancerAdministration guide.

    6. Click Next.

  4. A drop-down menu of available VPCs in that region is displayed.

    1. Select the appropriate VPC.

    2. A drop-down menu of availability zones (AZ) in that region and a corresponding list of networks in each AZ are displayed. For multi-AZ virtual service applications, configure at least one network from each AZ for IPAM.

    3. Click Save.