You might have one or more AWS accounts with VPCs and workload VMs that you want to bring under NSX-T Data Center management.

  • You can use the Transit/Compute VPC topology where you deploy the PCG in one VPC, making it the Transit VPC, and link other VPCs to it, which are called Compute VPCs.
  • NSX Cloud provides a shell script that you can run from the AWS CLI of your AWS account to create the IAM profile and role, and create a trust relationship for Transit and Compute VPCs .
  • The following scenarios are supported:
    • Scenario 1: You want to use a single AWS account with NSX Cloud.
    • Scenario 2: You want to use multiple sub-accounts in AWS that are managed by a master AWS account.
    • Scenario 3: You want to use multiple AWS accounts with NSX Cloud.

Here is an outline of the process:

  1. Use the NSX Cloud shell script, that requires AWS CLI, to do the following:
    • Create an IAM profile.
    • Create a role for PCG.
    • (Optional) Create a trust relationship between the AWS account hosting the Transit VPC and the AWS account hosting the Compute VPC.
  2. Add the AWS account in CSM.