The following native-cloud services are supported for use with your public cloud workload VMs from within NSX Manager.
When you deploy PCG, a Group is created in NSX Manager for each supported native-cloud service.
The following Groups are created for the currently supported public cloud services:
- aws-dynamo-db-service-endpoint
- aws-elb-service-endpoint
- aws-rds-service-endpoint
- aws-s3-service-endpoint
- azure-cosmos-db-service-endpoint
- azure-load-balancer-service-endpoint
- azure-sql-service-endpoint
- azure-storage-service-endpoint
To use these native-cloud services, create DFW policies that contain the native-cloud service Group in the Source or Destination fields of the rule as required.
DFW rules are enforced on VMs not on the native-cloud services.
Note: In the
NSX Enforced Mode, that is, managing your workloads with
NSX Tools, currently there is no support for Microsoft Azure's native-cloud services.
Current Limitations
ENDPOINT | DFW Rule with service as DESTINATION | DFW Rule with service as SOURCE | ||||
---|---|---|---|---|---|---|
Public Cloud | Service | Scope | Enforced on VM? | Enforced on Service? | Enforced on Service? | Enforced on VM? |
Microsoft Azure | BLOB Storage | Global | Yes | No | No | Yes |
Cosmos DB | ||||||
SQL | ||||||
Load Balancer | ||||||
AWS | S3 | VPC Local | Yes | No | No | Yes |
Dynamo DB | ||||||
RDS | ||||||
ELB |