Create roles with appropriate permissions in your public cloud account to add the account into CSM.
Overview
For each public cloud account that you want to bring under the control of NSX, you have the option of creating appropriate roles with appropriate permissions. NSX Cloud provides scripts that you can use to generate these roles.
If you want to restrict public clouds that can be added into CSM, run the following CSM API:
PUT /api/v1/csm/desired-clouds Example Request: PUT https://<nsx-csm>/api/v1/csm/desired-clouds { "cloud_types": [ { "cloud_type": "aws" "enabled": true, } { "cloud_type": "azure", "enabled": true, } { "cloud_type": "aws-gov-us-east" "enabled": false, } { "cloud_type": "aws-gov-us-west", "enabled": false, } { "cloud_type": "azure-gov-us", "enabled": false, } ] }
See the latest version of the NSX API Guide at https://code.vmware.com/ for API details.