AWS VPC Configuration and Availability Requirements

The VPC, subnet, and AWS account you use must meet several requirements:

• The subnet must be in an AWS Availability Zone (AZ) where VMware Cloud on AWS is available.

• The subnet must exist in the connected AWS account. It cannot be one owned by and shared from another account.

• The AWS account being linked must have sufficient capacity to create a minimum of 17 ENIs per SDDC in each region where an SDDC is deployed.

  Note:

  Although you cannot provision more than 16 hosts in a vSphere Cluster, SDDC operations including planned maintenance and Elastic DRS can require temporarily adding as many as 16 more hosts. As such it is recommended to use an AWS account that has sufficient capacity for 32 ENIs per SDDC.

• It is recommended to dedicate a /16 CIDR block to each SDDC and not use that subnet for any other AWS services or EC2 instances.

• Any VPC subnets on which AWS services or instances communicate with the SDDC must be associated with the main route table of the connected VPC.

• If necessary, you can link multiple SDDCs to a VPC if the VPC subnet used for ENI connectivity has a large enough CIDR block to accommodate them. Because all SDDCs in a VPC use the same main route table, make sure that network segments in those SDDCs do not overlap with each other or the VPC's primary CIDR block. Workload VMs on routed SDDC networks can communicate with all subnets in the VPC's primary CIDR block but are unaware of other CIDR blocks that might exist in the VPC.

AWS Elastic IP Requirements