You can add an AWS data source in vRealize Network Insight Cloud.

Prerequisites

  • Configure the organization firewall for AWS API access. See Firewall Configuration for AWS API Access.
  • Create a standard account policy for the AWS account that you want to add in vRealize Network Insight Cloud. To create a policy, see Create a Standard Account Policy.
  • Create a user in the Standard AWS Account. To create a user in AWS, see Create a User in the Primary AWS Account.
  • If you have configured AWS API access with restricted IPs, you must whitelist the following IP address to allow communication between region specific vRealize Network Insight Cloud and AWS account:
    Region IP address
    AU 3.104.98.208
    CA 3.98.12.139
    DE 3.70.31.146
    JP 35.75.225.94
    US 44.241.36.197
    UK 18.168.184.20
    Note: You can locate a region from the browser URL that you use to access the service. For example, in the URL https://ca.www.mgmt.cloud.vmware.com/ni, ca indicates CA (Canada) region. Similarly in the URL https://us.www.mgmt.cloud.vmware.com/ni, us indicates the US region.

Procedure

  1. Go to Settings > Accounts and Data Sources.
  2. Click Add Source.
  3. Under Public Clouds, select Amazon Web Services.
  4. Select the Collector VM.
  5. Enter your Amazon Access Key ID and corresponding Secret Access Key.
    Note: Your Amazon Access Key ID is a 20-digit string with a corresponding Secret Access Key. For more details, see http://docs.aws.amazon.com/general/latest/gr/managing-aws-access-keys.html.
    Note: To add AWS Gov Cloud Region as a data source, create an AWS IAM user by using the recommended policy in the AWS account with access to the Gov Cloud region. Use the Access key and the Secret key for the newly created account to add the data source to vRealize Network Insight Cloud.
    This process takes around 15–20 minutes for adding and displaying your account data.
  6. From the Web Proxy (Optional) drop-down menu, select a web proxy.
    Note: The Web Proxy (Optional) is visible only if you have configured a web proxy in vRealize Network Insight Cloud.
  7. Click Validate.

    If the number of VMs discovered exceeds the capacity of the platform or a collector node or both, the validation fails. You will not be allowed to add a data source until you increase the brick size of the platform or create a cluster.

    The specified capacity for each brick size with and without flows is as follows:
    Brick Size VMs State of Flows
    Large 6k Enabled
    Large 10k Disabled
    Medium 3k Enabled
    Medium 6k Disabled
  8. After you have validated your AWS account, you can select Enable Flow data collection(Highly Recommended) to get deeper insights.
  9. (Optional) In the Nickname text box, enter a nickname.
  10. (Optional) In the Notes text box, add a note if necessary.
  11. Click Submit.