Specify resource and network settings for provisioning machines from this vRealize Automation reservation.

When you create an Amazon reservation or configure a machine component in the blueprint, you can choose from the list of security groups that are available to the specified Amazon account region. Security groups are imported during data collection. A security group acts as a firewall to control access to a machine. Every region includes at least the default security group. Administrators can use the Amazon Web Services Management Console to create additional security groups, configure ports for Microsoft Remote Desktop Protocol or SSH, and set up a virtual private network for an Amazon VPN. For information about creating and using security groups in Amazon Web Services, see Amazon documentation.

For related information about security groups, see Using Amazon Security Groups.

For related information about load balancers, see Using Elastic Load Balancers for Amazon Web Services.


  1. Click the Resouces tab.
  2. Select a compute resource on which to provision machines from the Compute resource drop-down menu.

    Available Amazon regions are listed.

  3. (Optional) Enter a number in the Machine quota text box to set the maximum number of machines that can be provisioned on this reservation.

    Only machines that are powered on are counted towards the quota. Leave blank to make the reservation unlimited.

  4. Select a method of assigning key pairs to compute instances from the Key pair drop-down menu.



    Not Specified

    Controls key pair behavior at the blueprint level rather than the reservation level.

    Auto-Generated per Business Group

    Every machine provisioned in the same business group has the same key pair, including machines provisioned on other reservations when the machine has the same compute resource and business group. Because key pairs generated this way are associated with a business group, the key pairs are deleted when the business group is deleted.

    Auto-Generated per Machine

    Each machine has a unique key pair. This is the most secure method because no key pairs are shared among machines.

    Specific Key Pair

    Every machine provisioned on this reservation has the same key pair. Browse for a key pair to use for this reservation.

  5. If you selected Specific key Pair in the Key pair drop-down menu, select a key pair value from the Specific key pair drop-down menu.
  6. If you are configured for Amazon Virtual Private Cloud, enable the Assign to a subnet in a VPC check mark box. Otherwise, leave the box unchecked.

    If you select Assign to a subnet in a VPC, the following locations or subnets, security groups, and load balancers options appear in a popup menu rather than on this same page.

    For a VPC reservation, specify the security groups and subnets for each VPC that is allowed in the reservation.

  7. Select one or more available locations (non-VPC) or subnets (VPC) from the Locations or Subnets list.

    Select each available location or subnet that you want to be available for provisioning.

  8. Select one or more security groups that can be assigned to a machine during provisioning from the Security groups list.

    Select each security group that can be assigned to a machine during provisioning. Each available region requires at least one specified security group.

  9. Select one or more available load balancers from the Load balancers list.

    If you are using the elastic load balancer feature, select one or more available load balancers that apply to the selected locations or subnets.


You can save the reservation now by clicking Save. Or you can add custom properties to further control reservation specifications. You can also configure email alerts to send notifications when resources allocated to this reservation become low.