You can create a VMware Cloud on AWS cloud account in vRealize Automation based on a source VMware Cloud on AWS SDDC.

For general information about VMware Cloud on AWS, see VMware Cloud on AWS documentation.

Prerequisites

Procedure

  1. Select Infrastructure > Connections > Cloud Accounts.
  2. Click Add Cloud Account and select the VMware Cloud on AWS tile.
  3. As prompted, enter a name and description for the cloud account.
  4. For the API token setting, create a new token or use an existing token for your organization by using the linked API Tokens page as described below.

    Note: Copy, download, or print the token that is generated by this workflow. After you leave the API token page you cannot retrieve the generated token information.

    1. Click the i help icon at the end of the VMC API token line and click API Tokens page in the help text box to open the API Tokens tab on your organization's My Account page.
    2. Click Generate Token to display the Generate a New API Token options.
    3. Enter a new token name, for example myinitials_mytoken.
    4. Set the Token TTL to never expire.

      If you create a token that is set to expire, then the VMware Cloud on AWS operations from vRealize Automation will stop working when the token expires and continue to not work until you update the cloud account with a new token.

    5. In the Define Scopes section, select All Roles.
    6. Click Generate.
    7. In the generated token page, click Copy and click Continue.
    8. Return to the New Cloud Account page, paste the copied token into the VMC API token row, and click Apply API token.

      Paste the copied API token and click Apply API token.

    In the Define Scopes section, the minimum required roles for the API token are:
    • Organizational Roles
      • Organization Member
      • Organization Owner
    • Service Roles - VMware Cloud on AWS
      • Administrator
      • NSX Cloud Administrator
      • NSX Cloud Auditor

    Apply the generated or supplied token to connect to the available SDDC environment in your organization's VMware Cloud on AWS subscription and populate the list of SDDC names. If the vRealize Automation and VMware Cloud on AWS services are in different organizations, you should switch to the VMware Cloud on AWS organization and then generate the token. For more information about API tokens, see Generate API Tokens.

  5. Click Apply API token to apply the API token and display the SDDC name option.
  6. In the SDDC name drop-down menu, select an SDDC from the list of available SDDCs. The list of available SDDCs is derived from your VMware Cloud on AWS subscription.

    The selected SDDC name auto-populates the vCenter and NSX FQDN entries.

  7. In the vCenter Server IP address/FQDN drop-down menu, enter the IP address or FQDN of the vCenter Server in the specified SDDC.

    The address auto-populates based on your SDDC selection. It defaults to the private IP address. Based on the type of network connectivity used to access your SDDC, the default address might be different than the IP address of the vCenter Server in the specified SDDC.

  8. In the NSX Manager IP address/ FQDN drop-down menu, enter the IP address or FQDN of the NSX-T Manager in the specified SDDC.

    The address auto-populates based on your SDDC selection. It defaults to the private IP address. Based on the type of network connectivity used to access your SDDC, the default address might be different than the IP address of the NSX Manager Server in the specified SDDC. VMware Cloud on AWS cloud accounts support NSX.

    If you are creating a vRealize Automation on AWS GovCloud (US) cloud account in a vRealize Automation environment, do not use the default NSX Manager IP address/ FQDN setting. Instead, you must specify the NSX-T Manager IP address that is identified in the vRealize Automation on AWS GovCloud (US) SDDC.

  9. As prompted, enter your vCenter user name and password for the specified SDDC if it's different than the default.

    The specified user requires CloudAdmin credentials. The user does not require CloudGlobalAdmin credentials.

    The data centers that are available for provisioning in your specified VMware Cloud on AWS SDDC environment are listed. The list is read-only.

  10. Click Validate.

    The Validate option confirms your access rights to the vCenter server and NSX-T Manager and checks that the specified vCenter is running.

    If you receive an Error updating endpoint <Name>: Endpoint already exists, a cloud account has already been associated to that SDDC.

  11. In the Configuration section of the page, specify the SDDC data center that you wish to provision to and optionally create a new cloud zone for provisioning within that data center.
  12. In the Capabilities section of the page, optionally specify capability tags for the cloud account.
    Use tags according to your organization's tag strategy. See How do I use tags to manage Cloud Assembly resources and deployments and Creating a tagging strategy.
  13. Lastly, click Add to create the cloud account.

Results

Resources such as machines and volumes are data-collected from the VMware Cloud on AWS SDDC data center and listed in the Resources section of the vRealize Automation Infrastructure tab.

What to do next

Create a cloud zone for VMware Cloud on AWS deployments in vRealize Automation.