In this step, you create a VMware Cloud on AWS cloud account in vRealize Automation.

For related information, see VMware Cloud on AWS documentation.

Unless otherwise indicated, the step values that you enter in this procedure are for this example workflow only.

Prerequisites

Procedure

  1. Select Infrastructure > Connections > Cloud Accounts.
  2. Click Add Cloud Account, select VMware Cloud on AWS, and enter values.

    Sample values and supporting information are provided in the following table.

    Setting Sample Value and Instruction Description
    VMC API Token
    1. Click the i help icon at the end of the VMC API token line and click API Tokens page in the help text box to open the API Tokens tab on your organization's My Account page.
    2. Click Generate Token to display the Generate a New API Token options.
    3. Enter a new token name, for example myinitials_mytoken.
    4. Set the Token TTL to never expire.

      If you create a token that is set to expire, then the VMware Cloud on AWS operations from vRealize Automation will stop working when the token expires and continue to not work until you update the cloud account with a new token.

    5. In the Define Scopes section, select All Roles.

    6. Click Generate.
    7. In the generated token page, click Copy and click Continue.
    8. Return to the New Cloud Account page, paste the copied token into the VMC API token row, and click Apply API token.

      Paste the copied API token and click Apply API token.

    You can create a new token or use an existing token for your organization on the linked API Tokens page.

    In the Define Scopes section, the minimum required roles for the API token are:
    • Organizational Roles
      • Organization Member
      • Organization Owner
    • Service Roles - VMware Cloud on AWS
      • Administrator
      • NSX Cloud Administrator
      • NSX Cloud Auditor
    Note: Copy, download, or print the generated token. Once you leave this page you cannot retrieve the generated token.

    Apply the generated or supplied token to connect to the available SDDC environment in your organization's VMware Cloud on AWS subscription and populate the list of SDDC names.

    If the vRealize Automation and VMware Cloud on AWS services are in different organizations, you should switch to the VMware Cloud on AWS organization and then generate the token.

    For more information about API tokens, see Generate API Tokens.

    SDDC name

    For this example, select Datacenter:Datacenter-abz.

    The valid SDDC name auto-populates the vCenter and NSX-T FQDN entries. If a cloud proxy was already deployed to the SDDC, the cloud proxy value also auto-populates.

    Select from the list of available SDDCs from your VMware Cloud on AWS subscription. The list of SDDCs is based on the VMware Cloud on AWS API token.

    NSX-V SDDCs are not supported with vRealize Automation and do not appear in the list of available SDDCs.

    vCenter IP address/FQDN

    The address auto-populates based on your SDDC selection.

    Enter the IP address or FQDN of the vCenter Server in the specified SDDC.

    The IP address defaults to the private IP address. Based on the type of network connectivity used to access your SDDC, the default address might be different than the IP address of the NSX Manager Server in the specified SDDC.

    NSX Manager IP address/FQDN

    The address auto-populates based on your SDDC selection.

    Specifies the IP address or FQDN of the NSX Manager in the specified SDDC.

    The IP address defaults to the private IP address. Based on the type of network connectivity used to access your SDDC, the default address might be different than the IP address of the NSX Manager Server in the specified SDDC.

    VMware Cloud on AWS cloud accounts support NSX-T.

    vCenter user name and password

    The user name auto-populates as cloudadmin@vmc.local.

    Enter your vCenter user name for the specified SDDC if it's different than the default.

    The specified user requires CloudAdmin credentials. The user does not require CloudGlobalAdmin credentials.

    Enter the user password.

    Validate

    Click Validate.

    If you receive an Error updating endpoint <Name>: Endpoint already exists, a cloud account has already been associated to that SDDC.

    Validate confirms your access rights to the specified vCenter and checks that the vCenter is running.

    Name and Description

    Enter OurCo-VMC for the cloud account name.

    Enter Sample deployment for VMC for the cloud account description.

    Allow provisioning to these data centers

    This information is read-only.

    Lists available data centers in your specified VMware Cloud on AWS SDDC environment.

    Create a cloud zone

    De-select the check-box. For this example, you will create a cloud zone later in the workflow.

    See Learn more about vRealize Automation Cloud Assembly cloud zones.

    Capability tags

    Leave this empty. This workflow does not use capability tags.

    Use tags according to your organization's tag strategy. See How do I use tags to manage vRealize Automation Cloud Assembly resources and deployments and Creating a tagging strategy.

    As with VMs deployed to vSphere, you can configure machine tags for a VM to be deployed on VMware Cloud on AWS. You can also update the machine tag after initial deployment. These machine tags allow vRealize Automation to dynamically assign a VM to an appropriate NSX-T security group during deployment. For related information, see Using a security group resource in a vRealize Automation cloud template.

  3. Click Add.

Results

Resources such as machines and volumes are data-collected from the VMware Cloud on AWS SDDC data center and listed in the Resources section of the vRealize Automation Infrastructure tab.

What to do next

Create a cloud zone for VMware Cloud on AWS deployments in vRealize Automation.