The recently added Elasticity tab (available on all SDDCs starting from version 1.18) simplifies managing Elastic DRS configuration, enhances visibility into Elastic DRS settings, and enables the creation of custom Elastic DRS policies. There will be more on the Elastic DRS later in this chapter.

Integrated Services tab

The Integrated Services tab (previously called the Add-On tab) lists the available services and provides a way to activate service deployment. Currently available add-ons are shown in Figure 5.2.

Note

Some services (such as VMware HCX) are available free of charge, and some (such as NSX Advanced Firewall) require separate subscriptions. The list of services included with a VMware Cloud on AWS subscription is constantly changing. Please check the VMware documentation for the latest updates.

Figure 5.2 – VMware Cloud on AWS Integrated Services

Maintenance tab

VMware manages the life cycle of your SDDC, including security patches, version updates, and other service activities. The Maintenance tab improves visibility into service operations and allows customers to request a maintenance operation or postpone a planned upgrade. Check this tab regularly to ensure that you are prepared for upcoming maintenance in your SDDC.

Troubleshooting tab

The Troubleshooting tab provides access to a set of automatic networking tests, helping customers establish hybrid-linked mode (HLM) and check connectivity with on-premises management services such as Active Directory, DNS, and vCenter. It is recommended to run these tests on hybrid cloud deployments after establishing connectivity with the on-premises vSphere environment using a VPN or AWS Direct Connect.

Settings tab

The Settings tab allows access to different SDDC advanced configuration settings, including SDDC appliance size, vCenter information, FQDN resolution, default vCenter user credentials, PowerCLI connection endpoint, and NSX information, to list a few. Note the changed location for some settings compared to the previous version of SDDC.

The SDDC appliance size can be upgraded from Medium to Large for SDDCs with more than four hosts, which is a prerequisite for the multi-edge feature that is used to improve the network throughput of NSX Edge.

Figure 5.3 – VMware Cloud on AWS configuration Settings tab

Compliance Hardening

VMware Cloud on AWS supports several regulatory compliance attestations, including Payment Card Industry Data Security Standard (PCI DSS). Some of the compliance certifications (such as PCI DCC) have a special set of requirements, both on the Organization and the SDDC level. While VMware performs Organization-level hardening upon request (with a prerequisite of a new Organization without an SDDC), customers are responsible for the SDDC configuration. Depending on the compliance requirement, you may be required to disable access to Network & Security Tab Access, HCX Service, Site Recovery Service v8.4 compatibility (versions earlier than 8.5), and Federated Login Feature. You can disable them in the Compliance Hardening section of the Settings tab.

Figure 5.4 – Configuring Compliance Hardening for a VMware Cloud on AWS SDDC

Note

To re-enable the service, you may need to file a support request.

Support tab

The Support tab provides access to the SDDC unique identifiers and other information (IP addresses, currently logged-in user, and so on) required for VMware support to help resolve issues in your SDDC.