6.2
Table Of Contents
- IaaS Configuration for Cloud Platforms
- Contents
- IaaS Configuration for Cloud Platforms
- Configuring IaaS
- Configuring IaaS for Cloud Checklist
- Custom Properties in Machine Provisioning, Blueprints, and Build Profiles
- Bringing Resources Under vRealize Automation Management
- Configure Machine Prefixes
- Create a Business Group
- Managing Key Pairs
- Cloud Reservations
- Optional Configurations
- Preparing for Provisioning
- Choosing a Cloud Provisioning Scenario
- Preparing for Amazon Provisioning
- Preparing for OpenStack Provisioning
- Preparing for Virtual Machine Image Provisioning
- Preparing for Linux Kickstart Provisioning
- Preparing for WIM Provisioning
- Creating a Cloud Blueprint
- Configuring Advanced Blueprint Settings
- Managing Cloud Infrastructure
- Monitoring Workflows and Viewing Logs
- Machine Life Cycle and Workflow States for Cloud Platforms
The vRealize Automation access rights that you need to perform tasks such as creating endpoints,
reservations, and blueprints, and requesting machine provisioning are described for the applicable
vRealize Automation tasks in this guide. However, you must also be configured in Amazon Web Services
(AWS) to perform related endpoint tasks.
n
Role and Permission Authorization in Amazon Web Services
The Power User role in AWS provides an AWS Directory Service user or group with full access to
AWS services and resources.
You do not need any AWS credentials to create an AWS endpoint in vRealize Automation. However,
the AWS user who creates an Amazon machine image is expected by vRealize Automation to have
the Power User role.
n
Authentication Credentials in Amazon Web Services
The AWS Power User role does not allow management of AWS Identity and Access Management
(IAM) users and groups. For management of IAM users and groups, you must be configured with
AWS Full Access Administrator credentials.
vRealize Automation requires access keys for endpoint credentials and does not support user names
and passwords. To obtain the access key needed to create the Amazon endpoint, the Power User
must either request a key from a user who has AWS Full Access Administrator credentials or be
additionally configured with the AWS Full Access Administrator policy.
For information about enabling policies and roles, see the AWS Identity and Access Management (IAM)
section of Amazon Web Services product documentation.
Understanding Amazon Machine Images
A tenant administrator or business group manager selects an Amazon machine image from a list of
available images when creating Amazon EC2 blueprints.
An Amazon machine image is a template that contains a software configuration, including an operating
system. They are managed by Amazon Web Services accounts. vRealize Automation manages the
instance types that are available for provisioning.
The Amazon machine image and instance type must be available in an Amazon region. Not all instance
types are available in all regions.
You can select an Amazon machine image provided by Amazon Web Services, a user community, or the
AWS Marketplace site. You can also create and optionally share your own Amazon machine images. A
single Amazon machine image can be used to launch one or many instances.
The following considerations apply to Amazon machine images in the Amazon Web Services accounts
from which you will provision cloud machines:
n
Each cloud blueprint must specify an Amazon machine image.
An Amazon machine image can be enabled for some locations in region. A private Amazon machine
image is available to a specific account and all its regions. A public Amazon machine image is
available to all accounts, but only to a specific region in each account.
IaaS Configuration for Cloud Platforms
VMware, Inc. 48