This blog post will show how you can continue with your VMware Cloud on AWS (VMC) testing. If you haven’t got a VMC SDDC set up, please read part 1 of the VMC blog series, which will walk through how to set up a test/lab single host VMC SDDC cluster.

We start off with our newly created single host SDDC:

  • Click View Details or the name of the SDDC to get to the details page, and then click Network (screenshot below). Now you can see a complete diagram of the networks, including the connections to the internet and your on-prem environment. Note the following:
  1. By default, no network traffic at all is allowed to your Management network, neither from the internet or from your on-prem environment.
  2. From your on-prem, you can/should set up VPN tunnels for accessing the management components (vCenter, NSX Mgr etc.) of the VMC SDDC as well as the compute networks (where your future VMs will reside).
  3. From the Compute networks, you can make direct connections to AWS instances/services in your VPC, through the Compute Gateway.
  4. Behind the Compute Gateway, you create your Logical Networks to place your VMs on. This is equivalent to your VLANs and Port Groups if you’re running a traditional vSphere networking environment without NSX. Since VMC uses NSX, all Logical Networks are created using NSX, but the admin interface looks very similar to a traditional vSphere environment, which we will see as we start creating VMs later on.

The first thing we want to do is allow ourselves to access our vCenter Server web interface. In this lab setup we won’t be setting up a VPN, so instead, we’ll do a quick-and-dirty firewall opening allowing our external IP address to access the vCenter Server:

  • Open a web browser and go to (or any similar service) – Make a note of your IP address being displayed (masked in the screenshot below).

  • Now return to your VMC web console, Networking view, click the Actions drop-down between ‘Internet’ and ‘Management Gateway’ and click Add firewall rule

  • Create an Allow firewall rule from your external IP address (that you previously noted) to the vCenter Server on port 443. Click Save.

  • Scroll back up and click the button Open vCenter at the far right hand side.

VMC will assist you by displaying the username and password for a default vCenter administrative account. Click the copy icon on the right hand side of the password field so that it gets copied to your clipboard.

When you click Open vCenter here, you will automatically get a new browser tab with the URL, username and password filled in. Unfortunately, the password won’t match (perhaps due to security constraints?), so overwrite it by pasting the password that you just copied.

After you complete the login, you will see the familiar vCenter Server UI (see screenshot below). Note the following:

  • In the navigation tree to the left, you will see that you have one vCenter Server, one cluster, one ESXi host (since this is a single-host trial) and two resource pools
  • The resource pool named Compute-ResourcePool is where your VMs will go. Here you have almost full Administrator privileges.
  • The resource pool named Mgmt-ResourcePool is where your management VMs (vCenter Server, NSX Manager etc.) are located. Here you have very limited administrative privileges. If you for example right-click on the resource pool, the option to create new VMs is greyed out. This is because the VMs in here are not managed by you (the customer), but instead by VMware.
  • There is a ‘Getting Started’ button in the top row which will take you to a guide that helps you getting started with Hybrid Linked Mode, Storage Policies etc.
  • There is a support button in the lower right that will open a direct chat with the VMware VMC support, which is very cool.


In the next part of this blog series, we will start creating some VMs and connect them to the network(s). Stay tuned!