Showing posts from March, 2019

Use PowerCLI to set your SDDC Firewall rules

Gilles Chekroun Lead VMware Cloud on AWS Specialist --- One thing I really like about VMware is the team spirit of that company. People are always here to help you, sharing their experiences and knowledge.  We have our EPIC2 values and one guy in particular stands out for Passion and Community . It's William Lam .  He is well known in our community for his " virtuallyGhetto " blog and the 1000+ posts he wrote over many subjects and technologies.  Recently, I asked him what API should i use to retrieve the VMC SDDC Public IP address and he replied to me with a blog post !! Amazing. William wrote many PowerShell modules and in particular the ones for NSX-T and VMC . Download and import VMware.VMC.NSXT and VMware.VMC PowerShell modules. We will need them later. This article will describe how to automate tasks after SDDC deployment like creating logical segments, setting up Firewall rules on MGW (the Management Gateway) and most importantly on CGW (the Compute G

Deploy VMware Cloud on AWS Route Based VPN with API

Gilles Chekroun Lead VMware Cloud on AWS Specialist --- Following my articles on AWS Transit Gateway here and here , I found it quite complex to setup the VPN connection and the 2 tunnels from TGW VPN attachment to VMC route based VPN using the GUI. AWS VPN Naming and VMC VPN relationship When creating the AWS TGW VPN attachment, AWS gives the possibility to "download configuration file" AWS - VMC relationship: Once this is clear, it's time to map these parameters to our API Calls. Five API calls  For properly setting a Route Based VPN to AWS TGW we need 5 API calls: Get the NSX-T Proxy URL Get the SDDC Public IP Set Local AS Number Set BGP Neighbour ID Set VPN Tunnels Before we can do any API calls into VMC we need a few parameter like " Refresh-Token ", " Org-ID ", " SDDC-ID ". Refer to my earlier post here on how to get them. Get NSX-T Proxy URL This API call will get "Org-ID, SDDC-ID and Session-T