Start modernizing applications with minimal disruption to your business. Run, monitor, and manage containers and virtual machines on the same platform using familiar vCenter tools and centralized platform operations. Modernize apps using fully managed VMware Tanzu services and provision Kubernetes clusters within minutes from the VMware Cloud console. Enrich existing applications with AWS PaaS services, and automate the underlying infrastructure operations with DevOps tools.
Accelerate cloud migrations of vSphere workloads from months or years to weeks or days with familiar, consistent infrastructure that eliminates the rework tax needed to re-architect applications. Reduce the complexity, cost and risk of cloud migrations compared to alternatives that require time and scarce skills. Once in the cloud, use VMware and AWS services to modernize your apps at your pace.
Easily extend your on-premises data center to AWS for quick access to additional capacity, on-demand scaling of apps, flexible development and test environments, or rapid regional expansion. Move your vSphere workloads without changing IP addresses into a VMware-consistent, enterprise-grade environment in the AWS Cloud quickly and cost-effectively, and manage it through your vCenter console.
Adopt a robust, feature-rich cloud platform for virtual desktops and applications that can be used to deliver complete VDI infrastructure from the cloud. Or you can extend an existing on-premises VDI environment for desktop bursting, protection or proximity to applications running in AWS. Optimize infrastructure costs with flexible, consumption-based billing while paying only for what you use.
Simplify disaster protection with VMware Cloud Disaster Recovery and VMware Site Recovery, on-demand disaster recovery as a service (DRaaS) optimized for VMware Cloud on AWS. Accelerate time-to-protection, simplify disaster recovery operations and reduce secondary site costs with cloud economics, while providing a secondary site that is operationally consistent with your VMware data center.
VMware Cloud on AWS is an investment in a platform that leaves us well prepared for whatever the future may hold. Times to market are shorter, scalability is enhanced, and ultimately the total cost can be reduced. Security and governance are likewise ramped up, downtime is reduced, and the integrity of applications is preserved.
With the VMware Cloud on AWS-based hybrid cloud infrastructure, we have been able to simplify administrative tasks; automate manual processes; scale up on-demand; and improve our business agility. This deployment has helped us to stay at the cutting edge of technology for years to come. Our infrastructure is now future-proof.
VMware Tanzu Standard simplifies operation of Kubernetes for multi-cloud deployment, centralizing management and governance for many clusters and teams across on-premises, public clouds, and edge
Solution provider of modern managed services for data center infrastructure, cloud & DevOps, cybersecurity, service management & operations, and more.
Starting out? Use this low cost option to jump start your hybrid cloud experience
For non-production use only
Designed for production enterprise environments
Good for general purpose clusters. Provides good balance between compute and storage capabilities for most typical workload types.
This capability is optimized for data-intensive workloads requiring high random I/O access such as relational databases and workloads that require end to end security.
|Cores / host|
|Memory / host (GiB)|
List Price / host
Savings vs. On-Demand
List Price / host
Savings vs. On-Demand
|On-Demand (hourly) Pay for physical hosts by the hour. Billed in arrears.|
|1-year Subscription Pay for the physical hosts upfront or monthly.|
|3-year Subscription Pay for the physical hosts upfront or monthly.|
What is the difference between on-demand and subscription pricing? On-Demand Pricing
On-Demand consumption allows you to pay for physical hosts by the hour. There are no upfront costs and you have the flexibility to scale the number of hosts up or down without long-term commitments. You only pay for each hour that the host is active in your account. If you choose the on-demand option, you will be billed at the end of the month in arrears.
Subscription PricingPrepay longer-term subscription of hosts gives you up to 50% cost saving compared to on-demand hosts consumed over the equivalent period. Host subscriptions are available in 1-year or 3-year terms. If you choose a 1-year or 3-year subscription option, you can choose to prepay upfront or pay monthly.
Additional charges not included Data Transfer charges:
• Data transfer IN to VMware Cloud on AWS from internet: $0.00/GB
• Data transfer IN to VMware Cloud on AWS from another region: $0.00/GB
• Data transfer IN/OUT/BETWEEN same Availability Zone: $0.00/GB
• Data transfer IN/OUT/BETWEEN different Availability Zones or using elastic IP or ELB: $0.00/GB (no charge for stretch clusters data transfer)
• Data transfer OUT from VMware Cloud on AWS to the internet: $0.05/GB
• Data transfer OUT from VMware Cloud on AWS to another AWS region: $0.02/GB
IP address charges:
• Elastic IP address associated with a running instance: $0.005/IP/hour
• Elastic IP address not associated with a running instance: $0.005/IP/hour
• Elastic IP address remap: $0.1/IP Note: These charges are for US West (Oregon) region only. For other regions, please check here.
• VMW has introduced a new policy for EIP charges where you will be charged only for the IPs unattached to a running instance. This means additional cost savings that we pass on to you for these charges.
VMware Transit Connect Pricing:
• Price per VMware Transit Connect attachment: $0.05
• Price per GB of data processed by VMware Transit Connect: $0.02
How to understand our roadmap:
Available - Feature now available for use by applicable customers. May not be available in all AWS regions.
Preview - Feature released in preview to gather feedback. May not be available to all applicable customers or in all AWS regions.
Developing - Feature in active development and testing.
Planned - Feature under consideration or planned for future development.
The information in this website is for informational purposes only and may not be incorporated into any contract. There is no commitment or obligation that items in ‘Preview’, ‘Developing’, and ‘Planned’, will become ‘Available’ and is subject to change at VMware’s sole discretion. The information on this website should not be relied upon in making purchasing decisions.
With VMware Carbon Black Workload support for VMware Cloud on AWS, customers can protect the workloads including VMs, containers, and apps running on VMware Cloud on AWS
The seed checkpoint feature provides recoverable migration progress with checkpoint seed data. With this capability, users have the option to retain replica disks at the target datastore if a migration is failed or canceled. Seed checkpoints enable VMware HCX to reuse the disks on the target for seeding replication data, avoiding the need to transfer all the data again.
Maximize your investment in VMware Cloud on AWS by using an existing SDDC created from VMware Cloud console, for recovery with VMware Cloud DR. Clusters and hosts added to VMware Cloud DR from VMware Cloud console are automatically recognized by VMware Cloud DR.
With enterprise federation, enterprises can use their corporate identities and credentials and link their VMware ID (My VMware) accounts to both log in to VMware Cloud Services and manage access to services/organizations/features within VMware Cloud services. With the new enhancement, customers will get self-service experience to setup enterprise federation so that any customer can setup federation without the need of engagement with VMware.
Get additional payment flexibility with a new option to pay for 1-year or 3-year committed term subscriptions in monthly installment rather than paying for it all upfront.
Achieve faster failover times and failback sooner by recovering your virtual machines directly onthe Scale Out Cloud File System and skipping the storage migration to VMware Cloud on AWS.The virtual machine storage continues to be served from the cloud filesystem.
Use AWS Direct Connect with public virtual interfaces (Public VIF) to carry replication, failback,and management traffic between your on-premises protected site and VMware Cloud Disaster Recovery over a high-bandwidth, low-latency network connection.
Expand your DR strategy to include protection of your virtual machines running in VMware Cloud on AWS in addition to those running in your on-premises data center. Confidently migrate your most critical virtual machines to VMware Cloud on AWS with the knowledge that they can be easily protected to another AWS Availability Zone in the same region using VMware Cloud Disaster Recovery.
Replication performance has been optimized such that replication throughput is up to 3X higher when using high bandwidth and low latency connectivity between the protected and recovery sites. This capability requires at least vSphere 7.0 Update 2 and vSphere Replication 8.4 at the recovery site.
Re-protect your virtual machines significantly faster after a planned recovery. The re-protection operation is especially quick when run shortly after the planned recovery such that the delta between the data on the source and recovery sites is not large. VMware Site Recovery now automatically starts tracking changes on the recovered virtual machine after failover. Only those changes are then replicated to the original protected site when re-protect is run and checksum comparisons can be completely avoided. This capability requires at least vSphere 7.0 Update 2 and vSphere Replication 8.4 in both sites.
System & Organization Control (SOC) Reports are independent third-party examination reports that demonstrate how VMware Cloud on AWS achieves key compliance controls and objectives to meet SOC 2, Type 2 requirements. The purpose of these reports is to demonstrate the design and testing of SOC 2 controls over a period of time.
VMware Cloud on AWS dashboards allow you to track the capacity, cost, and inventory overviews of the VMware SDDCs. You can also track the monitoring of virtual machines and the utilization and performance of these SDDCs. This functionality is available in vRealize Operations as well..
VMware SDDCs are deployed with dedicated, single-tenant i3en bare-metal hosts. Each host has Intel® Xeon® Cascadelake Processors @ 2.5GHz CPUs, 48 cores, 96 logical cores with hyperthreading enabled, 768GiB RAM, 8 x 7,500 NVMe SSD and native encryption at NIC-level for east-west traffic within SDDC boundaries. Compression is enabled by default to provide storage efficiencies on i3en bare-metal hosts.
System & Organization Control (SOC) Reports are independent, third-party examination reports that demonstrate how VMware Cloud DR achieves key compliance controls and objectives to meet SOC 2, Type 2 requirements. The purpose of these reports is to demonstrate the design and testing of SOC 2 controls over a period of time.
ISO 27017 provides guidance on the information security aspects of cloud computing, recommending the implementation of cloud-specific information security controls that supplement the guidance of the ISO 27002 and ISO 27001 standards.
The Migration Solution experience delivers a prescriptive, intuitive and integrated workflow that expedites large-scale, data center-wide migrations to VMware Cloud on AWS. Customers are led through the steps of assessing, building and migrating workloads to VMware Cloud on AWS, with relevant tools such as VMware vRealize Network Insight Cloud and VMware HCX and associated documentation such as on-boarding handbooks.
VMware SDDCs can be deployed and resized hourly for on-demand granularity. Longer-term reservation of hosts gives you up to 50% cost saving compared to on-demand hosts consumed over equivalent period. Host Reservations are available in 1 or 3 year terms. You pay upfront, but maximize your savings.
Supporting AWS Direct Connect for management appliance and workload traffic along with ESX management and vMotion. Eliminating the need for separate VPN tunnels while also simplifying connectivity.
ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization.
ISO 27018 is a code of practice that focuses on protection of personal data in the cloud. It is based on ISO information security standard 27002 and provides implementation guidance on ISO 27002 controls applicable to public cloud Personally Identifiable Information (PII). It also provides a set of additional controls and associated guidance intended to address public cloud PII protection requirements not addressed by the existing ISO 27002 control set.
VMware Tanzu Mission Control simplifies deployment and operation of Kubernetes, centralizing management and governance for many clusters and teams across multiple environments. With Tanzu Kubernetes Grid integrated with Tanzu Mission Control on VMware Cloud on AWS, customers can easily deploy and run Kubernetes on VMware Cloud on AWS with consistent operations and management across clusters and applications to support their infrastructure and app modernization.
End-to-End VM to VM MPLS path visibility for VMware Cloud on AWS Direct Connect using vRealize Network Insight
Kickstart the VMware Cloud on AWS hybrid cloud experience with a time-bound, single-host configuration, at less than ½ the price of 2-host VMware Cloud on AWS offering. This new consumption option is designed for customers who want to prove the value of VMware Cloud on AWS in their environments before scaling to the production environment. Purchase hourly on-demand payable via US based credit cards or via VMware credit funds. Seamlessly scale-up at any time: At the completion of your 60 days time-bound offering, your single host SDDC will reset. However, you can easily scale-up to the minimum 2-host purchase and continue your cloud expansion without losing any of your data before the time period ends. Take advantage of capabilities that do not require multiple hosts within your VMware Cloud on AWS SDDC, such as cloud migration, evaluating disaster recovery as a service add-on, and hybrid linked mode.
Flow Based Application Discovery with Machine Learning with improved scale for number of VMs and application scale supported
Attach external storage to a SDDC managed by the Managed Service Provider (MSP). The SDDC has three NFS datastores that are backed by the Managed Service Provider (MSP) cloud storage. This capability is currently offered through Faction as the Managed Service Provider (MSP).
Cloud Zone Insights helps maintain visibility of VMware Cloud on AWS consumption and capacity for the cloud zones that users have defined. Combining the power of vRealize Operations Cloud with vRealize Automation Cloud, Cloud Zone Insights bring users the information they need and the actions they need to take on the same platform to tighten up hybrid cloud operations.
The Cloud Management Assessment (CMA) is the next generation assessment offered by vRealize Operations Cloud. CMA aligns with VMware Cloud on AWS and helps customers prepare for a move to VMware Cloud on AWS as well as guides them to how to best manage VMware Cloud on AWS, including assessing capacity needed, performance optimization and ROI.
Supporting SQL Clusters in Active Passive with shared disk configuration via SCSI 3 PR. This enables customers to cut down on the SQL Server licensing costs, by paying only for active SQL nodes.
With vRealize Operations Cloud and vRealize Operations, VMware Cloud on AWS customers can now measure, alert and report on the key configuration maximums for more predictable costing of their SDDC environments. vRealize Operations Cloud provides a rich set of configuration maximum metrics with limits (both hard limits and soft limits), calculates the provisioned resources and alerts if some of these key configuration limits are being breached. Keys areas of configuration maximums covered with this feature are: - Organization Maximums - SDDC Maximums - vCenter Maximums - vSAN Maximums.
It helps manage user teams more efficiently with Property Groups. Property groups let users templatize their VMware Cloud on AWS environment properties and reuse them for new catalog requests within a VMware Cloud Template
VMware Cloud Partner Navigator support for vRealize Network Insight Cloud so MSPs can utilize a multi-tenant version for network visibility of VMware Cloud on AWS VMware vRealize Network Insight Cloud, now available through VMware Cloud Partner Navigator, takes a flexible and modular SaaS approach to delivering network visibility and analytics. This enables partners to help optimize and secure their tenant’s network infrastructure across hybrid and multi-cloud environments. The cloud-based solution provides a rapid path to monetizing new professional service offerings at scale—like security, network and application assessments—and new ongoing services, like quarterly security assessments or self-service assessments, reducing the time to market.
vCenter Cloud Gateway is a new on-premises virtual appliance that delivers a single logical view and hybrid management of both on-premises and VMware Cloud on AWS resources. It enables customers to manage VMware Cloud on AWS resources as extension of a on-premises data center. Customers can manage both on-premises and VMware Cloud on AWS resources from on-premises using vCenter Cloud Gateway. Simplifed set up for improved user experience with integrated configuration of vCenter Hybrid Linked Mode as part of the Cloud Gateway installation. With Cloud Gateway, customers do not need to configure Active Directory (AD/LDAP) in the cloud vCenter server instance or enter their on-premises vCenter admin credentials.
Simplifies hybrid resource management with a single inventory view between on-premises and VMware Cloud on AWS using vCenter Hybrid Linked Mode. Enhanced single logical view and hybrid management of resources by extending Hybrid Linked Mode to connect a VMware Cloud on AWS environment with multiple linked on-premises vCenter Server instances (external PSC topology).
Support for DFW IPFIX that enables the vRNI solution within VMware Cloud on AWS. The vRNI solution provides support for operationalizing DFW interms in planning the day to day monitoring and troubleshooting.
Customers can use existing VMware purchasing vehicles -- Subscription Purchasing Program (SPP) and Hybrid Purchasing Program (HPP) credits to pay for VMware Cloud on AWS.
Stretch cluster is now supporting a 4-host configuration across multi-AZ. A customer who wants a 4-host configuration can choose to deploy it across AZs.
It reduces the exposure of sensitive data by keeping them encrypted in the database. vRealize Automation Cloud helps users create and encrypt secret variables for VMware Cloud on AWS and consume them as part of VMware Cloud Templates or extensibility workflows (e.g., with ABX or vRealize Orchestrator).
Supports authentication with external identity providers for the vCenter Server on VMware Cloud on AWS. This will also enable Single Sign-On across the VMWare Cloud console and the vCenter Server running on VMWare Cloud on AWS.
Traditional Horizon Instant Clone maintains internal VMs, called parentVMs, for ease of operation. These parentVMs take up previous memory on each host, which adds to the cost of deployment. With smart provisioning, Horizon can now intelligently choose to provision instant clones with or without parentVMs, depending on the situation. Administrators also have the freedom to choose to provision all instant clones without parentVMs.
Improving application availability and performance by live migrating virtual machines between clusters in the same VMware Cloud on AWS SDDC.
SDDC save and restore capability that reduces configuration time by allowing customers to save their VMware Cloud on AWS SDDC configurations upon deletion and re-deploy an SDDC using these saved configurations if they need to at a later date.
AppVolumes makes it easy to deliver, update, manage and monitor applications and users across virtual desktop infrastructure (VDI) and published application environments.
Efficiently and easily deploy and manage multiple instances of VMware Cloud DR within thesame VMware Cloud organization and cloud region while continuing to use a single SaaS-simple cloud-based management console to administer and configure all these instances. Recover to multiple VMware Cloud on AWS SDDCs within the organization for increased scale and performance benefits.
Further lower DR costs by using a two host SDDC cluster as a "pilot light" with VMware Cloud DR. Recover smaller sets of virtual machines cost-effectively by only creating a two host SDDC.
Purchase VMware Cloud DR through your preferred VMware Cloud on AWS Managed Services Provider (MSP) to benefit from your existing relationship with the MSP and leverage their uniquevalue-added managed services in conjunction with VMware Cloud DR and VMware Cloud on AWS.
Meet your PCI DSS compliance obligations for virtual machines protected by using VMware Cloud DR, under a shared responsibility model to maximize flexibility and control. Benefit from enhancements in security controls and operational processes undertaken by VMware to make VMware Cloud DR a PCI DSS 3.2.1 Level 1 Service Provider, the highest level of assessment available. Further reinforce your compliance status with VMware Cloud DR's end-to-end and daily data integrity checks, continuous DR health checks, and audit-ready, detailed DR reports. In the event of a DR incident, the protected virtual machines can be recovered to a PCI compliant environment in VMware Cloud on AWS.
Benefit from various enhancements and optimizations of VMware Cloud DR's scale-out cloud file system and achieve production-grade performance on your most critical virtual machines recovered on the VMware Cloud DR live mount datastore.
Virtual machine workloads can also access Amazon Elastic File System (EFS) for fully managed file service to scale the file-based storage automatically to petabyte scale with high availability and durability across multiple availability zones.
VMware Horizon support for VMware Cloud on AWS enables customers to: - Easily add and extend on-premises desktop services without buying additional hardware - Co-locate virtual desktops or published application (remote desktop session) hosts near latency-sensitive applications in the cloud - Leverage elastic capacity as a cost-effective way to protect on-premises Horizon deployments or temporary needs.
Elastic DRS enables SDDC to scale out a cluster faster by adding hosts in parallel when CPU or memory thresholds are reached. Latest enhancement enables the cluster scale out faster by adding 12 hosts in parallel compared to 4 hosts previously supported.
Horizon Instant Clone Support is available for VMware Cloud on AWS. Customers can create clones from a base image in seconds to rapidly scale virtual desktop and app deployments.
VMware Horizon now offers full clone support for VMware Cloud on AWS. Customers can now rapidly scale Horizon desktops and apps to VMware Cloud on AWS. VMware Horizon for VMware Cloud on AWS delivers a seamlessly integrated hybrid cloud for virtual desktops and applications. It combines the enterprise capabilities of VMware Cloud on AWS, with the market-leading capabilities of VMware Horizon - for a simple, secure and scalable solution. Now, customers can easily extend desktop services to address on-demand capacity, protection of desktop workloads and AWS cloud co-location for latency-sensitive applications without buying additional data center resources.
Customers can now see all the historical notification and activity events in their vRealize Log Insight Cloud instance. In other words, all the historical events that you see in the Activity Log tab would also be available via vRealize Log Insight Cloud.
VMware Cloud Director service is a cloud-based service that makes VMware Cloud on AWS more accessible to a wider set of customers. VMware Cloud Director service enables cloud providers and MSPs to deliver proven multi-tenancy to VMware Cloud on AWS, enabling them to provision custom-sized slices of VMware Cloud on AWS for customers. This cloud-based solution helps cloud providers grow their customer base, accelerate business expansion, and increase business agility. VMware Cloud Director service instances are deployed in US West, Frankfurt and Tokyo, and are available to any SDDC within 150ms of latency.
Monitor heath, availability, capacity, and cost of Kubernetes clusters on VMC with vRealize Operations Cloud. With enhanced dashboards, reports, and alerts content, gain full-stack visibility on VMware Cloud, upstream Kubernetes to SDDC and Orgs.
VMware Cloud on AWS has expanded the custom CPU core capability to allow customers to choose a different number of physical cores per host depending on the host instance type. Specifically, a customer can enable more cores on a host instance type with a larger number of physical cores.
VMware SDDCs can be consumed on-demand or via a 1 or 3-year term commitment. Now we offer the option to pay for the 1 or 3-year commitment also via monthly installments. Continue to enjoy the savings of the 1 or 3-year term commitments without upfront payment. Please note that the monthly billing option is only available to qualified pay by invoice transactions directly through VMware or purchases from a Managed Service Provider (MSP) partner under the VMware Cloud Provider Program. Please contact your VMware sales or MSP partner representative for eligibility.
New out-of-the-box dashboards to cover seven key operational use cases: availability, performance, compliance, capacity, cost, configuration and inventory.
Import and/or export configuration data of the replications created in vSphere Replication for use cases such as migrating vSphere Replication configuration to a different host.
Customers can now run their business-critical operations on VMware Cloud on AWS. This means high-value technical support is very critical for delivering operational efficiency, risk reduction, and business continuity. VMware's new In-Product Support gives customers a truly unique and effortless support experience to meet the dynamic needs of their digital business. VMware's In-Product Support provides access to support channels and resources, including: **Intelligent Search:** Surfaces popular content based on the user's location and contextual usage in the product. Powerful search relevant content across VMware Knowledge Base Articles, Product Docs & Community Posts to answer questions without contacting support. **Chat with VMware Support:** Quickly address questions or issues with highly skilled VMware Support Engineers and Customer Support Representatives. Continue to search and interact with the product interface while chatting with the support. **Support Requests (SRs):** For situations that go beyond chat, customers can create and manage SRs or our Support Engineers can create SRs on their behalf via chat without leaving the product. **Ask the Community:** Engage and pose questions to actively moderated communities backed by passionate VMware Support Engineers and VMware Experts around the globe. **Service Health:** Review live status of VMware Cloud Services and receive important service notifications.
With 1-click, enable near real-time monitoring at a 20 second granularity for better observability of metrics and events in vRealize Operations Cloud. Persist data for up to 3-days to ensure historical evidence and observe data through dashboards and charts in near real-time.
Avoid integration overhead and ensure operational consistency with third-party tools. VMware Cloud on AWS has a broadening ISV technology ecosystem support with support for categories across data protection, DevOps, cloud migration, security and more. Technology partners validate that their solutions work with VMware Cloud on AWS. For a complete list of technology partners who have validated that their solution works with VMware Cloud on AWS, please visit [VMware Solution Exchange](https://marketplace.vmware.com/vsx/solutions/featured?product=3450,3429)
VMware Site Recovery can be consumed on-demand or via a 1 or 3-year term commitment. Now we offer the option to pay for the 1 or 3-year commitment via monthly installments. Continue to enjoy the savings of the 1 or 3-year term commitments without upfront payment. Please note that the monthly billing option is only available to qualified pay by invoice transactions directly through VMware or purchases from a Managed Service Provider (MSP) partner under the VMware Cloud Provider Program. Please contact your VMware sales or MSP partner representative for eligibility.
G-Cloud is a framework agreement published by the UK Crown Commercial Service. VMware Cloud on AWS is listed on the G-Cloud digital marketplace. Check out the digital marketplace portal below for a detailed overview of our service, support, relevant pricing documents, terms and conditions, and sales contacts.
Cyber Essentials is a UK government-backed, industry-supported scheme to help organizations protect themselves against common cyber threats. It provides a set of controls that enable organizations to demonstrate their commitment to cybersecurity and protecting internal and customer data.
As a native solution to vRealize Operations Cloud, the management pack for AWS utilizes AWS Cloudwatch to collect operations data for AWS services including EC2, EBS, ASG, EMG, and others to provide pre-configured dashboards, alerts, and reports. This functionality is available in vRealize Operations as well.
The 3 Guidelines from 3 Ministries is a collection of security and compliance guidelines published by the three ministries in Japan - Ministry of Health, Labor and Welfare, the Ministry of Internal Affairs and Communications, and the Ministry of Economy, Trade and Industry. In Japan, medical institutions that store medical data such as patient records and medical images in an external facility such as a public cloud should align with the requirements specified in these guidelines.
VMware Cloud on AWS now provides automated space reclamation support with TRIM and SCSI UNMAP to reclaim previously allocated storage as free space.
FISC (The Center for Financial Industry Information Systems) is an organization under the Japanese Minister of Finance. FISC issued security guidelines that prescribe security measures for financial institutions in Japan. VMware Cloud on AWS aligns with FISC guidelines.
Manage your VMware Cloud on AWS instances in vRealize Operations Cloud using the CSP API token for authorization and communication. This functionality is available in vRealize Operations as well.
European Banking Authority (EBA) outsourcing guidelines prescribe the governance framework and guidelines for financial institutions within the scope of the EBA's mandate when outsourcing internal functions to service providers (including cloud outsourcing).
The Fourteen Cloud Security Principles are a set of cloud security guidelines prescribed by the UK National Cyber Security Center (NCSC). VMware Cloud on AWS aligns with Cloud Security Principles and the objectives of these principles as part of NCSC Cloud Security Guidance.
Generate VMware Cloud on AWS assessment reports and compliance using the vSphere Security hardening guidelines, PCI, HIPPA, FISMA, ISO (and more) benchmarks to ensure compliance of VMware on cloud infrastructure from applications to objects that need to be compliant as per the cloud infrastructure rules for virtual machines. This functionality is available in vRealize Operations as well.
CloudHealth Hybrid provides a single platform with visibility into cost, usage, and performance of hybrid cloud resources, including VMware vSphere, VMware Cloud on AWS (in Early Access), and public clouds. With CloudHealth, organizations can identify optimization opportunities and align cost and usage by business units to show back. CloudHealth also helps plan migrations by comparing the cost of moving workloads to the various public clouds in different regions/AZs. CloudHealth policies help enforce proper usage of cloud resources by enabling Infrastructure and Operations teams to set policies, then flag violations and take remediation actions.
VMware Cloud Assembly is a multi-cloud, declarative blueprint orchestration and automation solution that enables infrastructure code for expedited infrastructure consumption and application delivery, while reducing manual effort and the need for cloud specific knowledge. The ability to share content and deployments among project teams also increases collaboration and agility.
VMware Code Stream Add-on Service provides release automation and continuous delivery to enable frequent, reliable releases of application and IT code for development and operations teams.
With vRealize Operations Cloud, you can determine how many hosts will be needed and the potential cost of a new VMware Cloud on AWS environment based on existing VMs in your environment, or for net new VMs that will be provisioned for the first time in VMware Cloud on AWS. This functionality is available in vRealize Operations as well.
Workload optimization provides support for moving virtual compute resources and their file systems dynamically across datastore clusters. Using workload optimization, you can rebalance virtual machines and storage across clusters, relieving demand on an overloaded individual cluster, and maintaining or improving cluster performance. This functionality is available in vRealize Operations as well.
VMware Service Broker Add-on Service is an aggregator of services across multiple cloud platforms, as well as, a single access point for consumption (catalog) with guardrails for a range of services, including Cloud Assembly, Kubernetes Helm charts, AWS Cloud Formation and vRealize Orchestrator workflows.
Completing Cloud Security Alliance (CSA) Consensus Assessments Initiative Questionnaire (CAIQ). CAIQ provides industry-accepted ways to document what security controls exist in IaaS, PaaS and SaaS offerings.
This enables the customer to utilize one Direct Connect link with VPN as Standby. To use this, Direct Connect Private VIF can be configured with IPSEC VPN as Standby for non-ESXi and non-vMotion traffic.
Customers can take advantage of a fully managed Horizon Desktop-as-a-Service on VMware Cloud on AWS that enables them to expand and scale their hybrid virtual desktop infrastructure based on Horizon.
With support for Tanzu Kubernetes Grid Plus, customers can monitor Kubernetes clusters on VMware vRealize Operations Cloud using the VMware vRealize Operations management pack for container monitoring. This functionality is available in vRealize Operations as well where customers need to go to marketplace and download and configure the management pack from marketplace
Deferred AWS account connection for Single-Host SDDCs, enabling provisioning of Single-Host SDDCs without connecting to an AWS account for up to 14 days.
Customers can now leverage a more flexible permissions model with vCenter Server in VMware Cloud on AWS. This capability enables cloud administrators to create custom roles and assign more granular permissions to users and groups. These permissions can be assigned to users and groups globally or for specific vCenter objects.
The ability to select the number of physical cores per host during the time of provisioning, enables customers to optimize their environments for applications that are licensed per physical core.
Improves application availability and performance by live migrating virtual machines within a VMware Cloud on AWS SDDC cluster. Optimize workload distribution within a VMware Cloud on AWS cluster using vSphere DRS, High Availability and vMotion.
Equal Cost Multi Pathing (ECMP) enables customers to scale the bandwidth across multiple links. With this release, multiple route-based IPSEC VPN tunnels can be used with ECMP to provide additional bandwidth and connectivity resiliency to on-premises, AWS VPCs and to AWS TGW.
The developer center is integrated into the VMware Cloud on AWS service console giving automation experts, DevOps engineers and developers a central portal to gain access to detailed API information, software development kits, code samples and command line interfaces. It is now easy to learn and execute the VMware Cloud on AWS Service RESTful APIs with the Interactive API Explorer. Customers can quickly integrate their workflows and partner solutions with VMware and community code samples for common development languages - The Open Source software development kits (SDK's) and links to getting started guides and documentation will offer a better developer experience to VMware Cloud features - Automation experts and DevOps engineers can seamlessly tie their business workflows into VMware Cloud with a selection of command line interfaces.
DHCP Relay can be configured within VMware Cloud on AWS so DHCP requests can be forwarded to an external/3rd party DHCP server. Customers can use the native NSX DHCP capabilities in VMware Cloud on AWS or use DHCP Relay to leverage an advanced external/3rd party DHCP server.
Improves set-up speed and consistency with usability improvements for Layer 3 IPSec VPN set-up through an easy to use configuration template.
VMware vRealize Network Insight Cloud is a SaaS service that can help you fast-track application security and networking across private, hybrid and public clouds. It accelerates micro-segmentation deployment, minimizes business risk during application migration, enables visibility across virtual and physical networks and provides operational views to manage and scale VMware NSX deployments. It is also available as an on-premises perpetual product, VMware vRealize Network Insight. Customers use vRealize Network Insight Cloud to map app dependencies for micro-segmentation planning or application migration planning. Customers can troubleshoot app connectivity issues across virtual, physical and multi-cloud network infrastructure. Support for VMware Cloud on AWS, provides visibility into configuration and flows, including all IPFIX flows. Paths can now be traced between VMs running in VMware Cloud on AWS, on premises in vSphere, or with EC2 instances running in AWS. In addition, it provides complete overlay-underlay visibility and supports Netflow and sFlow. It includes integration with leading firewall and networking vendors such as F5, Palo Alto Networks, Cisco ASA, Cisco ACI, and more. Customers can simplify NSX operations with intuitive UI and natural language search to quickly pinpoint issues, scale across multiple NSX managers, proactively detect misconfiguration errors and troubleshoot as well as get best practices recommendations.
|Compliance with the European Union General Data Protection Regulation (GDPR). The European Union's General Data Protection Regulation (GDPR) protects European Union data subjects' fundamental right to privacy and the protection of personal data. It introduces robust requirements that will raise and harmonize standards for data protection, security, and compliance.|
VMware HCX is a SaaS service that provides application migration and infrastructure hybridity, and it enables large-scale, seamless, bi-directional workload portability between on-premises and VMware Cloud on AWS with VMware HCX. Migrations can be done live and in bulk (warm and cold) between various vSphere versions on-premises and VMware Cloud on AWS. It creates multi-site, high-performance, secure, WAN-optimized interconnects that stretch networks, without having to change IP addresses and includes policy-based traffic engineering, intelligent routing and automated VPN set up. VMware HCX enables cloud onboarding without retrofitting source infrastructure supporting migration from vSphere 5.0+ to VMware Cloud on AWS.
Simplifying the creation of the required firewall rules in VMware Cloud on AWS Console, to allow communication across on-premises networks and VMware Cloud on AWS SDDC components. For example, automated configuration of the firewall rules allow necessary ports for vCenter, SRM, and other service communication for Hybrid Linked Mode and VMware Site Recovery use cases.
Extend your existing on-premises DR strategy to the cloud by protecting some on-premises workloads to VMware Cloud on AWS using VMware Site Recovery while simultaneously protecting other workloads managed by the same on-premises vCenter server to a secondary on-premises DR site.
Reduce DR costs and operational complexity with support for fan-in and other multi-site topologies to pair a single VMware Cloud on AWS SDDC with multiple on-premises sites and/or other VMware Cloud on AWS SDDC(s) for disaster recovery purposes.
Business continuity for mission-critical workloads: Expand and simplify existing disaster recovery operations with on-demand site protection built on proven VMware orchestration, automation and replication technologies – delivered by VMware Site Recovery, an add-on service. Based on industry leading, enterprise-grade recovery plan automation (VMware Site Recovery Manager) and native hypervisor-based replication capabilities (VMware vSphere® Replication) that are trusted by thousands of customers. Support site protection between on-premises to VMware Cloud on AWS or between two VMware Cloud on AWS environments running in separate AWS availability zones or across regions with a flexible architecture. Reduce secondary site costs, accelerate time to protection and simplify DR operations: - Lower capital costs by eliminating need for a secondary DR site and adopting granular, on-demand protection - Increase business resiliency by protecting Tier 1 apps as well as cost-effectively expanding protection to Tier 2/3 applications, without application re-architecture - Accelerate time to protection by removing complexities with the same operating environment from on-premises to cloud - Support site protection between on-premises to VMware Cloud on AWS or between two VMware Cloud on AWS environments running in separate AWS -- availability zones, or regions, with a flexible architecture - Streamline operations with automated orchestration and simple failover and failback built into a familiar management tool enhanced with an HTML5 user interface - Increase confidence and disaster readiness with non-disruptive, on-demand testing available anytime - Available as an add-on service
VMware Site Recovery is compatibile with multiple versions of vCenter Server, allowing you to protect sites running vCenter Server versions 6.7, 6.5, and 6.0U3.
Optimize resource management of your DR cluster, by automating cluster scaling with Elastic DRS after a DR test or failover.
Extends the value of enterprise applications running in VMware Cloud on AWS by providing Enterprises with a simple and consistent way for their applications to access native AWS services. Get high-bandwidth, low-latency network connectivity from VMware Cloud on AWS to AWS services accessed via public endpoints such as AWS Lambda, Amazon Simple Queue Service (SQS), Amazon S3 and Elastic Load Balancing.
Extends the value of Enterprise applications running in VMware Cloud on AWS by providing Enterprises with a simple and consistent way for their applications to access native AWS services. Get high-bandwidth, low-latency network connectivity from VMware Cloud on AWS to private resources in the customer's Amazon VPC such as Amazon EC2, and data and analytics services such as Amazon RDS, Amazon DynamoDB, Amazon Kinesis and Amazon Redshift. Customers can also leverage the newest generation of VPC Endpoints designed to access AWS services while keeping all the traffic within the AWS network.
VMware Cloud on AWS SDDCs are deployed with a fully configured VMware vSAN running on NVMe Flash storage local to the cluster. - Leverage zero-click enterprise-class shared storage that is natively integrated with vSphere with consistent and predictable performance delivered on an all-flash architecture (NVMe). - Deliver self-healing and resilient storage - Manage storage SLAs on a per-application basis through Storage Policy-Based Management - Increase storage efficiency and performance with advanced data services, including QoS, snapshots, Erasure coding and APIs for third-party data protection (vADP) - Data intensive workloads can take advantage of vSAN compression and deduplication to reduce TCO. Reduces overall storage consumption with advanced space efficiency driven by deduplication and compression natively built into vSAN. For e.g., a customer with typical workloads can save 40% in TCO for a 150TB VMware Cloud on AWS SDDC cluster over a 3-year period.
Delivers live migration (VMware vSphere vMotion) of workloads between on-premises and VMware Cloud on AWS. This will require a customer to have vSphere 6.0U3 or above version on-premises, AWS Direct Connect (Private VIF) and NSX L2VPN. Customers can perform vMotion between on-premises and VMware Cloud on AWS using UI (which requires vCenter Hybrid Linked Mode to be connected) or using API and PowerCLI 2
vRealize Network Insight helps you fast-track application security and networking across private, hybrid and public clouds. It accelerates micro-segmentation deployment, minimizes business risk during application migration, enables visibility across virtual and physical networks and provides operational views to manage and scale VMware NSX deployments. This offer is also available as a SaaS Service, VMware vRealize Network Insight. Customers can use Network Insight to map app dependencies for micro-segmentation planning or application migration planning. Customers can also troubleshoot app connectivity issues across virtual, physical and multi-cloud network infrastructure. With support for VMware Cloud on AWS, customers gain visibility into configuration and flows, including all IPFIX flows. Paths can now be traced between VMs running in VMware Cloud on AWS, on-premises in vSphere, or with EC2 instances running in AWS. In addition, it provides complete overlay-underlay visibility and supports Netflow and sFlow. Customers can simplify NSX operations with intuitive UI and natural language search to quickly pinpoint issues, scale across multiple NSX managers, proactively detect misconfiguration errors and troubleshoot as well as get best practices recommendations.
vMotion improves application availability and performance by live migrating virtual machines in a stretched cluster deployed across 2 AWS Availability Zones.
vSphere Client plugins can be enabled on VMware Cloud on AWS, allowing VMware Cloud Admin customers to register VMware Cloud-certified vSphere Client plugins securely to the VMware Cloud SDDC(s) they manage.
VMware Cloud on AWS offers support for Single Sign On and federation using VMware Identity Manager, Microsoft Active Directory Federation Services and directory services such as AWS Directory Service.
VMware Cloud on AWS offers the ability to encrypt data stores deployed in VMware SDDCs using vSAN encryption with keys stored in AWS Key Management Service (KMS). Customers can now take advantage of built-in vSAN encryption with AWS KMS. This enables encryption of data at rest with AWS's managed service for creating and controlling the encryption keys. All data in VMware Cloud on AWS is encrypted.
The Plugin Marketplace and the integration with Cloud Marketplace is available in the vSphere Client interface, showing available plugins, lifecycle management, notification on available updates.
Provides flow level visibility across VMs on an overlay network. Flow data can be consumed by application performance monitoring tools, security analysis tools, and troubleshooting tools.
Provides packet level visibility across VMs on an overlay network. Packet data can be consumed by application performance monitoring tools, security analysis tools, and troubleshooting tools.
Support for Firewall packet logging on Edge FW and DFW within VMware Cloud on AWS. Allows users to operationalize firewall within SDDC using VMware vRealize Log Insight Cloud service.
VMware Cloud on AWS customers can now migrate their existing RedHat OpenShift subscription to their VMware Cloud on AWS SDDCs version 1.12 or above. Starting with RedHat OpenShift 4.6, customers can enable their existing OpenShift subscriptions for VMware Cloud on AWS support and leverage the OpenShift on VMware Cloud on AWS deployment guide on bringing up an OpenShift 4.6 environment. Please see enabling subscription link and deployment guide link below under Resources.
Enables Internet connectivity for workloads running on private subnets within VMware Cloud on AWS by allocating public IP addresses and configuring 1:1 or 1:Many NAT on compute gateway.
VMware Tanzu Observability by VMware support for VMware Cloud on AWS allows you to visualize, alert upon, and troubleshoot applications running on VMware Cloud on AWS. It provides an open API platform supporting over 80 integrations and pre-packaged dashboards from all elements of your stack, spanning open-source, commercial, and custom data sources.
This service dynamically adjusts the segment size during the TCP connection handshake between end points across the Network Extension, which optimizes the average packet size to reduce fragmentation and lower the overall packet rate.
This service creates multiple tunnel flows for both Interconnect and Network Extension traffic to follow multiple paths across the network infrastructure from the source to the destination data centers. The service then intelligently forwards the traffic over the optimal path and dynamically switches between tunnels depending on traffic conditions.
Zero RPO high availability is now available for enterprise applications virtualized on vSphere across AWS Availability Zones (AZ), leveraging multi-AZ stretched clusters. This enables you to: - Significantly improve your application's availability without needing to architect it into your application. - Stretch an SDDC cluster across two AWS AZs within a region, which means if an AZ goes down, it is simply treated as a vSphere HA event and the virtual machine is restarted in the other AZ. - 99.99% infrastructure availability provided by stretched clusters.
You can enable the network encryption of the DR replication traffic data for new and existing replications to enhance data transfer security. When the network encryption is enabled for a replication, an agent on the source encrypts the replication data on the source ESXi host and sends it to the vSphere Replication appliance on the target site. The vSphere Replication server decrypts the data and sends it to the target datastore.
Enabling smaller configuration purchase option at a low, predictable price for fast and flexible consumption. Ability to purchase a three host configuration of VMware Cloud on AWS. Dedicated single-tenant infrastructure delivered on AWS EC2 elastic bare-metal infrastructure.
Mobility groups enable you to structure migration waves based on business requirements. You can assemble one or more VMs into logical sets to execute and monitor migrations as a group. When combined with the vRealize Network Insight integration (available as a separate license), mobility groups give you the flexibility to manage migrations for sets of VMs by application, network, pod, or other aspects of your environment.
Enables customers to run enterprise business critical application workloads on VMware Cloud on AWS. Enterprise applications, including the most resource intensive ones such as, Oracle RAC, Microsoft SQL Server, Apache Spark and Hadoop have been tested and run successfully on VMware Cloud on AWS.
Customers can scale capacity by adding additional stretched clusters to a stretched cluster SDDC deployed on i3.metal instances. All clusters in the SDDC must be stretched clusters.
RAV uses a combination of VMware replication and vMotion technologies for large-scale, parallel migrations with no service interruption with the ability to specify a switchover window. It means you can now create a migration schedule during a large set of VMs (200 at this time), which can move live (without any downtime) to VMware Cloud on AWS at the scheduled migration window.
For VMs migrated using VMware HCX from a source location to VMware Cloud on AWS, this capability enables the cloud-side VMs on the HCX extended network to route traffic optimally through the cloud-side first-hop gateway instead of being routed through the source environment router. This helps you avoid a hairpin or trombone effect. Policy routes will allow control over which traffic is routed locally using the cloud gateway versus traffic through the source gateway.
L2 VPN configuration requires customers to deploy a standalone NSX edge if they don't have NSX on-premises. Deploy standalone edges in an active standby configuration to provide added resiliency. In the case of failure of the active standalone edge, the standby takes over and continues to provide connectivity.
vCenter servers within an SDDC Group can now be linked together to manage all the resources from a single vSphere client interface. VM operations and migrations can be performed on the resources managed across all the vCenter Servers. Additionally, tags that are created on any of the vCenters within the group are automatically synced across all the other vCenters in the group.
Multi-Edge SDDC capability enables customers to add network capacity for north-south network traffic. Customers can linearly scale bandwidth for migration and workload communication over VMware Transit Connect.
VMware Cloud on AWS is now a RedHat Certified Cloud Service Provider for RedHat Enterprise Linux. This certification enables customers to bring their existing RHEL licenses to VMware Cloud on AWS with RedHat support. This certification only applies to RHEL and is not applicable to OpenShift. In order to enable your existing RHEL licenses for VMware Cloud on AWS, please follow the instructions in [here](https://access.redhat.com/public-cloud) and Enable Subscriptions under Bring Your Own Golden Image.
Customers can establish connectivity to on-premises/colo data centers via their AWS Direct Connect Gateway. VMware Transit Connect enables customers to centralize connectivity for SDDC Group to Direct Connect Gateway.
Partition placement groups increase the availability of applications by placing hosts in different logical partitions that do not share the same underlying hardware. Partition placement groups automatically deploy hosts across as many different partitions as there are available within an AZ. Each partition within a placement group has its own set of racks, and each rack has its own network and power source. No two partitions within a placement group share the same racks, which allows for isolating host failures within an SDDC cluster.
Per Microsoft’s 10/1/2019 licensing changes, VMware supplies Windows Server and Microsoft SQL Server pre-packaged OVF instances for rapid deployment on VMware Cloud on AWS. VMware also supplies ISO binaries to allow a customer to create their own instances. Once licensed, customers can deploy an unlimited number of instances on the ESXi cluster by cluster basis.
VMware SDDCs are deployed with dedicated, single-tenant i3en bare-metal hosts. Each host has Intel® Xeon® Cascadelake Processors @ 2.5GHz CPUs, 48 cores, 96 logical cores with hyperthreading enabled, 768GiB RAM, 8 x 7,500 NVMe SSD and native encryption at NIC-level for east-west traffic within SDDC boundaries. Compression is enabled by default to provide storage efficiencies on i3en bare-metal hosts.
VMware Transit Connect provides network-level connectivity among SDDC group members. It leverages the AWS Transit Gateway (TGW) to enable any-to-any connectivity between SDDC group members in a single AWS region. It also enables network connectivity to AWS VPCs and on-premises/colo data centers (via a Direct Connect Gateway).
VMware NSX Advanced Firewall ensures Layer 7 security for SDDCs. It introduces NSX Distributed Intrusion Detection System (IDS), Identity Firewall, and Distributed Firewall with Layer 7 application identity and FQDN filtering capabilities to VMware Cloud on AWS.
The new audit events for VMware Cloud Services dashboard and content pack in vRealize Log Insight Cloud enables VMware Cloud on AWS organization owners to monitor VMware Cloud Services audit events triggered by activity with user logins, user management, API Tokens, and OAuth applications.
VMware vRealize Automation Cloud is a cloud-delivered service that enables self-service cloud environments. With vRealize Automation Cloud, customers can increase agility, productivity and efficiency through self-service automation, by reducing the complexity of their IT environment, streamlining IT processes and delivering a DevOps-ready automation platform. To enable frictionless onboarding to vRealize Automation Cloud, VMware Cloud on AWS customers are now able to activate a vRealize Automation Cloud trial directly through the VMware Cloud on AWS console. This trial can be activated from any VMware Cloud on AWS SDDC by navigating to the SDDC’s Add-Ons tab. From the Add-Ons tab, customers can click activate, which will begin a 45-day free trial of the vRealize Automation Cloud service. After activation, all vRA Cloud service features and operations will be enabled from the vRA Cloud console.
Now enterprises can take advantage of a smaller configuration purchase option at a low, predictable price for fast and flexible consumption for production environments. Organizations have the ability to purchase a two-host configuration of VMware Cloud on AWS and use dedicated single-tenant infrastructure delivered on AWS EC2 elastic bare-metal infrastructure.
VMware Cloud on AWS allows cloud-side VMs on the extended network to route traffic optimally through the cloud-side first-hop gateway instead of being routed through the source environment router. Hence, organizations can avoid traffic tromboning via policy based forwarding on the cloud router.
There is now support for jumbo frames (9000 byte MTU) on AWS Direct Connect. This enables customers to utilize jumbo frames to improve end to end performance for their Direct Connect traffic.
VMware vRealize Operations Cloud is a cloud-delivered service that allows customer's infrastructure and operations teams to manage the enterprises' VMware Cloud environment, whether in the customer's own on-premises software-defined data center ("SDDC") or in the public cloud environment, such as VMware Cloud on AWS.
Tanzu Kubernetes Grid is an enterprise-ready Kubernetes runtime that packages open source technologies and automation tooling to help you get up and running quickly with a scalable, multi-cluster Kubernetes environment. Now with Tanzu Kubernetes Grid support, customers can deploy, scale and manage Kubernetes clusters on VMware Cloud on AWS.
Ability to inhibit DRS initiated vMotion for load balancing purposes. Useful for vMotion sensitive applications such as, large transactional databases, real-time transaction processing applications, etc.
Provides a simple topology with a single compute gateway (CGW) connected to a distributed layer 3 router, which in turn is connected to logical layer 2 networks created by the users. Workloads deployed in VMwareCloud on AWS SDDC are connected to the logical layer 2 networks. The compute gateway (CGW) provides these workloads access to external world (Internet and on-premises Data center) and connected AWS VPC.
Minimum cluster size is 2 hosts. Customers can add capacity up to 16 hosts per cluster. Dedicated single-tenant infrastructure delivered on AWS i3 EC2 elastic bare-metal infrastructure.