VRA – Going Multi Cloud with AWS endpoint

In this section I want to cover just how easy it is to connect to a cloud service. The three big ones (AWS, Azure, and Google) all offer free accounts to get you started. This will in turn allow you to add endpoints in each cloud and thus give you greater flexibility in getting started on provisioning to multiple data centers. I chose to do AWS first because it is already built into vRA from the point of installation.


To setup AWS access to vRA you need to obtain access keys. These can be obtained by doing the following:
Create an (free) account if you don’t have one already. (www.aws.com/free)
Create an IAM user from the Users Console (https://console.aws.amazon.com/iam/home#)
Once logged in go to the users pane on the IAM Management Console
Go to users and click on add users on the left side

From there follow the guide through:

  1. – adding a User name
  2. Enable type of user, you need programmatic access to get access to AWS. The other option is for a user who can manage things in the console.
  3. Set the permissions and create a group (If needed). (AmazonEC2FullAccess and System Administator (as I found out))
  4. Add a Tag. This is optional.
  5. At the end you will be give the access key and the secret access key. Make a note of these are you need them when adding the endpoint.


So for AWS that was it, now to add it in vRA. Log into your tenant with your Fabric Admin. Go to Infrastructure –> Endpoints and select Endpoints. We should already have two vCenter endpoints from earlier.


Click on New –> Cloud –> Amazon EC2


Give the endpoint a name, optionally a description and enter the access and secret access keys. (Forgive me for hiding the Access Key ID 🙂


Click OK to finish. You now should have 3 endpoints.


That should be that. It may take a bit of time to show up because resources must be pulled in.

If needed you can request data collection by going to the endpoint, select your AWS endpoint and select data collection.


AS you can see here for me it failed, but you can request a new one by clicking the start collection below. Hit the refresh button for updates.


If you get a failed message repeatedly it may be worth it to go and check the logs under monitoring. Here it usually shows if you have problems or if all is running well. As you can see here I get an authorization error.


After a while I found out that apart from AmazonEC2FullAccess I also needed the system administrator privilege. After this I got the endpoints in the Fabric Groups.


That completes adding the AWS endpoint.