Home > Blogs > VMware PowerCLI Blog > Tag Archives: VMware Cloud on AWS

Tag Archives: VMware Cloud on AWS

What’s New for the VMware Cloud on AWS Module

PowerCLI’s 11.5 was a big release for several reasons. One of those reasons is due to the introduction of some new cmdlets for use with the VMware Cloud on AWS service! These cmdlets are all high-level, which allows us to interact with our SDDCs in a much easier fashion than before.

The new cmdlets in the VMC module are:

  • Get-VmcSddc
  • Set-VmcSddc
  • New-VmcSddc
  • Remove-VmcSddc
  • Add-VmcSddcHost
  • Remove-VmcSddcHost
  • Get-AwsAccount
  • Get-AwsVpcSubnet

Let’s walk through how to use these within your own VMware Cloud on AWS Organization, as we manage each part of an SDDC’s lifecycle.

Creating New 1 Host SDDC

The first cmdlet we’ll walkthrough using is the one which creates a new SDDC, New-VmcSddc. This cmdlet requires fairly minimal information such as SDDC name, AWS region, and how many hosts the SDDC should have. We also have the ability to specify the management subnet CIDR as a parameter too, but that parameter is optional.

One big item of note, at the time of the PowerCLI 11.5 release, it can only provision one host SDDCs without an AWS account being linked. We do plan to improve the cmdlet in a future release to support all SDDC deployment configurations.

Here’s an example of creating a VMware Cloud on AWS single host SDDC where we don’t link an AWS account:

Example: Creating a new 1-host SDDC

Creating New 3-Host SDDC

We can also create a standard, 3 host or larger, SDDC which requires an AWS account be linked. There are two new cmdlets which simplifies this process from more than 10 lines of code down to 2 lines.

The first thing we’ll need to obtain, the AWS account we’ll be using. That information can be found with the following command:

Example: listing out an AWS account

We’ll store that output in a variable and move on to the next step, which is to pick out our desired AWS VPC Subnet. We can use a single cmdlet to do this, however we will need to reference the AWS Account and which region the VPC should reside.

We can find the available VPC subnets with the following command:

Example: List available AWS VPC subnets

At this point, we have all the information needed to create our SDDC. With some minimal updates to the command from the previous section, we can create a new 3 host SDDC, have it linked to our AWS account, and using our requested VPC subnet with the following code:

Example: New SDDC - 3 Hosts

Viewing SDDC Information

We’ve created two SDDCs in the prior sections, now it’s time to find out what information about each of these SDDCs are available. The Get-VmcSddc cmdlet will turn several lines of API interaction into a single line.

We can find out some basic information about our newly created SDDCs with the following command:

Example: List SDDCs

The above shows some great high-level information. However, if you’ve seen the API response, there’s a lot more information available to us. We can find some additional information about a particular SDDC by piping that command to Format-List. An example:

Example: Detailed SDDC View

The above examples shows some important information, such as AWS region, how many hosts the SDDC has, what version the SDDC is on, and even the URL to reach the vCenter server. One thing you may notice is missing though, ExtensionData! This property, and all the information it provides us, is something that is not available at this point in time. We hope to add it in a future release.

In the meantime, you can take the information provided here and simplify the process to retrieve the rest of the properties which make up the SDDC object from the API level. An example to do that is as follows:

Example: Retrieving all the SDDC information from the API

Host Capacity Management

One of the amazing parts about a service such as VMware Cloud on AWS is that we can add and remove ESXi hosts to our SDDC in a matter of minutes! We now have two cmdlets to make the management of our ESXi hosts as simple as a one-liner.

We can add a single new host to our SDDC with the following command:

Example: Add a new host to the SDDC

Similarly, we can also remove a single host from our SDDC with the following command:

Example: Removing a host from a SDDC

In the above examples you’ll also notice the flexibility to several different methods of input for each command, whether that be variables or even using a pipeline.

Removing SDDCs

Completing the lifecycle management of an SDDC is the removal of our created SDDC. Much like the prior create and retrieve cmdlets, we also have a cmdlet to delete an SDDC.

We can now remove our SDDC with the following command:

Example: Remove SDDC

More Updates

There are a couple other cmdlets worth discussing when it comes to using PowerCLI with VMware Cloud on AWS. One of the more popular requests was to rename an SDDC. This was recently enabled through the API and PowerCLI can also make this change in a high-level cmdlet.

We can update the name of our SDDC with the following command:

Example: Update the name of an SDDC

An existing cmdlet was also updated to help us out when it comes to retrieving, and even reporting, on tasks within our Organization. Get-Task now supports these VMC based tasks. If you’ve had a change to view the tasks for any given Organization, unlike vSphere tasks, they are available for quite a long time so the output could be unexpectedly longer than expected.

We can retrieve the tasks of our Organization with the following command:

Example: Retrieve tasks

Each of these tasks are objects, so we can take one of those tasks and expand the available properties with Format-List by using the following command:

Example: List additional properties of a task


The release of PowerCLI 11.5 added a ton of functionality when it comes to VMware Cloud on AWS. We can manage the entire lifecycle of an SDDC with high-level cmdlet. We can also pull task-based information from an existing cmdlet!

Update to the latest version of PowerCLI with the following command:
Example: Update to PowerCLI 11.5.0

Let us know in the comments what cmdlets we should be adding next!

Automating VMware Cloud on AWS SDDC Cluster Lifecycle

VMware Cloud on AWS has the ability to add new clusters to an existing SDDC. This is most useful for workload separation. A cluster could be specified as the failover resource, a development environment, and so forth. However, as of Version 1.6, there’s a new reason to add new clusters to an SDDC: custom core counts! The ability to control the CPU count for hosts in a cluster is extremely important when it comes to running mission-critical applications that happen to be licensed per-core. Even better, it is extremely easy to automate the lifecycle of a cluster with PowerCLI.

Let’s check out some examples of how we can manage clusters within the VMware Cloud on AWS service.

Environment Setup

As part of this blog, I will be using a previously deployed SDDC and will begin by working with the low-level VMC module to perform these tasks. We will start by opening a PowerShell session and authenticating to the VMware Cloud on AWS service with our API Token. Then, we need to identify a couple services to use. These services will be the following:

  • com.vmware.vmc.orgs
  • com.vmware.vmc.orgs.sddcs
  • com.vmware.vmc.orgs.sddcs.clusters
  • com.vmware.vmc.orgs.tasks

One last setup requirement, we will need to grab IDs for the Organization and SDDC which we’ll be working with.

We can summarize the above criteria with the following code:

If any of these commands seem foreign, please check out the following blog post for more information: Getting Started with the VMware Cloud on AWS Module

SDDC Cluster Service Overview

We will be using the SDDC Clusters service, and therefore the sddcClusterSvc variable. In order to discover the actions we can perform with the Clusters service, we will take the output from the sddcClusterSvc variable and pipeline that into the Get-Member cmdlet:

Sample: Getting additional information from the SDDC Cluster Service

Here we can see that there are two methods available, create and delete. As part of this blog post, we will walk through the usage of these two methods in the following sections. However, there’s a method or two that are missing, get and list. We can pull that information directly from the get method on the SDDC itself. The cluster information is available by referencing the resource_config property, then the clusters property.

To pull out some basic cluster information, we can use the following command:

Example: Pulling output from the SDDC response about only the clusters

Cluster Creation

For the first example, we have been tasked with creating a new cluster within our SDDC.

In order to populate the parameters for the create method, we will make use of the Help property for the SDDC Cluster service stored in the sddcClusterSvc variable. We can identify all of the parameters required for the create method, including an Org ID, SDDC ID, and the cluster configuration specification, with the following command:

Example: Output from Help for the Create method

We already have our Org ID and SDDC ID stored in a variable. Next, we need to create a cluster config spec for the new cluster. If we take the prior command and append the ‘cluster_config’ property, we can view all of the properties available to populate the spec. Then, by again using ‘Get-Member’, we can see that the cluster_config has a method of create which we can use to create the object for that particular specification.

Example: Establishing the contents for the Cluster Config spec

We’ll then store the spec in a variable named sddcClusterCreateSpec. Based on the prior screenshot, there’s only one required property. This property is for the desired number of hosts for the new cluster. We’ll populate that property with a value of ‘1’, then run our create method to start the creation of the new cluster.

Example: Creating a new cluster with 1 host

Putting the above together, we can create a new cluster with a single host using the following code:

If we login to the VMware Cloud on AWS Cloud Console, we should see the following in our SDDC’s Summary tab:

Example: SDDC Cluster Deployment

Cluster Creation – Custom Core Count

For the second example, we have been tasked with creating another new cluster within our SDDC. However, this time, we only want a specific core count to be available. We will use our prior example and add-on to the specification by setting the host_cpu_cores_count to be a value of 8, 16, 36, or 48, depending on the host type. We can do this by adding the following command to the existing workflow:

Putting the prior example together with the above command, we can create a new cluster with a single host that’s been configured with a CPU core count of 8 using the following code:

Example: Creating a new cluster with 1 host and only 8 CPU cores per host

Cluster Removal

For the third example, we have been tasked with deleting the first cluster we created, Cluster-2. Making use of the Help property from the SDDC Cluster service, we can run the following command to find out what parameters the delete method requires:

Example: Output from Help for the Delete method

We can see that we have three parameters to enter: Org ID, SDDC ID, and Cluster ID. We still have the first two stored in variables, so we need to obtain the Cluster ID. If we remember back to the SDDC Cluster Service Overview section, there’s no list or get methods for the SDDC Cluster service. Therefore, we need to refresh our sddc variable and return back the updated list of clusters to obtain the ID. We can do that with the following commands:

We will then store the cluster information for only Cluster-2, by filtering the cluster_name property with a where statement and storing it in a variable by the name of cluster. Then, we’re ready to run the delete method. We can do that with the following commands:

Example: Deleting a cluster from an SDDC

Putting the above together, we can delete the newly created Cluster-2 with the following code:

VMC Community Module Update

Another option to perform the above tasks is with the VMware.VMC community module, which is available on the PowerCLI Community Repository as well as the PowerShell Gallery. I have updated the module to include the following advanced functions:

  • Get-VMCSDDCCluster
  • New-VMCSDDCCluster
  • Remove-VMCSDDCCluster

The only difference between the above sections and these functions, these functions expect names instead of IDs as input. Otherwise, they work exactly as you would expect. An example of them in use:

Example: Using the SDDC Cluster functions from the VMware.VMC module


VMware Cloud on AWS based SDDCs can contain multiple clusters, which is beneficial for a couple reasons. First, workload separation. A cluster could be specified as the failover resource, a development environment, and more. Second, and new as of Version 1.6, these clusters can be deployed with a specific amount of CPU cores. This control is certainly important when it comes to running mission-critical applications that happen to be licensed per-core. All of the cluster actions are available via the VMware Cloud on AWS APIs, and therefore PowerCLI as well! This blog post walked us through how to identify the deployed clusters, deploy new clusters, and remove clusters which are no longer needed.

Let us know in the comments how you’re making use of additional clusters in your automation workflows!

Getting Started with the VMware Cloud on AWS Module

VMware Cloud on AWS is a new on-demand service that enables you to run applications across vSphere-based environments plus access to a broad range of AWS services. PowerCLI already helps to automate your VMware Cloud on AWS tasks! This includes tasks such as creating SDDCs, adding or removing ESXi hosts, managing firewall rules, and so forth.

The VMware Cloud on AWS (VMC) module was released as a low-level, API access only, module and will feature the following cmdlets:

  • Connect-VMC
  • Disconnect-VMC
  • Get-VmcService

Let’s take a look at how we can get started using this new module.

Getting Started

When getting started with the VMC module, we’ll notice immediately that it has a little different authentication process than the other PowerCLI connection cmdlets. This module requires you first acquire the OAuth Refresh Token from the VMware Cloud Console:
Example: VMware Cloud on AWS Console - OAuth Refresh Token

Copy the refresh token, open a new PowerShell session, and connect to the VMC service with the following command:

Now that we are connected, let’s start by doing some discovery. The more you work with this module, and the VMC API as a whole, the more you’ll notice the need to be able to easily recall the organization (Org) ID. Therefore, let’s start by looking into how we can discover information about our org. First, we want to figure out what the service is itself with the ‘Get-VmcService’ cmdlet. Notice that we can use the standard PowerShell filtering and wildcard usage to help make the discovery process a bit simpler. Example code:

Next, we’ll make use of the ‘Get-Member’ cmdlet which will show us the available properties and methods for each issued command. We can pipeline the return from the ‘com.vmware.vmc.orgs’ service to the ‘Get-Member’ cmdlet and discover there’s a ‘Get’ and a ‘List’ method available. Since we don’t have any current information about the Orgs within this environment, we’ll opt for the ‘List’ method. Example code:

Example: Service and Org Discovery

Now that we have our org information, the next thing we will want to discover is information about the org’s SDDC. That information can be found with the following commands:

Example: SDDC Discovery

Notice, there’s quite a bit of information to parse through. Let’s look at a simple way to pull out some information about the SDDC’s ESXi hosts. Example code:

Example: ESXi Host Information

VMware Cloud on AWS uses NSX under the covers to provision all of the networking. Therefore, we will also want to have an understanding of the Edge nodes that are available in the environment. This information is actually in a separate service. Remembering what we’ve done previously, here’s some example code to discover some basic information about the SDDC’s Edge nodes:

Example: NSX Edge Discovery

Another good area to be aware of in your SDDC are the firewall rules. These are also easily retrievable through the ‘Get-VmcService’ cmdlet as well. Example of the firewall rules associated with the edge-2 node:

Example: Firewall Rule Discovery

Last example, let’s do something exciting! How about we automate the creation of an SDDC? This is going to require quite a bit of what we’ve learned so far, plus some new tricks. We can find the ‘Create’ method against the com.vmware.vmc.orgs.sddc service. We see that input requires the Org ID and an ‘sddc_config’ input. This is where it gets tricky.

If we remember back in the PowerCLI 6.5.3 release, there was the addition of the ‘Create’ method to a couple cmdlets. This method is also available with the ‘Get-VmcService’ cmdlet. The whole point of this method is to allow us to create a specification in an easy manner. For this example, we’re reference the ‘sddcSvc’ variable, the ‘Help’ property, then the create property. This shows us a property of ‘sddc_config’. This is the specification we’ll need to use. The ‘sddc_config’ property has this ‘Create’ method available so we can automatically build out the specification. Pretty simple, right?

We’re not quite done quite yet though. Each SDDC can have multiple VPC subnets. Therefore, we also need to populate the spec’s customer_subnet_ids list object with the ‘Add’ method.

Example code:

Example: SDDC Creation

The output above from our last create method is a task object. There’s a service for those too! Since the call we made is asynchronous, you can also have a bit of fun and build a progress checker as well!

Here’s some example code I tossed together while waiting on the SDDC to deploy:

Example: SDDC Creation Progress Output


VMware Cloud on AWS is a fantastic new service that enables you to run applications across vSphere environments as well as accessing a broad range of AWS services. Within this service, PowerCLI is one of the best ways to automate your VMware Cloud on AWS tasks! In this blog post we covered how to discover the available services, explore was methods are available as actions against each of those services, and how to start interacting with those services. We obtained detailed information about our organization, that org’s SDDC and its accompanied configuration including firewall rules, and then had some fun while deploying a brand new SDDC!

Check PowerCLI’s functionality in your own VMware Cloud on AWS environment today and let us know your feedback!