VMware Cloud on AWS GovCloud (US) is a jointly engineered secure, scalable cloud service that brings VMware’s Software-Defined Data Center software to the AWS GovCloud (US) regions.
Each new year brings an opportunity to listen to our public sector customers and delight them with VMware Cloud on AWS GovCloud (US) capabilities that meet the stringent security requirements and help customers make an impact at work every day. For example, VMware Cloud on AWS GovCloud (US) achieved two significant certifications in the past year: FedRAMP High JAB P-ATO (Provisional Authorization to Operate) and DoD (Department of Defense) IL5 (Impact Level 5). We also added support for VMware HCX to enable seamless application migration and workload rebalancing across data centers and cloud.
With the latest release this quarter, I’d like to share more new features and capabilities we delivered in VMware’s Fiscal Q1 2024:
SDDC Groups and VMware Transit Connect Support: VMware Cloud on AWS GovCloud (US) now supports two key networking capabilities: SDDC Groups and VMware Transit Connect. With SDDC Groups, government agencies will be able to manage multiple SDDCs as a single logical entity which will help them simplify the management and operations of the SDDCs. VMware Transit Connect provides high bandwidth, resilient connectivity to SDDCs in an SDDC Group. It operationalizes an AWS Transit Gateway as a VMware managed service for SDDC Groups with automated provisioning and controls to interconnect SDDCs. It simplifies connectivity to AWS VPCs as well as on-premises data centers over an AWS Direct Connect Gateway.
VMware Cloud on AWS GovCloud (US) Multiple Compute Gateway (Multi-CGW): VMware Cloud on AWS GovCloud (US) Multi-CGW feature allows customers to create additional Compute Gateways or Tier-1 Gateways (CGWs) and manage the lifecycle of those CGWs. This feature supports the addition of static routes, route aggregation, filtering, local DHCP server, DNS forwarding, and NSX Traceflow. Multiple gateways help enable:
- Multitenancy within an SDDC,
- Overlapping IPv4 address space across CGWs,
- Support for static routes on customer managed CGW,
- Access to the connected VPC from customer managed CGW,
- Deployment of isolated network segments for Disaster Recovery (DR) testing,
- “Sandbox” environments.
This feature is available for VMware Cloud on AWS GovCloud (US) SDDCs version 1.18 and higher.
Route Aggregation for Advertisement Over Direct Connect & Transit Connect: Customers now have more control over which SDDC network segments and routes are advertised externally over AWS Direct Connect & VMware Transit Connect. These can be set via the NSX Manager UI and APIs. A customer can also define desired segments to advertise in a Prefix List and associate the Prefix List with a supported connectivity endpoint to advertise routes. The supported connectivity endpoints are Direct Connect, Transit Connect, and Connected VPC.
This feature will be available for VMware Cloud on AWS GovCloud (US) SDDCs version 1.18 and higher.
VMware Cloud on AWS GovCloud (US) Support for AD/LDAP: Customers can use Active Directory over LDAP/LDAPS, or OpenLDAP, as an external authentication method in VMware Cloud on AWS GovCloud (US). This integration can also be used for assigning Cloud Service Portal (CSP), vCenter Server, and NSX Manager roles. This feature will be available for VMware Cloud on AWS GovCloud (US) SDDCs version 1.18 and higher.
DNS FQDN Zones for Management Network: VMware Cloud on AWS GovCloud (US) supports the use of Fully Qualified Domain Name (FQDN) zones for Management Gateway traffic. This is specifically useful for multi-tenant customers who benefit from the ability to configure different DNS forwarding configurations.
NSX Manager UI Enhancements: Extending the NSX Manager UI enhancements from SDDC version 1.16, VMware Cloud on AWS GovCloud (US) supports configuring the “Open NSX Manager” Cloud Console button to open either the public URL or private URL of the NSX Manager. This setting can be viewed and altered through the SDDC
VMware Site Recovery – Cloud to Cloud DR: VMware Site Recovery now supports cloud-to-cloud disaster recovery topology in VMware Cloud on AWS GovCloud (US). This allows public sector customers to deploy both active and failover sites as VMware Cloud on AWS GovCloud (US) SDDCs. For example, an active source can be in one AWS GovCloud (US) region with the failover target in another AWS GovCloud (US) region, with federated authentication enabled between Cloud vCenter Server and the VMware Cloud Services Console. This eliminates the need to maintain a traditional disaster recovery environment on-premises, and brings with it faster failover, better flexibility, and cost savings from the ability to scale environments up and down (elasticity).
Support for VMware HCX 4.6: VMware HCX has achieved FedRAMP validation through the Joint Authorization Board (JAB), allowing public sector customers to migrate applications and workloads to and from VMware Cloud on AWS GovCloud (US) SDDCs with minimal or no downtime.
VMware HCX also helps government agencies to extend their on-premises and colocation site networks to VMware Cloud on AWS GovCloud (US), enabling seamless application migration, and workload rebalancing across data centers and cloud. The FedRAMP authorization for VMware HCX bolsters the security of various VMware HCX components and provides a trusted and secure application mobility platform for the public sector digital transformation journey. With VMware HCX, organizations can perform bulk migrations, live migrations, as well as scheduled migrations with the ability to define migration waves. VMware HCX 4.6 version is now available on VMware Cloud on AWS GovCloud (US). For more details about features included in this version, please see the VMware HCX release notes.
Elastic DRS Baseline Policy: Elastic DRS monitors the current demand on VMware Cloud on AWS GovCloud (US) SDDC and maintains an optimal number of provisioned hosts to keep cluster utilization high while maintaining desired CPU, memory, and storage performance and capacity. The Elastic DRS baseline policy will add hosts to an existing SDDC if less than 20% free capacity is available on any vSAN cluster or if an Availability Zone failure occurs. Elastic DRS baseline policy is always running and cannot be disabled but can be configured with additional Elastic DRS policies.
3-Host SDDC Cluster Scale-down: VMware Cloud on AWS GovCloud (US) customers can scale down a cluster in their single availability zone SDDC from 3+ host to 2-host. Both primary or secondary clusters can be scaled down to 2 hosts. Once scale down is completed, the Elastic DRS (EDRS) Baseline policy will be enabled. This feature will be useful in situations such as where a cluster needs to scale up for seasonal or temporary spikes in demand and wants to scale down afterwards.
Elastic DRS (EDRS) will continue to enforce vSAN slack space requirements, meaning that a 2-node cluster will scale up automatically to maintain proper levels of vSAN slack space (20% or more). If a host removal triggers an EDRS scale-up event, then clusters cannot be scaled down to 2-Host. Additionally, clusters with the custom CPU cores feature enabled and set to 8 CPU cores cannot be scaled down due to capacity constraints.
Advanced Cloud Management – VMware Aria Automation and VMware Aria Operations now available for VMware Cloud on AWS GovCloud (US): VMware Cloud on AWS GovCloud (US) now supports VMware Aria Automation and VMware Aria Operations as add-on solutions that will help public sector agencies with advanced hybrid cloud management capabilities.
VMware Aria Automation provides self-service IaaS consumption with governance for VMware Cloud on AWS GovCloud (US). It helps customers reduce the complexity of their IT environment, streamline IT processes, and deliver a DevOps-ready platform.
VMware Aria Operations delivers self-driving IT operations management for private, hybrid cloud environments in a unified, AI-powered platform. Offering full-stack visibility from physical, virtual and cloud infrastructure – including VMs and containers – to the applications they support, VMware Aria Operations provides continuous performance optimization, efficient capacity and cost planning and management, app-aware intelligent remediation, and integrated compliance.
Availability
To view the latest status of features and release updates for VMware Cloud on AWS, visit: https://www.vmware.com/products/vmc-on-aws/govcloud.html.
The following capabilities are available today: Support for key networking capabilities like SDDC Groups and VMware Transit Connect, VMware Site Recovery with support for Cloud to Cloud DR, Support for VMware HCX 4.6, Multiple Compute Gateway (Multi-CGW) feature, Route Aggregation for Advertisement Over Direct Connect & Transit Connect, Support for AD/LDAP, Support for DNS FQDN Zones for Management Network, NSX Manager UI Enhancements, Elastic DRS Baseline Policy, 3-Host SDDC Cluster Scale-down, Advanced Cloud Management for VMware Cloud on AWS GovCloud (US) through VMware Aria Automation and VMware Aria Operations
Learn More
For more information about VMware Cloud on AWS GovCloud (US), pricing, and to get started please visit https://www.vmware.com/products/vmc-on-aws/govcloud.html or contact your VMware or AWS sales team.
Resources
- View the latest status of features in the public roadmap
- Learn about key features and capabilities in the solution brief
- Watch the VMware Cloud on AWS GovCloud(US) on-demand webinar
- Catch up on prior announcements:
- VMware Cloud on AWS GovCloud (US) achieves provisional authorization for for DISA Impact Level 5 (IL5)
- VMware HCX 4.3.9 for VMware Cloud on AWS GovCloud (US) Announcement
- What’s New for VMware Cloud on AWS GovCloud (US) at VMware Explore 2022 (US)
- VMware Cloud on AWS GovCloud (US) achieves FedRAMP High JAB P-ATO authorization