Terraform is an infrastructure provisioning tool from HashiCorp that has become synonymous with Infrastructure as Code. This tool allows us to define the desired state of our infrastructure by way of text-based configuration files. From that point, we can manage the entire life cycle of our infrastructure by modifying those files and running a couple of commands.
The Terraform provider for VMC on AWS can be used to configure hybrid cloud infrastructure using the resources supported by VMC on AWS. To use the provider, users need to obtain the authentication token from the Cloud Service Provider by providing the org-scoped API token. The provider client uses the Cloud Service Provider (CSP) API to exchange this org-scoped API token for a user access token.
The following arguments from the given links are used to configure the Terraform provider for VMC on AWS:
- https://registry.terraform.io/providers/vmware/vmc/latest/docs#api_token (Required) – The API token is used to authenticate when calling VMware Cloud services’ APIs. This token is scoped within the organization.
- https://registry.terraform.io/providers/vmware/vmc/latest/docs#org_id (Required) – Organization identifier.
- https://registry.terraform.io/providers/vmware/vmc/latest/docs#vmc_url (Optional) – The VMC on AWS URL. Default: https://vmc.vmware.com.
- https://registry.terraform.io/providers/vmware/vmc/latest/docs#csp_url (Optional) – The Cloud Service Provider URL. Default: https://console.cloud.vmware.com.
Example
The VMware Cloud community has published code and several blogs on leveraging Terrform for infrastructure automation. Here is a three-part blog in which part 1 demonstrates how to leverage the Terraform AWS Provider along with the VMC Provider to create an Amazon VPC and other constructs including subnets, internet gateways, routing tables, security groups, and S3 endpoint gateways, among other things, as well as deploying a new VMware Cloud on AWS SDDC. In the second part, the VMC provider is used to create VMware Cloud on AWS SDDC Networking and Security constructs that include NSX Segments, Compute Inventory Groups, MGW, and CGW Firewall rules. In the final part, the Terraform VMC Provider is used to add a vCenter Content Library and use the VM templates from the Content Library to deploy virtual machines on the VMware Cloud on AWS SDDC, demonstrating the power of Terraform and how it can be used to automate VMware Cloud on AWS Day1 and Day2 operational tasks.
https://blogs.vmware.com/cloud/2022/07/06/vmware-cloud-on-aws-terraform-deployment-phase-2
https://blogs.vmware.com/cloud/2022/07/15/vmware-cloud-on-aws-terraform-deployment-phase-3
Leveraging PowerCLI for VMware Cloud on AWS
VMC on AWS allows customers to use a consistent platform between on-premises VMware environments and the cloud service. This also extends to automation tasks and workflows using PowerCLI, a set of Windows PowerShell modules for managing and automating vSphere. While most existing PowerCLI scripts should work as normal, some may require workarounds to function optimally with VMC on AWS. The workarounds can be found in several blog posts and can help prepare scripts for use with the service. The PowerCLI reference guide is available at https://developer.vmware.com/powercli.
vSphere Automation SDKs
vSphere Automation SDKs are essential tools when working with VMware Cloud. These software development kits (SDKs) provide a set of resources and libraries that simplify the integration and automation of vSphere-based operations within the VMware Cloud environment. The VMware Cloud on AWS service offers a couple of different RESTful APIs to interact with. The SDKs focus on the VMware Cloud on AWS (VMC) API, as well as providing the authentication method through the CSP API. The vSphere Automation SDKs are open source and can interact with the VMware Cloud on AWS service. These SDKs play a critical role in enhancing the capabilities and extensibility of VMware Cloud, enabling users to harness the full potential of their cloud infrastructure.
VMware provides a rich library of vSphere command-line interface, SDK, and API documentation. Learn about these resources and tools by visiting https://developer.vmware.com/home.
Summary
This chapter provided an overview of VMware APIs, which encompassed the Cloud Service Platform API, VMware Cloud API, and vSphere API. It guided you through the process of generating an API token directly from the VMware Cloud Console, and additionally explained how to effectively consume the Console API using the Developer Center. The chapter also provided a brief overview of the NSX-T Data Center REST API. Furthermore, it delved into the strategic use of Terraform for optimizing VMware Cloud on AWS. Finally, it touched upon the significance of vSphere Automation SDKs within the context of VMware Cloud on AWS.
In the next chapter, we will learn about VMware Cloud on AWS Outposts, a fully managed VMware Cloud experience that is tailored to meet the specific requirements of low latency and data residency use cases for customers looking to run VMware Cloud in their on-premises data centers or colocation facilities.