VMware Cloud on AWS APIs - Viewpoints from a VMware Cloud SA

Using the VMware Cloud on AWS APIs - Part 1

I have been working alot with the VMware Cloud on AWS API over the past couple months. It has been a great way for me to learn how APIs work, including authentication, documentation, structures, queries, JSON responses, and more. There are so many reasons to deploy infrastructure as code, including documentation purposes, predictability, reusability, and version control. There are many tools that can be used to interact with the API through the API Explorer, Postman, curl, The Python Client for VMware Cloud on AWS, or other tools.

I plan to document and post practical examples, calling out the specific variables and considerations.

For part 1 of this series, I have documented the process to authenticate to VMware Cloud on AWS API, get and manage the organization, account linking, and SDDC operations.

Authenticating to the VMware Cloud on AWS API

Calling APIs requires an API Token and you’ll need to navigate to the VMware Cloud on AWS portal and create a new API Token. Once you have an authorization token, you will have to periodically generate an access token in order to interact with the VMware Cloud on AWS APIs.

Get an Access Token with an Authorization token

Learning about the VMware Organization(s) structure

Your VMware account can be associated with one or several VMware Cloud services organizations. VMware Cloud uses organizations to provide controlled access to one or more services. To access a cloud service, you must belong to an organization.

Common Organization Commands

Account Linking Info

The account linking process is required for production SDDCs to create the Elastic Network Interface (ENI) connection between the VMC on AWS SDDC and the native customer VPC. The process includes running a CloudFormation Stack on the customer AWS account. Once the CF Stack is deployed, the VMC on AWS service has the ability to read the various VPCs in the account and the subnets built in the account.

Common Account Linking Commands

SDDC Operations

Once you have the appropriate organization information and the connected account linking parameters, we are ready to build a Software Defined Data Center (SDDC). One node SDDCs can be built without AWS account linking but would need to be done within 14 days of creation. For more information on the AWS account linking process, see: Account Linking and the VMware Cloud on AWS CloudFormation Template.

Common Organization Commands

Conclusion

Following these steps, a VMware Cloud engineer can leverage the APIs to perform all required operations in order to discover the organization information, create and manage account linking parameters, and build and manage an SDDC. In my next post i will discuss the capabilities to manage clusters in an SDDC.