vWorld

Virtualization and Cloud

Menu
  • Main Page
  • About
  • VCAP-CMA Deploy 2018
Menu

Cloud Accounts AWS / GCP / Azure

Posted on February 20, 2020February 20, 2020 by admin

In the last article you could read how to create a simple / sample blueprint is working on the next article about blueprints but before publishing it I would like to show you how to configure Cloud Accounts.

Although we associate vRealize mainly with VMware, from one console we can not only deploy VM on vCenter but also on AWS, GCP or Azure. Each of these clouds has their pros and cons, I decided to configure them all in my environment and try to test them, but in this article I will show you where to find the required data to configure Cloud Accounts

AWS

Based on Wikipedia

Amazon Web Services (AWS) is a subsidiary of Amazon that provides on-demandcloud computingplatforms and APIs to individuals, companies, and governments, on a metered pay-as-you-go basis. In aggregate, these cloud computing web services provide a set of primitive abstract technical infrastructure and distributed computing building blocks and tools. One of these services is Amazon Elastic Compute Cloud, which allows users to have at their disposal a virtualcluster of computers, available all the time, through the Internet. AWS’s version of virtual computers emulate most of the attributes of a real computer, including hardware central processing units (CPUs) and graphics processing units (GPUs) for processing; local/RAM memory; hard-disk/SSD storage; a choice of operating systems; networking; and pre-loaded application software such as web servers, databases, and customer relationship management (CRM).

as you can see AWS offer many possibilities to build virtual services and from Cloud Assembly perspective we also have big list for automation

To use AWS resources, we must connect the AWS Cloud Account. To do this, go to Infrastructure -> Connections -> Cloud Accounts

The connection requires us to provide two things besides the name from the AWS level

Access key ID – A unique identifier that’s associated with a secret access key. The access key ID and secret access key are used together to sign programmatic AWS requests cryptographically.

Secret Access Key – A key that is used in conjunction with the access key ID to cryptographically sign programmatic AWS requests.

after logging in to the console ( console.aws.amazon.com ) in the upper right corner will find the name of our account on the AWS website

we go to the My Security Credentials tab

from the level of Your Security Credentials in the Access keys subsection we can generate an AWS Cloud access key

After entering the data, we can choose which regions from the AWS website will be used by our vRA and automatically create a Cloud Zone from them

GCP

Based on Wikipedia

Google Cloud Platform (GCP), offered by Google, is a suite of cloud computing services that runs on the same infrastructure that Google uses internally for its end-user products, such as Google Search and YouTube.[1] Alongside a set of management tools, it provides a series of modular cloud services including computing, data storage, data analytics and machine learning.[2] Registration requires a credit card or bank account details.[3]

Google Cloud Platform provides infrastructure as a service, platform as a service, and serverless computing environments.

From Cloud Assembly portal we have posibility to create machine and disk on platform

To use GCP resources, we must connect the GCP Cloud Account. To do this, go to Infrastructure -> Connections -> Cloud Accounts

We need to provide more details but Google provide us posibility to use JSON file with configuration which we can download from GCP console

but what we need to provide even in JSON file is

Project ID – The project ID organizes Google Platform resources including users and billing, authentication and monitoring information. You can locate the Google Platform project ID by navigating to the API console and selecting Manage all projects.

Private Key ID – The private key ID is required to communicate with Google Platform instance.

Private Key – The private key is required to communicate with Google Platform instance.

Client email

to grab all those details we need to go to the console console.cloud.google.com

In project which we have we need to go to IAM & Admin -> Service Account

we need to create Service acocunt

and when we have it we can create Key File in JSON File which we can import to our Cloud Assembly


We can import that Key to Cloud Assembly and same like on AWS

Azure

Based on Wikipedia

Microsoft Azure (formerly Windows Azure/ˈæʒər/) is a cloud computing service created by Microsoft for building, testing, deploying, and managing applications and services through Microsoft-managed data centers. It provides software as a service (SaaS), platform as a service (PaaS) and infrastructure as a service (IaaS) and supports many different programming languages, tools and frameworks, including both Microsoft-specific and third-party software and systems.

For Azure vRA offer us a quite a big list of posibilities

To use Azure resources, we must connect the Azure Cloud Account. To do this, go to Infrastructure -> Connections -> Cloud Accounts

Azure account require from us the biggest list of information which we need to provide

Subscription ID – The subscription ID provides access to the resources in your individual Microsoft Azure account.

Tenant ID – The tenant ID is used by Active Directory to designate an endpoint for the applications you create in your individual Microsoft Azure accoun

Client Application ID – The client application ID is a unique identifier used to discover the resources for an application in your individual Microsoft Azure account.

Client application secret key – The client application secret key is paired with an application’s client application ID to ensure maximum security for the application in your individual Microsoft Azure account.

To grab all those details we need to go through few pages on portal.azure.com

Subscription ID we can find on our Subscription information

Tenant ID we can find on Azure Active Directory

In Same Active Directory but on sub tab App registration when we create net App we will have Client Application ID

The last element which we need to provide is Security Key which we can grab inside our App in sub tab Certificates & secrets

for Azure we also need to Add roles for this App in our env we need to go back to the Subscription and on sub tab Access Control IAM

we need to add a role assigment for example in Lab environment we can use owner

and thats all

we are able to use Cloud Regions from Azure.

Thanks for reading and see you on next…

Share with:

FacebookTwitterGoogleLinkedInEmail this page


Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Cloud Assembly – Menu Map
  • VMUG
  • VMworld 2020
  • vRA 7.x – Security Hardening
  • vRA8 API – Configure Infrastructure

Archives

  • December 2020
  • November 2020
  • September 2020
  • April 2020
  • March 2020
  • February 2020
  • November 2019
  • October 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • September 2018

Support Me

© 2021 vWorld | Powered by Superbs Personal Blog theme