Friday, November 7, 2014

AWS Managment Portal for vCenter Setup and Configuration Notes

I've been using the AWS Connector for vCenter to import VMs from our internal infrastructure to AWS EC2.  For the most part, the instructions provided by Amazon were pretty thorough.

http://docs.aws.amazon.com/amp/latest/userguide/introduction.html

I'm just wanted to point out some minor issues I ran across.

1. When entering your domain and user account information, confirm that the letter case is accurate.

2. Insufficient resources to satisfy configured failover level for vSphere HA - After deploying the AWS Connector OVA, I was unable to power on the VM.  To resolve this issue, remove the CPU and Memory Reservations (or increase Host resources to accommodate the reservations):

3. vCenter user "Domain\ADUser" does not have administrator privileges - During the AWS Connector setup process, I received the error below.  At this time, AWS does not support AD groups. 

Although the account I attempted to use was an Administrator of the vCenter server through the use of AD groups,  I had to explicitly add the account as an Administrator at the vCenter server level.  

4. Failed to retrieve information about domains and users from vCenter due to internal error - When trying to assign permissions through the AWS Managment Portal Plug-in I received the following error:


To resolve this issue, log in to the vSphere Client using the FQDN of the vCenter server:

5 comments:

  1. I'm stuck on the "vCenter user "Domain\ADUser" does not have administrator privileges" error. I am using the standard administrator@vsphere.local account. Could You please advise how to resolve this issue, what do You mean by "explicitly add the account as an Administrator at the vCenter server level"?

    ReplyDelete
    Replies
    1. Hi Janusz, I created a service account in AD specifically for AWS Connector purposes. Whenever possible, I like to use Domain Groups when applying permissions. However, at this time AWS does not support Domain groups. The AWS Connector AD account (ex. Domain\AWSAccount) was added at the vCenter level and given the Administrator Role. I have added a picture to the post for clarity.

      Delete
    2. Thank You. My mistake. The user was OK but i was trying to login with "username@domain" or simply "username" having this domain defined as default in web client. Finally i have tried with "Domain\USERNAME" and it works fine...

      Delete
    3. Awesome. Glad to hear everything is sorted.

      Delete
  2. Thanks for providing this informative information you may also refer.
    http://www.s4techno.com/blog/2015/12/24/aws-rds-in-sql-server-5-minute-deploy/

    ReplyDelete