Today, when you deploy a new SDDC on VMware Cloud on AWS (VMC), it is based on NSX-V by default, nothing ground breaking. However, customers also have the option to request an NSX-T based SDDC, which actually came as a surprise to a couple of folks who I spoke with at VMworld. Back in August, Early Access for NSX-T based SDDC was announced and customers can take advantage of the additional networking and security capabilities provided by NSX-T within VMC. Humair Ahmed who works over in our Networking & Security Business Unit has an excellent blog post here that goes into more details. If you are interested in an NSX-T based SDDC, please reach out to your local VMware account team for more information.
Upon first glance, you might think that this is the exact same version of NSX-T that we have been shipping to our on-premises customers but in fact, it is actually a brand new and improved version. Similar to vSphere (vCenter and ESXi) and VSAN, VMC is always running a newer version of our software than our on-prem customers. One immediate difference that you should be aware of when using NSX-T in VMC is that the current NSX-T API is not available and instead a new NSX-T Policy API has been introduced to help simplify the consumption of NSX-T. All functionality in the current on-prem NSX-T API can be consumed using the new Policy API.
At VMworld, I spoke to a number of current and upcoming customers with NSX-T based SDDCs and they were really interested in using the new NSX-T Policy API and as the title of this blog post suggests, this will be a quick primer on how to do that. Before we get started, confirm that you have an NSX-T based SDDC deployed. If you are not sure, there are a few ways to determine this using either the VMC Console UI or API, instructions can be found here and here.