Allow AWS region configuration for scanning in NSX CSM
Article ID: 336991
Updated On:
Products
VMware NSX
VMware NSX-T Data Center
Issue/Introduction
Symptoms:
- The inventory sync of account remain in progress for a long time.
- After it finishes, there are no regions, VPCs or VMs listed in CSM inventory.
A few scenarios where this can happen is :
- Account added in CSM has IAM restrictions to certain regions.
- On-prem firewall restricting network access to certain geographical regions.
Environment
VMware NSX-T Data Center
VMware NSX
Cause
This issue occurs as currently, NSX Cloud Service Manager (CSM) scans all AWS regions for the added cloud account.
This assumes that CSM will have access to all the regions. If for any reason CSM does not have access to any one region, then the inventory sync in CSM fails.
This assumes that CSM will have access to all the regions. If for any reason CSM does not have access to any one region, then the inventory sync in CSM fails.
Resolution
To resolve this issue:
- Log in as root to CSM shell.
- Edit the file /config/vmware/csm/awsconfig.properties.
- Add new property as below at the end of file with value having comma separated cloud region-names. These will be the only regions CSM will scan after restart done in step 4.
aws.regions.use.specified.only=aws-reqion-1,aws-region-2
Notes:
If all the configured regions names do not match AWS regions, error will be logged and no scanning will be done.
If at least one region is configured correctly, it will be scanned and for other invalid regions, error will be logged.
- Restart CSM by running this command:
service nsx-cloud-service-manager restart
- After CSM UI is up, trigger sync for the account.
Feedback
Yes
No
Powered by
