Firewall requirements in VMware Aria Operations for cloud proxy outgoing traffic
search cancel

Firewall requirements in VMware Aria Operations for cloud proxy outgoing traffic

book

Article ID: 343492

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

By default, VMware Aria Operations requests to Allow outgoing HTTPS traffic for cloud proxy over port 443 to all endpoints.  Alternatively, you can use the direct URLs outlined in this article to allow outbound traffic from Cloud Proxies for your VMware Aria Operations to required endpoints only.

Note: This article is applicable to both the on-prem and SaaS versions of VMware Aria Operations.

Environment

VMware vRealize Operations 8.6.x
VMware vRealize Operations 8.10.x
VMware Aria Operations 8.12.x

Resolution

To configure more restricted Firewall rules for outgoing traffic, ensure that the following endpoints are allowed depending on your environment requirements.

VMware Aria Operations (on-prem)

  • IP address or FQDN of all nodes in the VMware Aria Operations cluster.

 

VMware Aria Operations (SaaS) - Commercial Cloud

  • s3-us-west-2.amazonaws.com
  • *.gw.region-code.vrops-cloud.com
Note: Replace region-code with the correct region code(s) for your environment:
  • *.gw.us.vrops-cloud.com
  • *.gw.au.vrops-cloud.com
  • *.gw.de.vrops-cloud.com
  • *.gw.uk.vrops-cloud.com
  • *.gw.in.vrops-cloud.com
  • *.gw.sg.vrops-cloud.com
  • *.gw.br.vrops-cloud.com
  • *.gw.ca.vrops-cloud.com
  • *.gw.jp.vrops-cloud.com

 

VMware Aria Operations (SaaS) - Gov Cloud

  • *.gw.vrealize-gov.vmware.com
  • registry.vrealize-gov.vmware.com
 

In case the environment monitors VMC on AWS, VMC on Dell, GCVE and /or VCF Cloud Accounts, use the following endpoints.

Commercial Cloud Environments

  • console.cloud.vmware.com
  • vmc.vmware.com

Gov Cloud Environments

  • console.cloud-us-gov.vmware.com
  • www.vmc-us-gov.vmware.com