Hi,
When deploying an SDDC, a connected VPC and subnet is chosen and linked.
For creating native services in Connected VPC (ex; S3 interface endpoint), do I need to create a new subnet in same AZ so I do not consume IP's from the SDDC Connected subnet?
Thanks
While the subnet doesn't have to be reserved for the SDDC, it is best to do dedicate one for it. There are certain constraint on the route tables and security groups being used.
The subnet for the SDDC shouldn't be to big, and a /26 is recommended, but a /27 can be used as well.
More can be read here:
https://blogs.vmware.com/cloud/2019/10/03/selecting-ip-subnets-sddc/
While the subnet doesn't have to be reserved for the SDDC, it is best to do dedicate one for it. There are certain constraint on the route tables and security groups being used.
The subnet for the SDDC shouldn't be to big, and a /26 is recommended, but a /27 can be used as well.
More can be read here:
https://blogs.vmware.com/cloud/2019/10/03/selecting-ip-subnets-sddc/
indeed, this is the key part:
"It is best not to modify these routes manually, and also a best practice to dedicate the selected subnet for the SDDC, by deploying any native services in different subnets within the VPC. For this reason, make sure to size the VPC sufficiently large to accommodate current and future AWS native workloads that will interact with the SDDC "