Create a Linux virtual machine in Amazon EC2 called Endpoint VM in your VPC to deploy applications using vCloud Application Director.

A vCloud Application Director appliance can work with multiple Endpoint VMs. However, an Endpoint VM can only be designated as an endpoint of an Amazon Region, VPC, and Availability Zone for a single vCloud Application Director appliance.

Verify that an Amazon AWS user account is set up.

Verify that the a VPC is available as a target location in an Amazon Region for application deployments. See Configure Amazon EC2 Environment for vCloud Application Director.


Install one Endpoint VM in each VPC to manage using vCloud Application Director.


Create an Amazon-based CentOS virtual machine on the external subnet.


Use either the amazon/ami-vpc-nat-1.0.0-beta.i386-ebs AMI or the amazon/ami-vpc-nat-1.0.0-beta.x86_64-ebs AMI.

The AMI is preconfigured to act as an IP masquerade device.


Use the EndpointAccess security group for this virtual machine.


Set an Elastic IP address for use in the VPC and assign the IP address to the Endpoint VM.


Use an OpenSSH client to log in to the Endpoint VM with the Elastic IP address and the private key.

 ssh -i PathToPrivateKeyFile ec2-user@ApplicationDirectorEndpointVM

In the CLI, open the /etc/ssh/sshd_config configuration file, add the GatewayPorts yes, ClientAliveInterval 30, and ClientAliveCountMax 3 lines.


(Optional) If the outbound SSH is blocked by your corporate firewall, ask your firewall administrator to set an alternative port to 2222 for SSH traffic.

Add the line Port 2222 to the /etc/ssh/sshd_config configuration file.


Restart the SSH daemon.

sudo service sshd restart

Create an iptable rule to reroute the internal port 80 access to 8080.

sudo iptables -t nat -I PREROUTING --source 0/0 --destination internal-ip-address-of-endpoint-vm -p tcp --dport 80 -j REDIRECT 
--to-ports 8080

Log out of the Endpoint VM.

Set up a cloud tunnel for Amazon EC2 deployments to communicate with the vCloud Application Director server. See Create a Cloud Tunnel to Connect to Amazon EC2.