Skip to content

Support Placement options for AWS #724

New issue
New issue
Open
#726
Open
Support Placement options for AWS#724
#726
Labels
enhancement
@kcbimonte

Description

@kcbimonte
kcbimonte
opened on Feb 12, 2026

Is your feature request related to a problem? Please describe.

When deploying Ops Manager using Terraform or the normal AWS CLI, I can specify the tenancy option to place Ops Manager onto a dedicated instance / host. However, when using the om cli commands to manage the full lifecycle, I can't make Ops Manager sit on a dedicated instance without making the full VPC dedicated.

Describe the solution you'd like

Updating the AWS configuration section to include a placement property with the below information that allows for advanced configuration:

{
  "AvailabilityZoneId": "string",
  "Affinity": "string",
  "GroupName": "string",
  "PartitionNumber": integer,
  "HostId": "string",
  "Tenancy": "default"|"dedicated"|"host",
  "SpreadDomain": "string",
  "HostResourceGroupArn": "string",
  "GroupId": "string",
  "AvailabilityZone": "string"
}

Which would look something like the following:

---
opsman-configuration:
  aws:
    region: us-west-2
    vpc_subnet_id: subnet-0292bc845215c2cbf
    security_group_ids: [ sg-0354f804ba7c4bc41 ]
    key_pair_name: ops-manager-key  # used to SSH to VM
    iam_instance_profile_name: env_ops_manager

    # At least one IP address (public or private) needs to be assigned to the
    # VM. It is also permissible to assign both.
    public_ip: 1.2.3.4      # Reserved Elastic IP
    private_ip: 10.0.0.2

    # Optional
    # vm_name: ops-manager-vm    # default - ops-manager-vm
    # boot_disk_size: 100        # default - 200 (GB)
    # boot_disk_type: gp3        # default - gp2
    # instance_type: m5.large    # default - m5.large
                                 # NOTE - not all regions support m5.large
    # assume_role: "arn:aws:iam::..." # necessary if a role is needed to authorize
                                      # the OpsMan VM instance profile
    # tags: {key: value}              # key-value pair of tags assigned to the
    #                                 # Ops Manager VM
    # Omit if using instance profiles
    # And instance profile OR access_key/secret_access_key is required
    # access_key_id: ((access-key-id))
    # secret_access_key: ((secret-access-key))

    # security_group_id: sg-123  # DEPRECATED - use security_group_ids
    # use_instance_profile: true # DEPRECATED - will use instance profile for
                                 # execution VM if access_key_id and
                                 # secret_access_key are not set

    # placement_options:               # default - null
    #   tenancy: dedicated             # can only set default, dedicated, or host
    #   host_id: h-07879acf49EXAMPLE   # necessary if host auto placement is not set
    #   ... 

  # Optional Ops Manager UI Settings for upgrade-opsman
  # ssl-certificate: ...
  # pivotal-network-settings: ...
  # banner-settings: ...
  # syslog-settings: ...
  # rbac-settings: ...

The property itself would be empty to start and checked in the code. From there, only options that are populated would end up in the placement strategy param. Like the following:

aws ec2 run-instances \
    --image-id ami-0abcdef1234567890 \
    --instance-type t3.micro \
    --subnet-id subnet-abcdefgh123456789 \
    --key-name MyKeyPair \
    --placement "Tenancy=dedicated"

Describe alternatives you've considered

Since we rely on the Platform Automation Tasks and the om cli, we haven't considered other options other than receiving a waiver against the requirements,

Additional context

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancement

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions