Amazon EVS Overview

AWS Service VMware Cloud Foundation Bare-Metal VCF 5.2.2 Jointly engineered by AWS & Broadcom

1 What is Amazon EVS?

Amazon Elastic VMware Service (Amazon EVS) is a native AWS service that deploys and runs VMware Cloud Foundation (VCF) directly inside your own Amazon VPC on dedicated EC2 bare-metal instances. There is no shared infrastructure — you get the entire physical host, with full root access to every VMware component.

EVS was jointly engineered by AWS and Broadcom. AWS operates the physical infrastructure and provides L1/L2 support. Broadcom provides L3 support for VCF. You bring your own VCF subscription (BYOS) from Broadcom, and AWS bills separately for EC2 instances, Route Server endpoints, and the EVS control plane.

Key differentiator: Unlike VMware Cloud on AWS (VMC), Amazon EVS runs inside your own VPC with no AWS-managed intermediate layer. You own the VCF lifecycle — patches, upgrades, and Day 2 operations are managed by you or an AWS Partner.

Core value propositions

🔄 Migration continuity

Migrate workloads without changing IP addresses, retooling staff, or rewriting runbooks. Same vSphere and NSX tools you use today.

🎛 Full architectural control

Root access to ESXi, vCenter, NSX Manager, and SDDC Manager. Supports third-party solutions and custom configurations.

☁ 200+ AWS services

Direct access to native AWS services — S3, RDS, SageMaker, EKS, Lambda, Direct Connect — without data movement.

⚖ Flexible management

Self-managed or choose an AWS Partner for fully managed VCF operations. On-demand, 1-year, or 3-year subscription terms.

2 Architecture

The VCF stack on AWS

EVS deploys the full VMware Cloud Foundation stack automatically when you call CreateEnvironment. Every layer is configured and connected by EVS — no manual installation required.

🖥

Customer Workloads (VMs / Containers / Kubernetes)

Lift-and-shift · Dev/Test · DR · Modern Apps · AI workloads

⊕

VMware NSX-T — Overlay Networking

Tier-0 / Tier-1 gateways · Micro-segmentation · BGP uplinks to Route Server

▣

VMware vSphere (ESXi + vCenter) & vSAN ESA

Compute virtualization · Pooled NVMe storage (Express Storage Architecture)

⊞

SDDC Manager — Lifecycle Management

Patches · Upgrades · Domain management · Day 2 operations

⚙

EC2 i4i.metal — Dedicated Bare-Metal

128 vCPU · 1,024 GiB RAM · 30 TiB NVMe · 75 Gbps · Intel Xeon Ice Lake

↔

AWS VPC + VPC Route Server (BGP)

Dynamic routing between NSX overlay and VPC underlay · Route 53 · DHCP

Network architecture & VLANs

EVS automatically provisions dedicated VLANs for all VMware traffic inside the VPC. The VPC Route Server exchanges BGP routes between the NSX Tier-0 Edge nodes and the VPC route table, eliminating static route management entirely.

EVS Network Topology — VPC VLANs & BGP Routing Architecture Diagram

BGP routes from NSX Tier-0 Edge nodes propagate automatically to the VPC route table via the Route Server. No static routes required.

Shared responsibility model

AWS manages

Physical bare-metal hardware (EC2 i4i.metal)
AWS global network and VPC infrastructure
L1 / L2 support for EVS and EC2
Physical data center security
EVS control plane (CreateEnvironment API)
Hardware failure and replacement

Customer / Partner manages

VCF lifecycle — patches, upgrades, Day 2 ops
VM workloads, guest OS, application security
NSX network policies and micro-segmentation
VCF licensing (BYOS from Broadcom)
IAM roles and VPC access controls
Backup, DR configuration, data protection
Regulatory and compliance requirements

3 Use Cases

EVS supports every stage of the cloud journey — from burst capacity and DR to full data center migration and modern application platforms.

Cloud Extension & Data Center Expansion

Extend on-premises VMware infrastructure to AWS without re-architecting workloads. Ideal for seasonal demand spikes, data center consolidation mandates, and capacity expansion. HCX live migration moves VMs with no downtime and no IP address changes.

Disaster Recovery

Use EVS as a secondary DR site with fast RTO/RPO. VMware Live Site Recovery (SRM/VLSR) automates failover and failback. HCX L2 extension stretches networks between on-prem and AWS. Advanced Cyber Recovery (ACC) add-on provides ransomware protection with immutable backups.

Rapid Cloud Migration & Legacy Retirement

Migrate VMware workloads to AWS in days, not months — without changing IP addresses, retraining teams, or rewriting applications. HCX bulk migration handles large VM fleets. After migration, incrementally refactor applications to consume native AWS services.

VCF as a Service (CapEx → OpEx)

Shift VMware infrastructure from capital expenditure to a consumption model. On-demand, 1-year, or 3-year terms available. Choose self-managed operations or delegate to an AWS Partner managed service provider. Ideal for organizations with a board mandate to reduce data center footprint.

AI / Analytics & Modern App Platform

Keep data gravity on EVS while reaching native AWS AI/ML services (SageMaker, Bedrock) without data movement. VMware Kubernetes Service (VKS) runs containers natively alongside VMs. Data Services Manager (DSM) provides self-service databases on VCF.

4 Regional Availability

Amazon EVS is available in 19 AWS regions today. Additional regions are added on an ad-hoc basis each quarter. AWS GovCloud support is planned for Q3 2026.

US East (N. Virginia)

US East (Ohio)

US West (Oregon)

US West (N. California)

Canada (Central)

Canada West (Calgary)

Mexico (Central)

South America (São Paulo)

Europe (Frankfurt)

Europe (Ireland)

Europe (London)

Europe (Paris)

Europe (Milan)

Asia Pacific (Singapore)

Asia Pacific (Tokyo)

Asia Pacific (Sydney)

Asia Pacific (Mumbai)

Asia Pacific (Hyderabad)

Asia Pacific (Malaysia)

5 Features & Capabilities

Core platform

Feature	Status	Notes
VCF Version	✓ VCF 5.2.2	VCF 9.1 Q2 2026
Bare-Metal Instance	✓ i4i.metal	i7i / i7ie Roadmap
Hosts per Cluster	✓ 4 minimum, 16 maximum	32 hosts Q1 2026
Subscription Terms	✓ On-Demand · 1yr · 3yr	BYOS — bring your own VCF subscription
Customer Root Access	✓ Full root to all components	ESXi, vCenter, NSX, SDDC Manager
L1/L2 Support	✓ By AWS	L3 by Broadcom
AWS Transit Gateway	✓ Supported	Connect VPCs, Direct Connect, VPN
HCX Migration	✓ Included	Live migration · bulk migration · L2 extension
NSX Federation	✓ Available	AWS validation required for multi-site
External Datastore	✓ FSx ONTAP · Pure Storage	External storage as principal Roadmap
Hybrid Linked Mode	✓ Supported	Unified vCenter view across on-prem and EVS
Microsoft Licensing	✓ BYOL today	SPLA Q2 2026
Stretched Cluster (multi-AZ)	Not yet	Q3 2026
AWS GovCloud	Not yet	Q3 2026

VMware advanced services add-ons

Add-on	Status	Description
VCF Automation	✓ Included	Self-service catalog and orchestration
VCF Operations	✓ Included	vROps-based monitoring and analytics
vDefend (Advanced Firewall)	✓ Available	Distributed IDS/IPS and network detection & response
AVI (Advanced Load Balancer)	✓ Available	Software-defined load balancing with autoscaling
VMware Kubernetes Service (VKS)	✓ Available	Kubernetes natively alongside VMs on VCF
VLSR / SRM (Site Recovery)	✓ Available	Automated DR failover and failback orchestration
Data Services Manager (DSM)	✓ Available	Self-service database platform on VCF
NSX Federation	✓ Available	Multi-site NSX policy management
VCF Operations for Networks	✓ Available	Network observability and troubleshooting
Advanced Cyber Recovery (ACC)	Roadmap	Cyber vault with immutable backups Q2 2026

Getting started

Before running CreateEnvironment, AWS requires a specific set of VPC prerequisites to be in place. The vCloudOne prereq guide covers all 11 phases with step-by-step instructions, and the Terraform kit automates the AWS infrastructure deployment in under 5 minutes.

Next step: Use the EVS Prerequisite Guide to set up your VPC, Route 53, DHCP, Route Server, and IAM resources — then run the Prereq Validator to confirm your environment is ready before calling CreateEnvironment.