If you need ACI in AWS or Azure, you're just doing it wrong
So... the year is 2019 and well... software defined is... um... in software.
ACI has one of the most horrible management and configuration systems ever to be presented on earth. It started off as a solution to support an "intelligent" means of partitioning services within data centers running VMware. This is because VMware really really needed it. VMware, even with NSX still networking like it's 1983. So companies invested heavily in ACI which would allow them to define services based on port-groups and describe policies to connect the services together and even support service insertion.
Well, if you're in the 21st century and using Hyper-V, or far better yet, OpenStack and even better Docker/Kubernetes, all of these features are simply built in. In Docker Swarm mode, it's even possible to do all of this with full end-to-end encryption between all services. And since you can free up about 98% of your bandwidth from storage in a VM environment, you have lots of extra bandwidth and also extra CPU... and I mean LOTS of extra CPU... a well written FaaS function using 0.0001% of the resources that a similar routine on a VM would use... no exaggeration... that's the actual number... we measure resource consumption in micro-CPUs (as in one millionth of a CPU) as opposed to in terms of vCPUs when doing FaaS. For PaaS on Docker, we think in terms of milli-CPUs for similar functions.
So, we use all that idle CPU power for networking functions. And since we can truly micro-segment (not VMWare NSX crap segmentation or ACI brainless segmentation), we can have lots of load balancers and encryption engines and firewalls, etc... and still not use a 100th of what ACI would waste in resources or a millionth of what it would waste in money.
The best solution a company can take in terms of the 21st century is to start moving their systems more and more to proper modern networking and virtualization rather than wasting all that money on trying to come up with ways of scaling even further up using solutions like ACI.
What's worse is that if you're considering using ACI in the cloud, what it says is that you think that none of the pretty damn awesome SDN solutions that are integral parts of the cloud provider's solution work. And instead you're willing to spend A LOT more money to add networking that doesn't do anything that their offerings don't but at least creates a bunch of new jobs for engineers who don't really understand how it works to begin with.
Having reviewed ACI in the cloud in extreme detail... the only thing I could come up with is "Why the hell would anyone want that?". I was just at a job interview with a major multi-national financial clearing house where they wanted to hire me as an architect to recover from their failed attempt at ACI... I explained that the first thing I'd do is delete ACI from the Nexus 9000 switches, upgrade to NX-OS (the legacy networking platform) setup layer-3 connectivity between nodes and use their OpenShift environment to manage the networking and handle all the software defined networking as it's far better suited for it. They loved the idea... we could easily reduce the complexity of the networking infrastructure by a substantial amount. In fact, by using a simple layer-3 topology (all that's needed for real SDN which operates entirely on tunnels over layer-3) we could cut costs on people and equipment by millions per year.
Cisco has spent the last 10 years trying to make new technologies which don't actually solve problems but add complexity and therefore errors and management headaches at up to 100 times the cost of their other solutions which are actually more suitable. And I really only wish I was exaggerating those numbers. ACI actually increases costs DRASTICALLY with absolutely no chance for return on investment.
On the other hand, if your company has a VMware data center and A LOT of VMs which will take years (if ever) to replace with intelligent solutions, I would recommend buying two small HyperFlex stacks (retail cost with VMware licenses and ACI, about $1.6 million minimum configuration) which should let you cut the operations overhead substantially... possibly down to 3-5 people... until you can move more and more systems off the legacy platform.