To create a network profile, you make a POST request with a region ID associated with a cloud account.
A Cloud Assembly network profile describes the behavior of the network to be deployed. For example, a network might need to be Internet facing versus internal only. Networks and their profiles are cloud-specific.
The networks in this example are used for provisioning to existing or public networks.
If you are provisioning to a private network, or outbound networks with one-way access to upstream networks, you create a network profile with isolation enabled by either subnet or security group. See Create a Network Profile with Isolation.
If you want to add firewall rules to all machines provisioned with a network profile, you create a network profile with security groups. See Create a Network Profile with Security Groups.
Prerequisites
- Verify that all general prerequisites and prerequisites for the Cloud Assembly Infrastructure as a Service (IaaS) service have been satisfied. See Prerequisites for API Use Case Examples.
- Verify that you have the cloud account ID for the new cloud account that you added. See Adding Cloud Accounts.
Procedure
Example: Create a network profile
url='https://appliance.domain.com'
$ api_version='2021-07-15'
$ cloud_account_id='c8c3c9bfdb449475-7f703c5265a63d87-5fa34c478df36b060e1ca3551254c4033013bf3283908e4661cd1c6fb2f8b9ae-ce5aad01092b47558644f6b6615d'
Look up region IDs associated with the cloud account and in the external region ID us-east-1.
$ curl -X GET -H 'Content-Type: application/json' -H "Authorization: Bearer $access_token" "$url/iaas/api/regions/?apiVersion=$api_version&"'$filter'"=externalRegionId%20eq%20'us-east-1'%20and%20cloudAccountId%20eq%20'"$cloud_account_id"'" | jq "."
A snippet of the response shows the region ID.
...
"externalRegionId": "us-east-1",
"cloudAccountId": "c8c3c9bfdb449475-7f703c5265a63d87-5fa34c478df36b060e1ca3551254c4033013bf3283908e4661cd1c6fb2f8b9ae-ce5aad01092b47558644f6b6615d",
"id": "37d6c1acf4a8275586468873c739",
"updatedAt": "2022-04-02",
...
Assign the region ID.
$ region_id='37d6c1acf4a8275586468873c739'
Filter for fabric networks associated with the cloud account ID and in the external region ID us-east-1.
curl -X GET -H 'Content-Type: application/json' -H "Authorization: Bearer $access_token" $url/iaas/api/fabric-networks?apiVersion=$api_version | jq "."
A snippet of the response shows the fabric network ID for a public network that you can include in your network profile.
...
"isPublic": true,
"isDefault": true,
"cidr": "172.31.16.0/20",
"externalRegionId": "us-east-1",
"tags": [
{
"key": "vmware.enumeration.type",
"value": "ec2_subnet"
}
],
"cloudAccountIds": [
"c8c3c9bfdb449475-7f703c5265a63d87-f8e705d89b2569e1aac66c6d00bf4fc7ef4b1c44100f0e944af31eb8ba3d2a5a-5a45a4b9d5c72475575931611aa28",
"c8c3c9bfdb449475-7f703c5265a63d87-5fa34c478df36b060e1ca3551254c4033013bf3283908e4661cd1c6fb2f8b9ae-ce5aad01092b47558644f6b6615d"
],
"name": "subnet-0130834a",
"id": "d43efed364ef18755759316540e3f",
...
Select the IDs of fabric networks that you want to include in your profile and create a network profile named example-network-profile.
$ curl -X POST \
$url/iaas/api/network-profiles?apiVersion=$api_version \
-H 'Content-Type: application/json' \
-H "Authorization: Bearer $access_token" \
-d '{
"name":"example-network-profile",
"description":"Example Network Profile",
"regionId":"'$region_id'",
"fabricNetworkIds": [
"d43efed364ef18755759316540e3d",
"d43efed364ef18755759316540e3f"
],
"tags": [ { "key": "env", "value": "prod" } ]
}' | jq "."
A snippet of the response shows the network profile ID.
...
"name": "example-network-profile",
"description": "Example Network Profile",
"id": "9cb2d111c768927558f043ec13d70",
"updatedAt": "2022-04-02",
...
