To create a network profile, you make a POST request with a region ID associated with a cloud account.

A Cloud Assembly network profile describes the behavior of the network to be deployed. For example, a network might need to be Internet facing versus internal only. Networks and their profiles are cloud-specific.

For information on network profiles, see Learn more about network profiles in vRealize Automation.

The networks in this example are used for provisioning to existing or public networks. If you are working with on-demand or deployment networks, see Using the Network APIs.

If you are provisioning to a private network, or outbound networks with one-way access to upstream networks, you create a network profile with isolation enabled by either subnet or security group. See Create a Network Profile with Isolation.

If you want to add firewall rules to all machines provisioned with a network profile, you create a network profile with security groups. See Create a Network Profile with Security Groups.

Prerequisites

  • Verify that all general prerequisites and prerequisites for the Cloud Assembly Infrastructure as a Service (IaaS) service have been satisfied. See Prerequisites for API Use Case Examples.
  • Verify that you have the cloud account ID for the new cloud account that you added. See Adding Cloud Accounts.

Procedure

  1. Assign the cloud account ID variable.
    cloud_account_id='<your_cloud_account_id>'
  2. Look up regions associated with the cloud account ID and with the region name us-east-1.
    curl -X GET -H 'Content-Type: application/json' -H "Authorization: Bearer $access_token" "$url/iaas/api/regions/?apiVersion=$api_version&"'$filter'"=name%20eq%20'us-east-1'%20and%20cloudAccountId%20eq%20'"$cloud_account_id"'"  | jq "."
  3. Examine the response to find the ID for the region that you want.
  4. Assign the region ID variable.
    region_id='<your_region_id>'
  5. Filter for fabric networks associated with the cloud account ID and in the external region ID us-east-1.
    curl -X GET -H 'Content-Type: application/json' -H "Authorization: Bearer $access_token" $url/iaas/api/fabric-networks?apiVersion=$api_version&"'$filter='"externalRegionId%20eq%20'us-east-1'%20and%20cloudAccountId%20eq%20'$cloud_account_id'" | jq "."

    For details on how to construct a filter, see Filtering Resources by Region ID.

  6. Examine the response to find the IDs for the public networks that you want to include in your network profile.
  7. Create a network profile.
    curl -X POST \
      $url/iaas/api/network-profiles?apiVersion=$api_version \
      -H 'Content-Type: application/json' \
      -H "Authorization: Bearer $access_token" \
      -d '{
        "name":"<your-network-profile>",
        "description":"Example Network Profile",
        "regionId":"'$region_id'",
        "fabricNetworkIds": [
          "<network_id1_from_response>",
          "<network_id2_from_response>"
        ],
        "tags": [ { "key": "env", "value": "prod" } ]
      }' | jq "."
  8. To obtain the network profile ID, examine the response.
  9. Assign the network profile ID variable.
    network_profile_id='<your_network_profile_id>'
  10. (Optional) Look up the network profile you created with your network profile ID.
    curl -X GET -H 'Content-Type: application/json' -H "Authorization: Bearer $access_token" $url/iaas/api/network-profiles/$network_profile_id?apiVersion=$api_version | jq "."
    The response shows the name and ID for the network profile you created.

Example: Create a network profile

Assign the required variables including a cloud account ID.
url='https://appliance.domain.com'
$ api_version='2021-07-15'
$ cloud_account_id='c8c3c9bfdb449475-7f703c5265a63d87-5fa34c478df36b060e1ca3551254c4033013bf3283908e4661cd1c6fb2f8b9ae-ce5aad01092b47558644f6b6615d'

Look up region IDs associated with the cloud account and in the external region ID us-east-1.

$ curl -X GET -H 'Content-Type: application/json' -H "Authorization: Bearer $access_token" "$url/iaas/api/regions/?apiVersion=$api_version&"'$filter'"=externalRegionId%20eq%20'us-east-1'%20and%20cloudAccountId%20eq%20'"$cloud_account_id"'"  | jq "."

A snippet of the response shows the region ID.

...      
      "externalRegionId": "us-east-1",
      "cloudAccountId": "c8c3c9bfdb449475-7f703c5265a63d87-5fa34c478df36b060e1ca3551254c4033013bf3283908e4661cd1c6fb2f8b9ae-ce5aad01092b47558644f6b6615d",
      "id": "37d6c1acf4a8275586468873c739",
      "updatedAt": "2022-04-02",
...

Assign the region ID.

$ region_id='37d6c1acf4a8275586468873c739'

Filter for fabric networks associated with the cloud account ID and in the external region ID us-east-1.

curl -X GET -H 'Content-Type: application/json' -H "Authorization: Bearer $access_token" $url/iaas/api/fabric-networks?apiVersion=$api_version | jq "."

A snippet of the response shows the fabric network ID for a public network that you can include in your network profile.

...            
      "isPublic": true,
      "isDefault": true,
      "cidr": "172.31.16.0/20",
      "externalRegionId": "us-east-1",
      "tags": [
        {
          "key": "vmware.enumeration.type",
          "value": "ec2_subnet"
        }
      ],
      "cloudAccountIds": [
        "c8c3c9bfdb449475-7f703c5265a63d87-f8e705d89b2569e1aac66c6d00bf4fc7ef4b1c44100f0e944af31eb8ba3d2a5a-5a45a4b9d5c72475575931611aa28",
        "c8c3c9bfdb449475-7f703c5265a63d87-5fa34c478df36b060e1ca3551254c4033013bf3283908e4661cd1c6fb2f8b9ae-ce5aad01092b47558644f6b6615d"
      ],
      "name": "subnet-0130834a",
      "id": "d43efed364ef18755759316540e3f",
...

Select the IDs of fabric networks that you want to include in your profile and create a network profile named example-network-profile.

$ curl -X POST \
  $url/iaas/api/network-profiles?apiVersion=$api_version \
  -H 'Content-Type: application/json' \
  -H "Authorization: Bearer $access_token" \
  -d '{
    "name":"example-network-profile",
    "description":"Example Network Profile",
    "regionId":"'$region_id'",
    "fabricNetworkIds": [
      "d43efed364ef18755759316540e3d",
      "d43efed364ef18755759316540e3f"
    ],
    "tags": [ { "key": "env", "value": "prod" } ]
  }' | jq "."

A snippet of the response shows the network profile ID.

...          
  "name": "example-network-profile",
  "description": "Example Network Profile",
  "id": "9cb2d111c768927558f043ec13d70",
  "updatedAt": "2022-04-02",
...