To create a network profile, you make a POST request with a region ID associated with a cloud account.
A Cloud Assembly network profile describes the behavior of the network to be deployed. For example, a network might need to be Internet facing versus internal only. Networks and their profiles are cloud-specific.
The networks in this example are used for provisioning to existing or public networks.
If you are provisioning to a private network, or outbound networks with one-way access to upstream networks, you create a network profile with isolation enabled by either subnet or security group. See Create a Network Profile with Isolation.
If you want to add firewall rules to all machines provisioned with a network profile, you create a network profile with security groups. See Create a Network Profile with Security Groups.
Prerequisites
- Verify that all general prerequisites have been satisfied. See Prerequisites for working with the Cloud Assembly APIs.
- Verify that you have the cloud account ID for the new cloud account that you added. See Adding Cloud Accounts.
Procedure
Example: Create a network profile
url='https://appliance.domain.com'
$ api_version='2021-07-15'
$ cloud_account_id='c8c3c9bfdb449475-7f703c5265a63d87-5fa34c478df36b060e1ca3551254c4033013bf3283908e4661cd1c6fb2f8b9ae-ce5aad01092b47558644f6b6615d'
Look up region IDs associated with the cloud account and in the external region ID us-east-1.
$ curl -X GET -H 'Content-Type: application/json' -H "Authorization: Bearer $access_token" "$url/iaas/api/regions/?apiVersion=$api_version&"'$filter'"=externalRegionId%20eq%20'us-east-1'%20and%20cloudAccountId%20eq%20'"$cloud_account_id"'" | jq "."
A snippet of the response shows the region ID.
...
"externalRegionId": "us-east-1",
"cloudAccountId": "c8c3c9bfdb449475-7f703c5265a63d87-5fa34c478df36b060e1ca3551254c4033013bf3283908e4661cd1c6fb2f8b9ae-ce5aad01092b47558644f6b6615d",
"id": "37d6c1acf4a8275586468873c739",
"updatedAt": "2022-04-02",
...
Assign the region ID.
$ region_id='37d6c1acf4a8275586468873c739'
Filter for fabric networks associated with the cloud account ID and in the external region ID us-east-1.
curl -X GET -H 'Content-Type: application/json' -H "Authorization: Bearer $access_token" $url/iaas/api/fabric-networks?apiVersion=$api_version | jq "."
A snippet of the response shows the fabric network ID for a public network that you can include in your network profile.
... "isPublic": true, "isDefault": true, "cidr": "172.31.16.0/20", "externalRegionId": "us-east-1", "tags": [ { "key": "vmware.enumeration.type", "value": "ec2_subnet" } ], "cloudAccountIds": [ "c8c3c9bfdb449475-7f703c5265a63d87-f8e705d89b2569e1aac66c6d00bf4fc7ef4b1c44100f0e944af31eb8ba3d2a5a-5a45a4b9d5c72475575931611aa28", "c8c3c9bfdb449475-7f703c5265a63d87-5fa34c478df36b060e1ca3551254c4033013bf3283908e4661cd1c6fb2f8b9ae-ce5aad01092b47558644f6b6615d" ], "name": "subnet-0130834a", "id": "d43efed364ef18755759316540e3f", ...
Select the IDs of fabric networks that you want to include in your profile and create a network profile named example-network-profile.
$ curl -X POST \ $url/iaas/api/network-profiles?apiVersion=$api_version \ -H 'Content-Type: application/json' \ -H "Authorization: Bearer $access_token" \ -d '{ "name":"example-network-profile", "description":"Example Network Profile", "regionId":"'$region_id'", "fabricNetworkIds": [ "d43efed364ef18755759316540e3d", "d43efed364ef18755759316540e3f" ], "tags": [ { "key": "env", "value": "prod" } ] }' | jq "."
A snippet of the response shows the network profile ID.
...
"name": "example-network-profile",
"description": "Example Network Profile",
"id": "9cb2d111c768927558f043ec13d70",
"updatedAt": "2022-04-02",
...