Create a Deployment Limit Policy
To limit resource consumption in deployments, you can create a limit policy. The policy applies limits to all deployments in an organization by default.
To access the
Swagger documentation for deployment limit policy data, see
https://<vRA-HOSTNAME>/approval/api/swagger/swagger-ui.html#/Deployment%20limit%20policy%20data.
For example, if you specify a cloud template ID as the resource criteria, you can restrict the policy so that it only applies limits to deployments created from a specific cloud template. The following procedure shows how to use the Deployment limit API to get the cloud template ID before creating the deployment limit policy using the Policy API.
Prerequisites
- Verify that all general prerequisites have been satisfied. See Prerequisites for Requesting a Deployment from a Catalog Item.
- Assign an API version variable for the
Deployment Limit
API.
api_version_deploymentlimit='2020-11-01'
Note: The Deployment Limit API and Policy API have different API version values. You set the API version value for the Policy API when you satisfied the general prerequisites. - Verify you know the resource criteria that you want to use to restrict the policy.
Procedure
Example: Create a deployment limit policy
Create a deployment limit policy named Sample Limit Policy that is applied to limit resource usage in deployments created from a cloud template named template2.
Assign variables.
$ url='https://appliance.domain.com'
$ api_version='2020-08-25'
$ api_version_deploymentlimit='2020-11-01'
$ orgId='394a4ccb-22c6-4ef0-8c75-8b77efbefb51'
List the cloud templates.
$ curl -X GET \ $url/deploymentlimit/api/policy/data/blueprints?apiVersion=$api_version_deploymentlimit \ -H "Authorization: Bearer $access_token" | jq "."
Examine the response to find the cloud template named template2.
...
{
"id": "3d3c714f-0aeb-423d-a494-97e85e4a8566",
"name": "template2",
"description": "Cloud template for example deployment"
},
...
Assign the cloud template ID variable.
$ cloudtemplateId = "3d3c714f-0aeb-423d-a494-97e85e4a8566"
Use the cloud template ID to create the deployment limit policy with hard enforcement named Sample Limit Policy. The value for the type ID is fixed as com.vmware.policy.deployment.limit.
$ curl -X POST \
$url/policy/api/policies?apiVersion=$api_version \
-H "Authorization: Bearer $access_token" \
-H 'Content-Type: application/json' \
-d '{
"name": "Sample Limit Policy",
"enforcementType": "HARD",
"typeId": "com.vmware.policy.deployment.limit"
"definition": {
"deploymentLimits": {
"cpu": {
"value": 6
},
"memory": {
"unit": "GB",
"value": 5
},
"instances": {
"value": 3
}
},
"deploymentResourceLimits": {
"resources": [
{
"name": "vSphere-Machine-Limits",
"limits": {
"cpu": {
"value": 2
},
"memory": {
"unit": "GB",
"value": 2
}
},
"criteria": {
"matchExpression": [
{
"key": "type",
"value": "Cloud.vSphere.Machine",
"operator": "eq"
}
]
}
}
]
},
"criteria": {
"matchExpression": [
{
"key": "blueprintId",
"operator": "eq",
"value": "'$cloudtemplateId'"
}
]
}
}
}
| jq "."
The response shows the deployment limit policy.
{
"id": "62ad2f02-0b2a-4ed8-a739-a6c40d761e49",
"name": "Sample Limit Policy",
"typeId": "com.vmware.policy.deployment.limit",
"enforcementType": "HARD",
"orgId": "d2994f92-bd52-45b1-9220-686b20944c2c",
"definition": {
"deploymentLimits": {
"cpu": {
"value": 6
},
"memory": {
"unit": "GB",
"value": 5
},
"instances": {
"value": 3
}
},
"deploymentResourceLimits": {
"resources": [
{
"name": "vSphere-Machine-Limits",
"limits": {
"cpu": {
"value": 2
},
"memory": {
"unit": "GB",
"value": 2
}
},
"criteria": {
"matchExpression": [
{
"key": "type",
"value": "Cloud.vSphere.Machine",
"operator": "eq"
}
]
}
}
]
}
},
"criteria": {
"matchExpression": [
{
"key": "blueprintId",
"operator": "eq",
"value": "7950795a-4f66-451c-a79f-be9ef6bd723c"
}
]
},
"createdAt": "2021-11-08T09:45:38.108885Z",
"createdBy": "[email protected]",
"lastUpdatedAt": "2021-11-08T09:45:38.108885Z",
"lastUpdatedBy": "[email protected]"
}
The orgId that appears in the response is the organization ID for the user. See Verify User Roles.