Using a Virtual Private Endpoint
After you created your IBM Cloud® Virtual Private Cloud (VPC) and you want to connect to IBM Cloud for VMware Cloud Foundation as a Service APIs to create or manage your instance, you can create a Virtual Private Endpoint (VPE) in your VPC to access VMware Cloud Foundation (VCF) as a Service APIs within your VPC network.
You can configure the VPE to use the IP addresses of your choice from a subnet within your VPC. VPEs are bound to a VPE gateway and serve as an intermediary that enables your workload to interact with VCF as a Service.
To connect to VCF as a Service by using a VPE, you must use the VCF as a Service API. You must access the VMware Solutions console through a public network from your VPC.
Before you begin
You must complete the following before you target a VPE for VCF as a Service.
- Ensure that you have provisioned a Virtual Private Cloud.
- Ensure that you have reviewed Planning for Virtual Private Endpoints.
- Ensure that correct access controls are set for your VPE.
- Understand the limitations of having a VPE.
- Ensure that you have created and understand how to access a VPE gateway.
- Understand how to view details of a VPE.
You may need to manually update VPE settings, specifically the IP address, during disaster recovery and business continuity actions.
Virtual Private Service Endpoints
The following table lists regions where VCF as a Service supports VPE. The table also provides VCF as a Service endpoints supported from each region. You can connect to VCF as a Service in another region using supported endpoints.
When connecting to a VPE using CLI or API, you must specify the Cloud resource name of the region that you use to connect to VCF as a Service. Use the following table to locate the Cloud resource name of the target region.
Region | Supported endpoints | Cloud resource name |
---|---|---|
Dallas | api.private.us-south.vmware.cloud.ibm.com |
crn:v1:bluemix:public:vmware:us-south:::endpoint:api:private.us-south.vmware.cloud.ibm.com |
Frankfurt | api.private.eu-de.vmware.cloud.ibm.com |
crn:v1:bluemix:public:vmware:eu-de:::endpoint:api:private.eu-de.vmware.cloud.ibm.com |
London | api.private.eu-gb.vmware.cloud.ibm.com |
crn:v1:bluemix:public:vmware:eu-gb:::endpoint:api:private.eu-gb.vmware.cloud.ibm.com |
Madrid | api.private.eu-es.vmware.cloud.ibm.com |
crn:v1:bluemix:public:vmware:eu-es:::endpoint:api:private.eu-es.vmware.cloud.ibm.com |
Sydney | api.private.au-syd.vmware.cloud.ibm.com |
crn:v1:bluemix:public:vmware:au-syd:::endpoint:api:private.au-syd.vmware.cloud.ibm.com |
Tokyo | api.private.jp-tok.vmware.cloud.ibm.com |
crn:v1:bluemix:public:vmware:jp-tok:::endpoint:api:private.jp-tok.vmware.cloud.ibm.com |
Toronto | api.private.ca-tor.vmware.cloud.ibm.com |
crn:v1:bluemix:public:vmware:ca-tor:::endpoint:api:private.ca-tor.vmware.cloud.ibm.com |
Washington DC | api.private.us-east.vmware.cloud.ibm.com |
crn:v1:bluemix:public:vmware:us-east:::endpoint:api:private.us-east.vmware.cloud.ibm.com |