Networking API Reference
VPC CRUD, subnet management, security groups, ACLs, peering. Example requests and responses.
The NFYio Networking API manages VPCs, subnets, security groups, network ACLs, and VPC peering. All endpoints require authentication via API key or JWT.
Base URL: https://api.yourdomain.com
VPCs
Create VPC
curl -X POST https://api.yourdomain.com/v1/vpcs \
-H "Authorization: Bearer $API_KEY" \
-H "Content-Type: application/json" \
-d '{
"name": "production-vpc",
"description": "Production environment",
"cidr_block": "10.0.0.0/16",
"availability_zones": ["us-east-1a", "us-east-1b"]
}'Response:
{
"id": "vpc_abc123",
"name": "production-vpc",
"cidr_block": "10.0.0.0/16",
"status": "available",
"created_at": "2026-03-01T12:00:00Z"
}List VPCs
curl -X GET "https://api.yourdomain.com/v1/vpcs?limit=20&offset=0" \
-H "Authorization: Bearer $API_KEY"Response:
{
"vpcs": [
{
"id": "vpc_abc123",
"name": "production-vpc",
"cidr_block": "10.0.0.0/16",
"status": "available"
}
],
"total": 1
}Get VPC
curl -X GET https://api.yourdomain.com/v1/vpcs/vpc_abc123 \
-H "Authorization: Bearer $API_KEY"Delete VPC
curl -X DELETE https://api.yourdomain.com/v1/vpcs/vpc_abc123 \
-H "Authorization: Bearer $API_KEY"Response: 204 No Content (VPC must have no attached resources)
Subnets
Create Subnet
curl -X POST https://api.yourdomain.com/v1/subnets \
-H "Authorization: Bearer $API_KEY" \
-H "Content-Type: application/json" \
-d '{
"name": "private-app-1",
"vpc_id": "vpc_abc123",
"cidr_block": "10.0.2.0/24",
"availability_zone": "us-east-1a",
"public": false,
"auto_assign_ip": true
}'Response:
{
"id": "subnet_xyz789",
"name": "private-app-1",
"vpc_id": "vpc_abc123",
"cidr_block": "10.0.2.0/24",
"availability_zone": "us-east-1a",
"public": false,
"created_at": "2026-03-01T12:00:00Z"
}List Subnets
curl -X GET "https://api.yourdomain.com/v1/subnets?vpc_id=vpc_abc123" \
-H "Authorization: Bearer $API_KEY"Update Subnet
curl -X PATCH https://api.yourdomain.com/v1/subnets/subnet_xyz789 \
-H "Authorization: Bearer $API_KEY" \
-H "Content-Type: application/json" \
-d '{"network_acl_id": "acl_def456"}'Delete Subnet
curl -X DELETE https://api.yourdomain.com/v1/subnets/subnet_xyz789 \
-H "Authorization: Bearer $API_KEY"Response: 204 No Content
Security Groups
Create Security Group
curl -X POST https://api.yourdomain.com/v1/security-groups \
-H "Authorization: Bearer $API_KEY" \
-H "Content-Type: application/json" \
-d '{
"name": "web-servers-sg",
"description": "Web and API servers",
"vpc_id": "vpc_abc123",
"inbound_rules": [
{
"protocol": "tcp",
"port_range": "443",
"source": "0.0.0.0/0"
}
],
"outbound_rules": [
{
"protocol": "all",
"destination": "0.0.0.0/0"
}
]
}'Response:
{
"id": "sg_xyz789",
"name": "web-servers-sg",
"vpc_id": "vpc_abc123",
"inbound_rules": [...],
"outbound_rules": [...],
"created_at": "2026-03-01T12:00:00Z"
}List Security Groups
curl -X GET "https://api.yourdomain.com/v1/security-groups?vpc_id=vpc_abc123" \
-H "Authorization: Bearer $API_KEY"Add Rule to Security Group
curl -X POST https://api.yourdomain.com/v1/security-groups/sg_xyz789/rules \
-H "Authorization: Bearer $API_KEY" \
-H "Content-Type: application/json" \
-d '{
"direction": "inbound",
"protocol": "tcp",
"port_range": "22",
"source": "10.0.0.0/8"
}'Delete Security Group
curl -X DELETE https://api.yourdomain.com/v1/security-groups/sg_xyz789 \
-H "Authorization: Bearer $API_KEY"Response: 204 No Content
Network ACLs
Create Network ACL
curl -X POST https://api.yourdomain.com/v1/network-acls \
-H "Authorization: Bearer $API_KEY" \
-H "Content-Type: application/json" \
-d '{
"name": "private-subnet-acl",
"vpc_id": "vpc_abc123",
"description": "NACL for private subnets"
}'Response:
{
"id": "acl_def456",
"name": "private-subnet-acl",
"vpc_id": "vpc_abc123",
"inbound_rules": [],
"outbound_rules": [],
"created_at": "2026-03-01T12:00:00Z"
}Add NACL Rule
curl -X POST https://api.yourdomain.com/v1/network-acls/acl_def456/rules \
-H "Authorization: Bearer $API_KEY" \
-H "Content-Type: application/json" \
-d '{
"rule_number": 100,
"direction": "inbound",
"protocol": "tcp",
"port_range": "443",
"cidr": "0.0.0.0/0",
"action": "allow"
}'List Network ACLs
curl -X GET "https://api.yourdomain.com/v1/network-acls?vpc_id=vpc_abc123" \
-H "Authorization: Bearer $API_KEY"VPC Peering
Create Peering Connection
curl -X POST https://api.yourdomain.com/v1/vpc-peering \
-H "Authorization: Bearer $API_KEY" \
-H "Content-Type: application/json" \
-d '{
"requester_vpc_id": "vpc_abc123",
"accepter_vpc_id": "vpc_def456",
"auto_accept": true
}'Response:
{
"id": "pcx_peer123",
"requester_vpc_id": "vpc_abc123",
"accepter_vpc_id": "vpc_def456",
"status": "active",
"created_at": "2026-03-01T12:00:00Z"
}Accept Peering (Cross-Account)
curl -X POST https://api.yourdomain.com/v1/vpc-peering/pcx_peer123/accept \
-H "Authorization: Bearer $API_KEY"List Peering Connections
curl -X GET "https://api.yourdomain.com/v1/vpc-peering?vpc_id=vpc_abc123" \
-H "Authorization: Bearer $API_KEY"Delete Peering Connection
curl -X DELETE https://api.yourdomain.com/v1/vpc-peering/pcx_peer123 \
-H "Authorization: Bearer $API_KEY"Response: 204 No Content
VPC Endpoints (Private Endpoints)
Create Private Endpoint
curl -X POST https://api.yourdomain.com/v1/vpc-endpoints \
-H "Authorization: Bearer $API_KEY" \
-H "Content-Type: application/json" \
-d '{
"name": "storage-private",
"service": "storage",
"vpc_id": "vpc_abc123",
"subnet_ids": ["subnet_xyz789"],
"security_group_ids": ["sg_xyz789"]
}'Response:
{
"id": "vpcpe_ep123",
"name": "storage-private",
"service": "storage",
"vpc_id": "vpc_abc123",
"private_ip": "10.0.2.100",
"dns_name": "storage.vpcpe_ep123.nfyio.internal",
"status": "available"
}List VPC Endpoints
curl -X GET "https://api.yourdomain.com/v1/vpc-endpoints?vpc_id=vpc_abc123" \
-H "Authorization: Bearer $API_KEY"Error Responses
All endpoints return errors in this format:
{
"error": {
"code": "InvalidCidrBlock",
"message": "CIDR block 10.0.0.0/16 overlaps with existing VPC",
"details": {}
}
}See Error Handling for full error code reference.
Next Steps
- VPC — VPC concepts and CIDR planning
- Security Groups — Rule configuration
- API Authentication — Authentication methods