Access control to subnets works like this (and has been working like this for a long time):
- If you have a canister on a subnet you can create as many canisters on the subnet as you want. Simply use the management canister’s
create_canistermethod through a canister on that subnet. This is whatic_cdk::create_canisterdoes behind the scenes. - Otherwise you go through the CMC. The CMC has three lists/mappings of subnets:
- List of default subnets. If you use the CMC’s
notify_create_canisterorcreate_canisterwithout specifying any preferences for subnet selection your canister lands on a random subnet from this list. - Mapping of subnet type to subnets of that type. You can read this list with this function. If you select a subnet type in your subnet selection options your canister will be created on a random subnet in the list of this type.
- Mapping of principals to subnets. For subnets where only certain principals are allowed to create canisters, e.g. the NNS subnet. If you don’t specify a subnet selection option and your principal has an entry in this mapping you get a random subnet from this mapping
- List of default subnets. If you use the CMC’s
In other words: If you want your application to live on the european subnet you have to use the CMC to create the initial canister(s) for that dapp, and then if these canisters spawn new canisters they will all stay on that subnet