Manage traffic filtering through the APIedit
This example demonstrates how to use the Elastic Cloud Enterprise RESTful API to manage different types of traffic filters. We cover the following examples:
Read through the main Traffic Filtering page to learn about the general concepts behind filtering access to your Elastic Cloud Enterprise deployments.
Create a traffic filter rule setedit
IP traffic filter ingress rule setedit
Send a request like the following to create an IP traffic filter ingress rule set:
curl \ -H "Authorization: ApiKey $API_KEY" \ -H 'content-type: application/json' \ https://$COORDINATOR_HOST:12443/api/v1/deployments/traffic-filter/rulesets \ -d ' { "name": "My IP filtering Ingress Rule Set", "region": "ece-region", "description": "", "type": "ip", "rules": [ { "description": "Allow inbound traffic from IP address 192.168.131.0", "source": "192.168.131.0" }, { "description": "Allow inbound traffic within CIDR block 192.168.132.6/22", "source": "192.168.132.6/22" } ], "include_by_default": false } '
If the request is successful, a response containing a $RULESET_ID is returned. $RULESET_ID is required to update or delete the rule set itself, or it can be used to associate the rule set to a deployment.
{ "id" : "5470a0010ebf437bb9294ea9fcba0ba0" }
Update a traffic filter rule setedit
Send a request like the following to update an IP traffic filter ingress rule set:
curl -XPUT \ -H "Authorization: ApiKey $API_KEY" \ -H 'content-type: application/json' \ https://$COORDINATOR_HOST:12443/api/v1/deployments/traffic-filter/rulesets/$RULESET_ID \ -d ' { "name": "My IP filtering Ingress Rule Set", "region": "ece-region", "description": "", "type": "ip", "rules": [ { "description": "Allow inbound traffic from IP address 192.168.131.0", "source": "192.168.131.0" }, { "description": "Allow inbound traffic within CIDR block 192.168.132.6/22", "source": "192.168.132.6/22" } ], "include_by_default": true } '
Associate a rule set with a deploymentedit
Send a request like the following to associate a rule set with a deployment:
curl -XPOST \ -H "Authorization: ApiKey $API_KEY" \ -H 'content-type: application/json' \ https://$COORDINATOR_HOST:12443/api/v1/deployments/traffic-filter/rulesets/$RULESET_ID/associations \ -d ' { "entity_type" : "deployment", "id" : "'"$DEPLOYMENT_ID"'" } '
Delete a rule set association with a deploymentedit
Send a request like the following to delete a rule set association with a deployment:
curl -XDELETE \ -H "Authorization: ApiKey $API_KEY" \ -H 'content-type: application/json' \ https://$COORDINATOR_HOST:12443/api/v1/deployments/traffic-filter/rulesets/$RULESET_ID/associations/deployment/$DEPLOYMENT_ID \
Delete a traffic filter rule setedit
Send a request like the following to delete a traffic filter rule set:
curl -XDELETE \ -H "Authorization: ApiKey $API_KEY" \ https://$COORDINATOR_HOST:12443/api/v1/deployments/traffic-filter/rulesets/$RULESET_ID \