Manage traffic filtering through the API
editManage traffic filtering through the APIedit
This example demonstrates how to use the Elastic Cloud Enterprise RESTful API to manage different types of traffic filters. We cover the following examples:
Read through the main Traffic Filtering page to learn about the general concepts behind filtering access to your Elastic Cloud Enterprise deployments.
Create a traffic filter rule setedit
IP traffic filter ingress rule setedit
Send a request like the following to create an IP traffic filter ingress rule set:
curl \ -H "Authorization: ApiKey $API_KEY" \ -H 'content-type: application/json' \ https://$COORDINATOR_HOST:12443/api/v1/deployments/traffic-filter/rulesets \ -d ' { "name": "My IP filtering Ingress Rule Set", "region": "ece-region", "description": "", "type": "ip", "rules": [ { "description": "Allow inbound traffic from IP address 192.168.131.0", "source": "192.168.131.0" }, { "description": "Allow inbound traffic within CIDR block 192.168.132.6/22", "source": "192.168.132.6/22" } ], "include_by_default": false } '
If the request is successful, a response containing a $RULESET_ID is returned. $RULESET_ID is required to update or delete the rule set itself, or it can be used to associate the rule set to a deployment.
{ "id" : "5470a0010ebf437bb9294ea9fcba0ba0" }
Update a traffic filter rule setedit
Send a request like the following to update an IP traffic filter ingress rule set:
curl -XPUT \ -H "Authorization: ApiKey $API_KEY" \ -H 'content-type: application/json' \ https://$COORDINATOR_HOST:12443/api/v1/deployments/traffic-filter/rulesets/$RULESET_ID \ -d ' { "name": "My IP filtering Ingress Rule Set", "region": "ece-region", "description": "", "type": "ip", "rules": [ { "description": "Allow inbound traffic from IP address 192.168.131.0", "source": "192.168.131.0" }, { "description": "Allow inbound traffic within CIDR block 192.168.132.6/22", "source": "192.168.132.6/22" } ], "include_by_default": true } '
Associate a rule set with a deploymentedit
Send a request like the following to associate a rule set with a deployment:
curl -XPOST \ -H "Authorization: ApiKey $API_KEY" \ -H 'content-type: application/json' \ https://$COORDINATOR_HOST:12443/api/v1/deployments/traffic-filter/rulesets/$RULESET_ID/associations \ -d ' { "entity_type" : "deployment", "id" : "'"$DEPLOYMENT_ID"'" } '
Delete a rule set association with a deploymentedit
Send a request like the following to delete a rule set association with a deployment:
curl -XDELETE \ -H "Authorization: ApiKey $API_KEY" \ -H 'content-type: application/json' \ https://$COORDINATOR_HOST:12443/api/v1/deployments/traffic-filter/rulesets/$RULESET_ID/associations/deployment/$DEPLOYMENT_ID \
Delete a traffic filter rule setedit
Send a request like the following to delete a traffic filter rule set:
curl -XDELETE \ -H "Authorization: ApiKey $API_KEY" \ https://$COORDINATOR_HOST:12443/api/v1/deployments/traffic-filter/rulesets/$RULESET_ID \