​
Select Service
ves-io-schema-fast_acl_rule-API-Create
Published April 5, 2023 | Last modified June 24, 2026
Examples of creating fast_acl_rule
Usecase:
Create fast-acl-rule-black-list-deny to deny traffic from source IPs defined black list by ves-io tenant
Request using vesctl:
vesctl configuration create fast_acl_rule -i fast_acl_rule.yaml
where file fast_acl_rule.yaml has following contents (fast_acl_rule.CreateRequest):
RequestJSON:
{ "metadata": { "name": "fast-acl-rule-black-list-deny", "namespace": "system" }, "spec": { "action": { "simple_action": "DENY" }, "ip_prefix_set": { "ref": [ { "kind": "ip_prefix_set", "tenant": "ves-io", "namespace": "shared", "name": "ddos-black-list" } ] } }}vesctl yaml response:
ResponseJSON:
{ "metadata": { "name": "fast-acl-rule-black-list-deny", "namespace": "system", "labels": {}, "annotations": {}, "description": "", "disable": false }, "system_metadata": { "uid": "6fec969c-66fb-412b-8f51-f278531a42ac", "creation_timestamp": "2026-06-19T22:03:02.616301Z", "deletion_timestamp": null, "modification_timestamp": null, "initializers": null, "finalizers": [], "tenant": "acmecorp", "creator_class": "examplesvc", "creator_id": "examplesvc", "object_index": 0, "owner_view": null, "labels": {} }, "spec": { "action": { "simple_action": "DENY" }, "port": [], "ip_prefix_set": { "ref": [ { "kind": "ip_prefix_set", "uid": "ffffffff-ffff-ffff-ffff-ffffffffffff", "tenant": "ves-io", "namespace": "shared", "name": "ddos-black-list" } ] } }}Request using curl:
curl -X 'POST' -d '{"metadata":{"name":"fast-acl-rule-black-list-deny","namespace":"system"},"spec":{"action":{"simple_action":"DENY"},"ip_prefix_set":{"ref":[{"kind":"ip_prefix_set","tenant":"ves-io","namespace":"shared","name":"ddos-black-list"}]}}}' -H 'Content-Type: application/json' -H 'X-Volterra-Useragent: v1/pgm=_var_folders_q2_3kp8z3zs0x5_m7pk1bgb0_ph0000gp_T_go-build1655461974_b001_apidocs.test/host=MTY6VVHQPH/svc=S:examplesvc/site=mytestce01' 'https://acmecorp.console.ves.volterra.io/api/config/namespaces/system/fast_acl_rules'curl response:
HTTP/1.1 200 OKContent-Length: 963Content-Type: application/jsonDate: Fri, 19 Jun 2026 22:03:02 GMTVary: Accept-Encoding
{ "metadata": { "name": "fast-acl-rule-black-list-deny", "namespace": "system", "labels": { }, "annotations": { }, "description": "", "disable": false }, "system_metadata": { "uid": "6fec969c-66fb-412b-8f51-f278531a42ac", "creation_timestamp": "2026-06-19T22:03:02.616301Z", "deletion_timestamp": null, "modification_timestamp": null, "initializers": null, "finalizers": [ ], "tenant": "acmecorp", "creator_class": "examplesvc", "creator_id": "examplesvc", "object_index": 0, "owner_view": null, "labels": { } }, "spec": { "action": { "simple_action": "DENY" }, "port": [ ], "ip_prefix_set": { "ref": [ { "kind": "ip_prefix_set", "uid": "ffffffff-ffff-ffff-ffff-ffffffffffff", "tenant": "ves-io", "namespace": "shared", "name": "ddos-black-list" } ] } }}Usecase:
Create fast-acl-rule-white-list to accept traffic only from tenant created white list
Request using vesctl:
vesctl configuration create fast_acl_rule -i fast_acl_rule.yaml
where file fast_acl_rule.yaml has following contents (fast_acl_rule.CreateRequest):
RequestJSON:
{ "metadata": { "name": "fast-acl-rule-white-list", "namespace": "system" }, "spec": { "action": { "simple_action": "ALLOW" }, "ip_prefix_set": { "ref": [ { "kind": "ip_prefix_set", "tenant": "acmecorp", "namespace": "system", "name": "acmecorp-white-list" } ] } }}vesctl yaml response:
ResponseJSON:
{ "metadata": { "name": "fast-acl-rule-white-list", "namespace": "system", "labels": {}, "annotations": {}, "description": "", "disable": false }, "system_metadata": { "uid": "19018dbc-8146-4108-8cd1-bb95820ee3eb", "creation_timestamp": "2026-06-19T22:03:02.628068Z", "deletion_timestamp": null, "modification_timestamp": null, "initializers": null, "finalizers": [], "tenant": "acmecorp", "creator_class": "examplesvc", "creator_id": "examplesvc", "object_index": 0, "owner_view": null, "labels": {} }, "spec": { "action": { "simple_action": "ALLOW" }, "port": [], "ip_prefix_set": { "ref": [ { "kind": "ip_prefix_set", "uid": "ffffffff-ffff-ffff-ffff-ffffffffffff", "tenant": "acmecorp", "namespace": "system", "name": "acmecorp-white-list" } ] } }}Request using curl:
curl -X 'POST' -d '{"metadata":{"name":"fast-acl-rule-white-list","namespace":"system"},"spec":{"action":{"simple_action":"ALLOW"},"ip_prefix_set":{"ref":[{"kind":"ip_prefix_set","tenant":"acmecorp","namespace":"system","name":"acmecorp-white-list"}]}}}' -H 'Content-Type: application/json' -H 'X-Volterra-Useragent: v1/pgm=_var_folders_q2_3kp8z3zs0x5_m7pk1bgb0_ph0000gp_T_go-build1655461974_b001_apidocs.test/host=MTY6VVHQPH/svc=S:examplesvc/site=mytestce01' 'https://acmecorp.console.ves.volterra.io/api/config/namespaces/system/fast_acl_rules'curl response:
HTTP/1.1 200 OKContent-Length: 965Content-Type: application/jsonDate: Fri, 19 Jun 2026 22:03:02 GMTVary: Accept-Encoding
{ "metadata": { "name": "fast-acl-rule-white-list", "namespace": "system", "labels": { }, "annotations": { }, "description": "", "disable": false }, "system_metadata": { "uid": "19018dbc-8146-4108-8cd1-bb95820ee3eb", "creation_timestamp": "2026-06-19T22:03:02.628068Z", "deletion_timestamp": null, "modification_timestamp": null, "initializers": null, "finalizers": [ ], "tenant": "acmecorp", "creator_class": "examplesvc", "creator_id": "examplesvc", "object_index": 0, "owner_view": null, "labels": { } }, "spec": { "action": { "simple_action": "ALLOW" }, "port": [ ], "ip_prefix_set": { "ref": [ { "kind": "ip_prefix_set", "uid": "ffffffff-ffff-ffff-ffff-ffffffffffff", "tenant": "acmecorp", "namespace": "system", "name": "acmecorp-white-list" } ] } }}