ves-io-schema-fast_acl-API-Create

Examples of creating fast_acl

Usecase:

Create acmecorp-fast-acl to allow access to all VIPs in site from white list

Request using vesctl:

vesctl configuration create fast_acl -i fast_acl.yaml

where file fast_acl.yaml has following contents (fast_acl.CreateRequest):

RequestJSON:

{
    "metadata": {
        "name": "acmecorp-fast-acl",
        "namespace": "system"
    },
    "spec": {
        "legacy_acl": {
            "network_type": {
                "site_local": {}
            },
            "destination_type": {
                "vip_services": {}
            },
            "source_rules": [
                {
                    "tenant": "acmecorp",
                    "namespace": "system",
                    "name": "fast-acl-rule-white-list"
                }
            ]
        }
    }
}

vesctl yaml response:

ResponseJSON:

{
    "metadata": {
        "name": "acmecorp-fast-acl",
        "namespace": "system",
        "labels": {},
        "annotations": {},
        "description": "",
        "disable": false
    },
    "system_metadata": {
        "uid": "ed558d28-7451-4db1-8141-846f3449520f",
        "creation_timestamp": "2022-09-23T13:12:07.585080971Z",
        "deletion_timestamp": null,
        "modification_timestamp": null,
        "initializers": null,
        "finalizers": [],
        "tenant": "acmecorp",
        "creator_class": "examplesvc",
        "creator_id": "examplesvc",
        "object_index": 0,
        "owner_view": null,
        "labels": {}
    },
    "spec": {
        "protocol_policer": null
    }
}

Request using curl:

curl -X 'POST' -d '{"metadata":{"name":"acmecorp-fast-acl","namespace":"system"},"spec":{"legacy_acl":{"network_type":{"site_local":{}},"destination_type":{"vip_services":{}},"source_rules":[{"tenant":"acmecorp","namespace":"system","name":"fast-acl-rule-white-list"}]}}}' -H 'Content-Type: application/json' -H 'X-Volterra-Useragent: v1/pgm=_tmp_go-build243329498_b001_apidocs.test/host=docker-desktop' 'https://acmecorp.console.ves.volterra.io/api/config/namespaces/system/fast_acls'

curl response:

HTTP/1.1 200 OK
Content-Length: 646
Content-Type: application/json
Date: Fri, 23 Sep 2022 13:12:07 GMT
Vary: Accept-Encoding

{
  "metadata": {
    "name": "acmecorp-fast-acl",
    "namespace": "system",
    "labels": {
    },
    "annotations": {
    },
    "description": "",
    "disable": false
  },
  "system_metadata": {
    "uid": "ed558d28-7451-4db1-8141-846f3449520f",
    "creation_timestamp": "2022-09-23T13:12:07.585080971Z",
    "deletion_timestamp": null,
    "modification_timestamp": null,
    "initializers": null,
    "finalizers": [
    ],
    "tenant": "acmecorp",
    "creator_class": "examplesvc",
    "creator_id": "examplesvc",
    "object_index": 0,
    "owner_view": null,
    "labels": {
    }
  },
  "spec": {
    "protocol_policer": null
  }
}

Usecase:

Create fast-acl-1234vip to protect single destination IP

Request using vesctl:

vesctl configuration create fast_acl -i fast_acl.yaml

where file fast_acl.yaml has following contents (fast_acl.CreateRequest):

RequestJSON:

{
    "metadata": {
        "name": "fast-acl-1234vip",
        "namespace": "system"
    },
    "spec": {
        "legacy_acl": {
            "network_type": {
                "site_local": {}
            },
            "destination_type": {
                "vip_services": {}
            },
            "source_rules": [
                {
                    "tenant": "acmecorp",
                    "namespace": "system",
                    "name": "fast-acl-1234vip-rule1"
                },
                {
                    "tenant": "acmecorp",
                    "namespace": "system",
                    "name": "fast-acl-1234vip-rule2"
                }
            ]
        }
    }
}

vesctl yaml response:

ResponseJSON:

{
    "metadata": {
        "name": "fast-acl-1234vip",
        "namespace": "system",
        "labels": {},
        "annotations": {},
        "description": "",
        "disable": false
    },
    "system_metadata": {
        "uid": "6ae7700e-82f9-4be6-b4eb-fef85a70e93b",
        "creation_timestamp": "2022-09-23T13:12:07.588159321Z",
        "deletion_timestamp": null,
        "modification_timestamp": null,
        "initializers": null,
        "finalizers": [],
        "tenant": "acmecorp",
        "creator_class": "examplesvc",
        "creator_id": "examplesvc",
        "object_index": 0,
        "owner_view": null,
        "labels": {}
    },
    "spec": {
        "protocol_policer": null
    }
}

Request using curl:

curl -X 'POST' -d '{"metadata":{"name":"fast-acl-1234vip","namespace":"system"},"spec":{"legacy_acl":{"network_type":{"site_local":{}},"destination_type":{"vip_services":{}},"source_rules":[{"tenant":"acmecorp","namespace":"system","name":"fast-acl-1234vip-rule1"},{"tenant":"acmecorp","namespace":"system","name":"fast-acl-1234vip-rule2"}]}}}' -H 'Content-Type: application/json' -H 'X-Volterra-Useragent: v1/pgm=_tmp_go-build243329498_b001_apidocs.test/host=docker-desktop' 'https://acmecorp.console.ves.volterra.io/api/config/namespaces/system/fast_acls'

curl response:

HTTP/1.1 200 OK
Content-Length: 645
Content-Type: application/json
Date: Fri, 23 Sep 2022 13:12:07 GMT
Vary: Accept-Encoding

{
  "metadata": {
    "name": "fast-acl-1234vip",
    "namespace": "system",
    "labels": {
    },
    "annotations": {
    },
    "description": "",
    "disable": false
  },
  "system_metadata": {
    "uid": "6ae7700e-82f9-4be6-b4eb-fef85a70e93b",
    "creation_timestamp": "2022-09-23T13:12:07.588159321Z",
    "deletion_timestamp": null,
    "modification_timestamp": null,
    "initializers": null,
    "finalizers": [
    ],
    "tenant": "acmecorp",
    "creator_class": "examplesvc",
    "creator_id": "examplesvc",
    "object_index": 0,
    "owner_view": null,
    "labels": {
    }
  },
  "spec": {
    "protocol_policer": null
  }
}