​
Select Service
ves-io-schema-fast_acl_rule-API-Create
Published April 5, 2023 | Last modified September 19, 2025
Examples of creating fast_acl_rule
Usecase:
Create fast-acl-rule-black-list-deny to deny traffic from source IPs defined black list by ves-io tenant
Request using vesctl:
vesctl configuration create fast_acl_rule -i fast_acl_rule.yaml
where file fast_acl_rule.yaml has following contents (fast_acl_rule.CreateRequest):
RequestJSON:
{
"metadata": {
"name": "fast-acl-rule-black-list-deny",
"namespace": "system"
},
"spec": {
"action": {
"simple_action": "DENY"
},
"ip_prefix_set": {
"ref": [
{
"kind": "ip_prefix_set",
"tenant": "ves-io",
"namespace": "shared",
"name": "ddos-black-list"
}
]
}
}
}
Copied!
vesctl yaml response:
ResponseJSON:
{
"metadata": {
"name": "fast-acl-rule-black-list-deny",
"namespace": "system",
"labels": {},
"annotations": {},
"description": "",
"disable": false
},
"system_metadata": {
"uid": "87ff7eb1-ea74-42ec-b147-31a5c7cf9600",
"creation_timestamp": "2025-09-19T02:00:05.588669Z",
"deletion_timestamp": null,
"modification_timestamp": null,
"initializers": null,
"finalizers": [],
"tenant": "acmecorp",
"creator_class": "examplesvc",
"creator_id": "examplesvc",
"object_index": 0,
"owner_view": null,
"labels": {}
},
"spec": {
"action": {
"simple_action": "DENY"
},
"port": [],
"ip_prefix_set": {
"ref": [
{
"kind": "ip_prefix_set",
"uid": "ffffffff-ffff-ffff-ffff-ffffffffffff",
"tenant": "ves-io",
"namespace": "shared",
"name": "ddos-black-list"
}
]
}
}
}
Copied!
Request using curl:
curl -X 'POST' -d '{"metadata":{"name":"fast-acl-rule-black-list-deny","namespace":"system"},"spec":{"action":{"simple_action":"DENY"},"ip_prefix_set":{"ref":[{"kind":"ip_prefix_set","tenant":"ves-io","namespace":"shared","name":"ddos-black-list"}]}}}' -H 'Content-Type: application/json' -H 'X-Volterra-Useragent: v1/pgm=_var_folders_q2_3kp8z3zs0x5_m7pk1bgb0_ph0000gp_T_go-build2850427035_b001_apidocs.test/host=MTY6VVHQPH/svc=S:examplesvc/site=mytestce01' 'https://acmecorp.console.ves.volterra.io/api/config/namespaces/system/fast_acl_rules'
Copied!
curl response:
HTTP/1.1 200 OK
Content-Length: 963
Content-Type: application/json
Date: Fri, 19 Sep 2025 02:00:05 GMT
Vary: Accept-Encoding
{
"metadata": {
"name": "fast-acl-rule-black-list-deny",
"namespace": "system",
"labels": {
},
"annotations": {
},
"description": "",
"disable": false
},
"system_metadata": {
"uid": "87ff7eb1-ea74-42ec-b147-31a5c7cf9600",
"creation_timestamp": "2025-09-19T02:00:05.588669Z",
"deletion_timestamp": null,
"modification_timestamp": null,
"initializers": null,
"finalizers": [
],
"tenant": "acmecorp",
"creator_class": "examplesvc",
"creator_id": "examplesvc",
"object_index": 0,
"owner_view": null,
"labels": {
}
},
"spec": {
"action": {
"simple_action": "DENY"
},
"port": [
],
"ip_prefix_set": {
"ref": [
{
"kind": "ip_prefix_set",
"uid": "ffffffff-ffff-ffff-ffff-ffffffffffff",
"tenant": "ves-io",
"namespace": "shared",
"name": "ddos-black-list"
}
]
}
}
}
Copied!
Usecase:
Create fast-acl-rule-white-list to accept traffic only from tenant created white list
Request using vesctl:
vesctl configuration create fast_acl_rule -i fast_acl_rule.yaml
where file fast_acl_rule.yaml has following contents (fast_acl_rule.CreateRequest):
RequestJSON:
{
"metadata": {
"name": "fast-acl-rule-white-list",
"namespace": "system"
},
"spec": {
"action": {
"simple_action": "ALLOW"
},
"ip_prefix_set": {
"ref": [
{
"kind": "ip_prefix_set",
"tenant": "acmecorp",
"namespace": "system",
"name": "acmecorp-white-list"
}
]
}
}
}
Copied!
vesctl yaml response:
ResponseJSON:
{
"metadata": {
"name": "fast-acl-rule-white-list",
"namespace": "system",
"labels": {},
"annotations": {},
"description": "",
"disable": false
},
"system_metadata": {
"uid": "6de94bb9-7810-4a12-8fd9-cbf5482affe5",
"creation_timestamp": "2025-09-19T02:00:05.594421Z",
"deletion_timestamp": null,
"modification_timestamp": null,
"initializers": null,
"finalizers": [],
"tenant": "acmecorp",
"creator_class": "examplesvc",
"creator_id": "examplesvc",
"object_index": 0,
"owner_view": null,
"labels": {}
},
"spec": {
"action": {
"simple_action": "ALLOW"
},
"port": [],
"ip_prefix_set": {
"ref": [
{
"kind": "ip_prefix_set",
"uid": "ffffffff-ffff-ffff-ffff-ffffffffffff",
"tenant": "acmecorp",
"namespace": "system",
"name": "acmecorp-white-list"
}
]
}
}
}
Copied!
Request using curl:
curl -X 'POST' -d '{"metadata":{"name":"fast-acl-rule-white-list","namespace":"system"},"spec":{"action":{"simple_action":"ALLOW"},"ip_prefix_set":{"ref":[{"kind":"ip_prefix_set","tenant":"acmecorp","namespace":"system","name":"acmecorp-white-list"}]}}}' -H 'Content-Type: application/json' -H 'X-Volterra-Useragent: v1/pgm=_var_folders_q2_3kp8z3zs0x5_m7pk1bgb0_ph0000gp_T_go-build2850427035_b001_apidocs.test/host=MTY6VVHQPH/svc=S:examplesvc/site=mytestce01' 'https://acmecorp.console.ves.volterra.io/api/config/namespaces/system/fast_acl_rules'
Copied!
curl response:
HTTP/1.1 200 OK
Content-Length: 965
Content-Type: application/json
Date: Fri, 19 Sep 2025 02:00:05 GMT
Vary: Accept-Encoding
{
"metadata": {
"name": "fast-acl-rule-white-list",
"namespace": "system",
"labels": {
},
"annotations": {
},
"description": "",
"disable": false
},
"system_metadata": {
"uid": "6de94bb9-7810-4a12-8fd9-cbf5482affe5",
"creation_timestamp": "2025-09-19T02:00:05.594421Z",
"deletion_timestamp": null,
"modification_timestamp": null,
"initializers": null,
"finalizers": [
],
"tenant": "acmecorp",
"creator_class": "examplesvc",
"creator_id": "examplesvc",
"object_index": 0,
"owner_view": null,
"labels": {
}
},
"spec": {
"action": {
"simple_action": "ALLOW"
},
"port": [
],
"ip_prefix_set": {
"ref": [
{
"kind": "ip_prefix_set",
"uid": "ffffffff-ffff-ffff-ffff-ffffffffffff",
"tenant": "acmecorp",
"namespace": "system",
"name": "acmecorp-white-list"
}
]
}
}
}
Copied!