ves-io-schema-fast_acl-API-Create

Examples of creating fast_acl

Usecase:

Create acmecorp-fast-acl to allow access to all VIPs in site from white list

Request using vesctl:

vesctl configuration create fast_acl -i fast_acl.yaml

where file fastacl.yaml has following contents (fastacl.CreateRequest):

metadata:
  name: acmecorp-fast-acl
  namespace: system
spec:
  legacyAcl:
    destinationType:
      vipServices: {}
    networkType:
      siteLocal: {}
    sourceRules:
    - name: fast-acl-rule-white-list
      namespace: system
      tenant: acmecorp

vesctl yaml response:

metadata:
  annotations: {}
  labels: {}
  name: acmecorp-fast-acl
  namespace: system
spec: {}
systemMetadata:
  creationTimestamp: "2021-02-22T15:43:49.810016500Z"
  creatorClass: examplesvc
  creatorId: examplesvc
  finalizers: []
  tenant: acmecorp
  uid: ac0d08c6-33ed-4d18-9c00-783016c72d95

Request using curl:

curl -X 'POST' -d '{"metadata":{"name":"acmecorp-fast-acl","namespace":"system"},"spec":{"legacyAcl":{"networkType":{"siteLocal":{}},"destinationType":{"vipServices":{}},"sourceRules":[{"tenant":"acmecorp","namespace":"system","name":"fast-acl-rule-white-list"}]}}}' -H 'Content-Type: application/json' -H 'X-Volterra-Useragent: v1/pgm=_tmp_go-build817539475_b001_apidocs.test/host=docker-desktop' 'https://acmecorp.console.ves.volterra.io/api/config/namespaces/system/fast_acls'

curl response:

HTTP/1.1 200 OK
Content-Length: 623
Content-Type: application/json
Date: Mon, 22 Feb 2021 15:43:49 GMT
Vary: Accept-Encoding

{
  "metadata": {
    "name": "acmecorp-fast-acl",
    "namespace": "system",
    "labels": {
    },
    "annotations": {
    },
    "description": "",
    "disable": false
  },
  "system_metadata": {
    "uid": "ac0d08c6-33ed-4d18-9c00-783016c72d95",
    "creation_timestamp": "2021-02-22T15:43:49.810016500Z",
    "deletion_timestamp": null,
    "modification_timestamp": null,
    "initializers": null,
    "finalizers": [
    ],
    "tenant": "acmecorp",
    "creator_class": "examplesvc",
    "creator_id": "examplesvc",
    "object_index": 0,
    "owner_view": null
  },
  "spec": {
    "protocol_policer": null
  }
}

Usecase:

Create fast-acl-1234vip to protect single destination IP

Request using vesctl:

vesctl configuration create fast_acl -i fast_acl.yaml

where file fastacl.yaml has following contents (fastacl.CreateRequest):

metadata:
  name: fast-acl-1234vip
  namespace: system
spec:
  legacyAcl:
    destinationType:
      vipServices: {}
    networkType:
      siteLocal: {}
    sourceRules:
    - name: fast-acl-1234vip-rule1
      namespace: system
      tenant: acmecorp
    - name: fast-acl-1234vip-rule2
      namespace: system
      tenant: acmecorp

vesctl yaml response:

metadata:
  annotations: {}
  labels: {}
  name: fast-acl-1234vip
  namespace: system
spec: {}
systemMetadata:
  creationTimestamp: "2021-02-22T15:43:49.815721900Z"
  creatorClass: examplesvc
  creatorId: examplesvc
  finalizers: []
  tenant: acmecorp
  uid: c5d4bb1f-9067-4767-8477-af04b629acf1

Request using curl:

curl -X 'POST' -d '{"metadata":{"name":"fast-acl-1234vip","namespace":"system"},"spec":{"legacyAcl":{"networkType":{"siteLocal":{}},"destinationType":{"vipServices":{}},"sourceRules":[{"tenant":"acmecorp","namespace":"system","name":"fast-acl-1234vip-rule1"},{"tenant":"acmecorp","namespace":"system","name":"fast-acl-1234vip-rule2"}]}}}' -H 'Content-Type: application/json' -H 'X-Volterra-Useragent: v1/pgm=_tmp_go-build817539475_b001_apidocs.test/host=docker-desktop' 'https://acmecorp.console.ves.volterra.io/api/config/namespaces/system/fast_acls'

curl response:

HTTP/1.1 200 OK
Content-Length: 622
Content-Type: application/json
Date: Mon, 22 Feb 2021 15:43:49 GMT
Vary: Accept-Encoding

{
  "metadata": {
    "name": "fast-acl-1234vip",
    "namespace": "system",
    "labels": {
    },
    "annotations": {
    },
    "description": "",
    "disable": false
  },
  "system_metadata": {
    "uid": "c5d4bb1f-9067-4767-8477-af04b629acf1",
    "creation_timestamp": "2021-02-22T15:43:49.815721900Z",
    "deletion_timestamp": null,
    "modification_timestamp": null,
    "initializers": null,
    "finalizers": [
    ],
    "tenant": "acmecorp",
    "creator_class": "examplesvc",
    "creator_id": "examplesvc",
    "object_index": 0,
    "owner_view": null
  },
  "spec": {
    "protocol_policer": null
  }
}