cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrija Panic <andrija.pa...@gmail.com>
Subject Re: Automating creation of ACLs
Date Fri, 03 May 2019 16:04:24 GMT
Hi Andrei,

I didn't claim that work actually - did you test it,  does it actually
works (if I understand correctly - you want in single rule to specify
multiple CIDR ranges instead of creating a rule for each CIDR range in
question) ?

Best,


On Fri, 3 May 2019 at 17:36, Andrei Mikhailovsky <andrei@arhont.com.invalid>
wrote:

> Hi Andrija,
>
> I wasn't aware the API supports creating ACLs with multiple networks / IP
> addresses.
>
> Andrei
>
> ----- Original Message -----
> > From: "Andrija Panic" <andrija.panic@gmail.com>
> > To: "users" <users@cloudstack.apache.org>
> > Sent: Friday, 3 May, 2019 16:11:37
> > Subject: Re: Automating creation of ACLs
>
> > Hi Andrei,
> >
> > perhaps I got something wrong, but why don't you use API to create needed
> > ACL rules ?
> >
> > Andrija
> >
> > On Fri, 3 May 2019 at 17:04, Andrei Mikhailovsky
> <andrei@arhont.com.invalid>
> > wrote:
> >
> >> Hello everyone,
> >>
> >> I have come across a need to create an ACLs that includes around 100
> >> different IP addresses and network ranges for several services. Now,
> >> looking at the ACS gui, there is currently no way that I could find to
> >> create an ACL with multiple IP addresses / network ranges. Not sure why
> >> this hasn't been implemented.
> >>
> >> I am looking at a way to automate the creation of ACLs with CloudStack
> >> where ideally I could feed it a list of IP addresses and it would do its
> >> job at creating the ACLs. Otherwise it will take a day and sanity to do
> it
> >> manually.
> >>
> >> I am sure I am not the only one in the ACS community that requires a
> large
> >> set of ACLs. Could someone share their scripts / methods of achieving
> this?
> >>
> >> Thanks
> >>
> >> Andrei
> >>
> >
> >
> > --
> >
> > Andrija Panić
>


-- 

Andrija Panić

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message