IP-Filtering API not showing rulesets

logger · October 29, 2019, 10:36am

Hi there,

I am currently trying to script a few things for our ECE.
Right now I am hurdling with the API for IP-filtering.

curl -k -X GET -H "Authorization: Bearer mytoken" https://localhost:12443/api/v1/deployments/ip-filtering/rulesets
{
"rulesets": [*]
}

I have a few rulesets created via the UI and I am able to put it manually to the deployments. But I need to script it. Is there a bug or am I doing it wrong.

Greetings
Malte

Alex_Piggott · October 29, 2019, 4:34pm

Hi @logger

in your example, that -X GET should be -X POST I think?

If that fails, can you show exactly what call you made and what the API replied (use ``` to avoid getting crazy markdown artefacts in your code!)

Alex

logger · October 29, 2019, 4:44pm

Hi
I used https://www.elastic.co/guide/en/cloud-enterprise/current/ece-filter-ip-traffic.html#ece-filter-ip-traffic for the example.

curl -X GET -u USERNAME:PASSWORD https://ECE_HOST:12433/api/v1/deployments/ip-filtering/rulesets

instead of username and Password I first created a token. And a wrong port is given in the docs I think. shouldn´t it be 12443 not 12433?

and the Response to curl -X GET -u USERNAME:PASSWORD https://ECE_HOST:12433/api/v1/deployments/ip-filtering/rulesets
is

{
  "rulesets": []
}

Alex_Piggott · October 29, 2019, 5:32pm

Apologies I misread the first post and thought you were trying to write to that endpoint, my bad.

We're looking into it now (and yes 12443 is correct, that's a typo in the docs, thanks for pointing out)

Alex_Piggott · October 29, 2019, 6:25pm

Did you say the UI was showing the rulesets?

If so, navigate to the /region/ece-region/security page, and bring up the network console in the browser.

You should see a call like /api/v1/regions/ece-region/deployments/ip-filtering/rulesets?include_associations=true

Try curling that from the command line? If that works, try removing include_associations. Are you the same user when logging in via the UI as you are from the API?

logger · October 30, 2019, 6:42am

This is it. I was logged in as my private user but tried to curl with the admin user.

My user is in the platform-admin role. Why are the rulesets not visible for other admins?

If I try curling with my user I get
{"errors":[{"code":"root.unauthenticated","message":"The supplied authentication is invalid"}]}
I double checked my username and password. It is working in the UI but not with curl.

Alex_Piggott · October 31, 2019, 7:26pm

Sounds like a bug, I'm going to raise it internally. Can you use the same user as a workaround in the meantime

system · November 14, 2019, 7:26pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
IP Filter on Cloud UI Elastic Cloud Enterprise (ECE)	2	655	November 20, 2019
Access restrictions Elastic Cloud Enterprise (ECE)	2	769	March 15, 2018
Removing failed ECE deployments in Cloud UI Elastic Cloud Enterprise (ECE)	5	1383	August 13, 2019
API Key, IP Filtering on ECE Elastic Cloud Enterprise (ECE) elastic-stack-security	3	801	November 28, 2019
Ip filtering on elastic cloud Endpoint Security	2	664	March 3, 2020

IP-Filtering API not showing rulesets

Related topics