IP-Filtering API not showing rulesets

Hi there,

I am currently trying to script a few things for our ECE.
Right now I am hurdling with the API for IP-filtering.

curl -k -X GET -H "Authorization: Bearer mytoken" https://localhost:12443/api/v1/deployments/ip-filtering/rulesets
{
"rulesets":
}

I have a few rulesets created via the UI and I am able to put it manually to the deployments. But I need to script it. Is there a bug or am I doing it wrong.

Greetings
Malte

Hi @logger

in your example, that -X GET should be -X POST I think?

If that fails, can you show exactly what call you made and what the API replied (use ``` to avoid getting crazy markdown artefacts in your code!)

Alex

Hi
I used https://www.elastic.co/guide/en/cloud-enterprise/current/ece-filter-ip-traffic.html#ece-filter-ip-traffic for the example.

curl -X GET -u USERNAME:PASSWORD https://ECE_HOST:12433/api/v1/deployments/ip-filtering/rulesets

instead of username and Password I first created a token. And a wrong port is given in the docs I think. shouldn´t it be 12443 not 12433?

and the Response to curl -X GET -u USERNAME:PASSWORD https://ECE_HOST:12433/api/v1/deployments/ip-filtering/rulesets
is

{
  "rulesets": []
}

Apologies I misread the first post and thought you were trying to write to that endpoint, my bad.

We're looking into it now (and yes 12443 is correct, that's a typo in the docs, thanks for pointing out)

Did you say the UI was showing the rulesets?

If so, navigate to the /region/ece-region/security page, and bring up the network console in the browser.

You should see a call like /api/v1/regions/ece-region/deployments/ip-filtering/rulesets?include_associations=true

Try curling that from the command line? If that works, try removing include_associations. Are you the same user when logging in via the UI as you are from the API?

This is it. I was logged in as my private user but tried to curl with the admin user.

My user is in the platform-admin role. Why are the rulesets not visible for other admins?

If I try curling with my user I get
{"errors":[{"code":"root.unauthenticated","message":"The supplied authentication is invalid"}]}
I double checked my username and password. It is working in the UI but not with curl.

Sounds like a bug, I'm going to raise it internally. Can you use the same user as a workaround in the meantime

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.