Hi Andrija, I've setup the CloudMonkey on my local host and done some experimentation. It turns out that the API does support specifying multiple ips/networks per single ACL. The gui reflects this and shows a comma separated list. So, it looks like I can do everything I want from the CloudMonkey.
what I've not tested is that it actually works and creates the fw rule on the virtual router. I will test that later on and revert back. Cheers ----- Original Message ----- > From: "Andrija Panic" <[email protected]> > To: "users" <[email protected]> > Sent: Friday, 3 May, 2019 17:04:24 > Subject: Re: Automating creation of ACLs > Hi Andrei, > > I didn't claim that work actually - did you test it, does it actually > works (if I understand correctly - you want in single rule to specify > multiple CIDR ranges instead of creating a rule for each CIDR range in > question) ? > > Best, > > > On Fri, 3 May 2019 at 17:36, Andrei Mikhailovsky <[email protected]> > wrote: > >> Hi Andrija, >> >> I wasn't aware the API supports creating ACLs with multiple networks / IP >> addresses. >> >> Andrei >> >> ----- Original Message ----- >> > From: "Andrija Panic" <[email protected]> >> > To: "users" <[email protected]> >> > Sent: Friday, 3 May, 2019 16:11:37 >> > Subject: Re: Automating creation of ACLs >> >> > Hi Andrei, >> > >> > perhaps I got something wrong, but why don't you use API to create needed >> > ACL rules ? >> > >> > Andrija >> > >> > On Fri, 3 May 2019 at 17:04, Andrei Mikhailovsky >> <[email protected]> >> > wrote: >> > >> >> Hello everyone, >> >> >> >> I have come across a need to create an ACLs that includes around 100 >> >> different IP addresses and network ranges for several services. Now, >> >> looking at the ACS gui, there is currently no way that I could find to >> >> create an ACL with multiple IP addresses / network ranges. Not sure why >> >> this hasn't been implemented. >> >> >> >> I am looking at a way to automate the creation of ACLs with CloudStack >> >> where ideally I could feed it a list of IP addresses and it would do its >> >> job at creating the ACLs. Otherwise it will take a day and sanity to do >> it >> >> manually. >> >> >> >> I am sure I am not the only one in the ACS community that requires a >> large >> >> set of ACLs. Could someone share their scripts / methods of achieving >> this? >> >> >> >> Thanks >> >> >> >> Andrei >> >> >> > >> > >> > -- >> > >> > Andrija Panić >> > > > -- > > Andrija Panić
