It is time to say goodbye: This version of Elastic Cloud Enterprise has reached end-of-life (EOL) and is no longer supported.
The documentation for this version is no longer being maintained. If you are running this version, we strongly advise you to upgrade. For the latest information, see the current release documentation.
Filter IP traffic
editFilter IP traffic
editAfter you have defined your rule sets at the platform level, now you must associate them with deployments. You can apply multiple rule sets to each deployment and manage those associations at the deployment level.
Internal traffic between Kibana instances, APM Servers, and the Elasticsearch clusters is automatically allowed.
Filter traffic for deployments at 5.x or later
editYou can add IP filtering associations through the UI or the API for deployments at version 5.x or later.
- Log into the Cloud UI.
-
From the Deployments page, select your deployment.
Narrow the list by name, ID, or choose from several other filters. To further define the list, use a combination of filters.
- From your deployment menu, select Security.
- Click Apply rule set and then select the sets that you want.
- If the deployment had an existing Kibana instance, you must restart it.
All other traffic is now blocked.
Filter traffic for 2.4.6 deployments
editManage the IP filtering associations for deployments at version 2.4.6 through the API.
-
Get the rule set ID:
curl -X GET -u USERNAME:PASSWORD https://ECE_HOST:12433/api/v1/deployments/ip-filtering/rulesets
-
Get the cluster ID from the string at the end of the deployment page URL or use the API:
curl -X GET -u USERNAME:PASSWORD https://ECE_HOST:12433/api/v1/clusters/elasticsearch
-
Associate the rule set by running:
curl -X POST -u USERNAME:PASSWORD https://ECE_HOST:12433/api/v1/deployments/ip-filtering/rulesets/RULE_SET_ID/associations -H 'content-type: application/json' -d '{ "entity_type": "cluster", "id": "CLUSTER-ID" }'
-
RULE_SET_ID
- The rule set ID returned from step 1
-
CLUSTER-ID
- The cluster or deployment ID from step 2
-
Remove an association
editYou can remove a rule set association from a deployment use the UI or API. When all sets are gone, the deployment inbound traffic is unrestricted again.
To remove an association through the Cloud UI:
- Go to the deployment.
- On the Security page, under Action simply click the X.
To remove an association through the API:
-
Identify all rule sets associated with the deployment:
curl -X GET -u USERNAME:PASSWORD https://ECE_HOST:12433/api/v1/deployments/ip-filtering/associations/cluster/CLUSTER_ID/rulesets
-
For each rule set, run:
curl -X DELETE -u USERNAME:PASSWORD https://ECE_HOST:12433/api/v1/deployments/ip-filtering/rulesets/RULE_SET_ID/associations/cluster/CLUSTER_ID
If you want to remove the rule set from the platform, you’ll need remove all associations and then delete it.