Hello everyone, I hope everything is well with you. I was wondering how I could dynamically whitelist IP addresses using access control as in my current scenarios. What I'm doing is creating a kvm and storing the IP in a variable, then retrieving this IP from the kvm and storing it in a variable, then passing this variable to the access entity policy, however this is just for a single IP;
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<KeyValueMapOperations async="false" continueOnError="false" enabled="true" name="Key-Value-Map-Operations-1" mapIdentifier="Dynamic_IP">
<DisplayName>Key Value Map Operations-1</DisplayName>
<Properties/>
<ExclusiveCache>false</ExclusiveCache>
<ExpiryTimeInSecs>300</ExpiryTimeInSecs>
<Get assignTo="ip">
<Key>
<Parameter>kvm.ip.value</Parameter>
</Key>
</Get>
<Get assignTo="i">
<Key>
<Parameter>ip1</Parameter>
</Key>
</Get>
<Scope>environment</Scope>
</KeyValueMapOperations>
and then I use access entity polices
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<AccessControl async="false" continueOnError="false" enabled="true" name="Access-Control-1">
<DisplayName>Access Control-1</DisplayName>
<Properties/>
<IPRules noRuleMatchAction="ALLOW">
<MatchRule action="DENY">
<SourceAddress mask="32">{ip}</SourceAddress>
</MatchRule>
</IPRules>
</AccessControl>
but how can I whitelist 100s of IPs? I am happy to create 100s of entry of in the same KVM but the thing is that how can i fetch all the 100s of kvm entries(IP) at a time, If we create 100s of variable in the KVM policy that would be tricky and might be cause of problematics I don't want to create separate variable for separate KVM entries in the Policy.
User | Count |
---|---|
1 | |
1 | |
1 | |
1 | |
1 |