Using the service-ip-allowlist commands
You can use the service-ip-allowlist commands to add, remove, and list
the IP addresses on your Developer Portal
allowlist
. IP addresses that are on the allowlist
are exempt from
being blocked by Developer Portal
security checks, for example, load balancer and proxy IPs.
- Log in as Cloud manager:
apic login --server management_server --realm admin/identity_provider --username admin --password cloud_password
You can determine which identity provider to use in the--realm
parameter by entering the following command to see a list of all available identity providers (you do not need to be logged in to use this command):
For example:apic identity-providers:list --scope admin --server mgmt_endpoint_url --fields title,realm
Theapic identity-providers:list --scope admin --server myserver.com --fields title,realm total_results: 2 results: - title: Cloud Manager User Registry realm: admin/default-idp-1 - title: Corporate LDAP user registry realm: admin/corporate-ldap
title
value should enable you to determine which identity provider to use; you can then copy the corresponding--realm
parameter directly from the displayedrealm
value. For any identity providers that were created by your administrator after API Connect was installed, the names will have been determined at creation time. The default Cloud Manager Local User Registry for login as a member of the cloud administration organization isdefault-idp-1
.For full details of the
apic login
command, see Logging in to a management server. - Add one or more IP addresses to the
allowlist
:apic --mode portaladmin service-ip-allowlist:add --server management_server --portal_service_name portal --ips "list_of_ips"
management_server
is the endpoint URL of the management server.portal
is the name of the portal service.list_of_ips
is a comma separated list of the IP addresses that you want to add to theallowlist
.
apic --mode portaladmin service-ip-allowlist:add --server my.management.server.com --portal_service_name my_portal_service --ips "123.456.34.56,123.456.46.67" Successfully added IP: 123.456.34.56. Successfully added IP: 123.456.46.67.
- Delete all of the IP addresses that are currently on the
allowlist
:apic --mode portaladmin service-ip-allowlist:delete --server management_server --portal_service_name portal
- List all of the IP addresses that are currently on the
allowlist
:apic --mode portaladmin service-ip-allowlist:list --server management_server --portal_service_name portal
- Remove one or more IP addresses from the
allowlist
:apic --mode portaladmin service-ip-allowlist:remove --server management_server --portal_service_name portal --ips "list_of_ips"