Updates the IP address whitelist for access to the Kibana console of a specified Elasticsearch cluster.
Usage notes
- Before you call this operation, make sure that the instance is not in the activating, invalid, or inactive state.
- You can update the whitelist in two ways: IP address whitelist list and IP address
whitelist group. The two methods cannot be used at the same time. In addition to InstanceId
and clientToken, the two methods support different parameters, as follows:
- IP address whitelist list: kibanaIPWhitelist
- IP address whitelist groups: modifyMode and whiteIpGroup
- Public network access whitelists do not support configuring private IP addresses. Private network access whitelists do not support configuring public IP addresses.
Debugging
Request headers
This operation uses only common request headers. For more information, see Common request headers.
Request syntax
PATCH|POST /openapi/instances/{InstanceId}/kibana-white-ips HTTP/1.1
Request parameters
Parameter | Type | Position | Required | Example | Description |
---|---|---|---|---|---|
InstanceId | String | Path | Yes | es-cn-tl329rbpc0001**** |
The ID of the instance. |
clientToken | String | Query | No | 5A2CFF0E-5718-45B5-9D4D-70B3FF**** |
The client token that is used to ensure the idempotence of the request. You can use the client to generate the value, but you must make sure that it is unique among different requests. The token can contain only ASCII characters and cannot exceed 64 characters in length. |
modifyMode | String | Query | No | Cover |
The modification method. Valid values:
|
Object | Body | No |
The body of the request. |
||
kibanaIPWhitelist | Array of String | Body | No | ["110.0.XX.XX/8"] |
The list of IP address whitelists. This parameter is available if whiteIpGroup is left empty. The value of this parameter updates the IP address whitelist configurations in the Default whitelist group. You cannot configure both kibanaIPWhitelist and whiteIpGroup. |
whiteIpGroup | Object | Body | No |
You can use a whitelist group to update the configuration of a Kibana whitelist. You can update only one whitelist group. You cannot configure both kibanaIPWhitelist and whiteIpGroup. |
|
groupName | String | Body | No | test_group_name |
The group name of the whitelist group. This parameter is required if the whiteIpGroup parameter is optional. |
whiteIpType | String | Body | No | PUBLIC_KIBANA |
The type of the whitelist. Only PUBLIC_KIBANA (public network whitelist) is supported. |
ips | Array of String | Body | No | ["0.0.0.0", "10.2.XX.XX"] |
The list of IP addresses in the whitelist group. This parameter is required if the whiteIpGroup parameter is optional. |
- If the modifyMode parameter is set to Cover, the whitelist group is deleted if ips is empty. If groupName is not in the list of existing whitelist group names, a whitelist group is created.
- If the modifyMode parameter is set to Delete, you must retain at least one IP address for the deleted ips.
- If the modifyMode parameter is set to Append, make sure that the whitelist group name has been created. Otherwise, the NotFound error message appears.
Response parameters
Parameter | Type | Example | Description |
---|---|---|---|
RequestId | String | E5EF11F1-DBAE-4020-AC24-DFA6C4345CAE |
The ID of the request. |
Result | Object |
Returns the details of the corresponding Elasticsearch instance. |
|
kibanaPrivateIPWhitelist | Array of String | [ "192.168.XX.XX/24" ] |
The list of Kibana private network access whitelists. |
kibanaIPWhitelist | Array of String | ["0.0.XX.XX", "10.2.XX.XX", "110.0.XX.XX/9"] |
The list of Kibana access whitelists. |
networkConfig | Object |
The network configuration information. |
|
vpcId | String | vpc-bp1jy348ibzulk6hn**** |
The ID of the virtual private cloud (VPC). |
vswitchId | String | vsw-bp1a0mifpletdd1da**** |
The ID of the vSwitch to which the instance is connected. |
vsArea | String | cn-hangzhou-h |
The ID of region in which you want to create the instance. |
type | String | vpc |
The network type of the instance. Valid values: |
whiteIpGroupList | Array of whiteIpGroupList |
The list of whitelists. |
|
groupName | String | test_group_name |
The name of the whitelist group. |
ips | Array of String | ["0.0.0.0", "10.2.XX.XX"] |
The list of IP addresses in the whitelist group. |
whiteIpType | String | PUBLIC_KIBANA |
The type of the whitelist. |
Examples
Sample requests
PATCH /openapi/instances/es-cn-tl329rbpc0001****/kibana-white-ips HTTP/1.1
Host:elasticsearch.aliyuncs.com
Content-Type:application/json
{
"kibanaIPWhitelist": [
"110.0.XX.XX/8"
]
}
Or
{
"whiteIpGroup": {
"groupName": "test_group_name",
"ips": [
"0.0.0.0",
"10.2.XX.XX"
]
}
}
Sample responses
JSON
format
HTTP/1.1 200 OK
Content-Type:application/json
{
"Result" : {
"instanceId" : "es-cn-tl329rbpc0001****",
"version" : "7.10.0_with_X-Pack",
"description" : "lrr",
"nodeAmount" : 0,
"paymentType" : "postpaid",
"status" : "active",
"privateNetworkIpWhiteList" : [ "11.22.XX.XX", "0.0.XX.XX/0" ],
"enablePublic" : false,
"nodeSpec" : { },
"dataNode" : false,
"networkConfig" : {
"vpcId" : "vpc-bp1jy348ibzulk6hn****",
"vswitchId" : "vsw-bp1a0mifpletdd1da****",
"vsArea" : "cn-hangzhou-h",
"whiteIpGroupList" : [ {
"groupName" : "default",
"ips" : [ "0.0.XX.XX/0", "11.22.XX.XX" ],
"whiteIpType" : "PRIVATE_ES"
}, {
"groupName" : "default",
"ips" : [ "110.0.XX.XX/9" ],
"whiteIpType" : "PUBLIC_KIBANA"
}, {
"groupName" : "default",
"ips" : [ "192.168.XX.XX/24" ],
"whiteIpType" : "PRIVATE_KIBANA"
}, {
"groupName" : "test_group_name",
"ips" : [ "0.0.XX.XX", "10.2.XX.XX" ],
"whiteIpType" : "PUBLIC_KIBANA"
} ],
"type" : "vpc"
},
"createdAt" : "2021-07-21T01:29:38.510Z",
"updatedAt" : "2021-07-21T06:12:12.370Z",
"commodityCode" : "elasticsearch",
"extendConfigs" : [ {
"configType" : "usageScenario",
"value" : "log"
}, {
"configType" : "maintainTime",
"maintainStartTime" : "02:00Z",
"maintainEndTime" : "06:00Z"
}, {
"configType" : "aliVersion",
"aliVersion" : "ali1.4.0"
}, {
"configType" : "followCube",
"followClusterEnabled" : true
} ],
"endTime" : 4782556800000,
"clusterTasks" : [ ],
"vpcInstanceId" : "es-cn-tl329rbpc0001****-worker",
"resourceGroupId" : "rg-acfmxxkk2p7****",
"zoneCount" : 1,
"protocol" : "HTTP",
"zoneInfos" : [ {
"zoneId" : "cn-hangzhou-h",
"status" : "NORMAL"
} ],
"instanceType" : "elasticsearch",
"inited" : true,
"tags" : [ {
"tagKey" : "acs:rm:rgId",
"tagValue" : "rg-acfmxxkk2p7****"
} ],
"serviceVpc" : true,
"domain" : "es-cn-tl329rbpc0001****.elasticsearch.aliyuncs.com",
"port" : 9200,
"esVersion" : "7.10.0_with_X-Pack",
"esConfig" : {
"action.destructive_requires_name" : "true",
"xpack.watcher.enabled" : "false",
"action.auto_create_index" : "+.*,-*"
},
"esIPWhitelist" : [ "11.22.XX.XX", "0.0.XX.XX/0" ],
"esIPBlacklist" : [ ],
"kibanaProtocol" : "HTTPS",
"kibanaIPWhitelist" : [ "0.0.0.0", "10.2.XX.XX", "110.0.XX.XX/9" ],
"kibanaPrivateIPWhitelist" : [ "192.168.XX.XX/24" ],
"publicIpWhitelist" : [ ],
"kibanaDomain" : "es-cn-tl329rbpc0001****.kibana.elasticsearch.aliyuncs.com",
"kibanaPort" : 5601,
"kibanaPrivateDomain" : "es-cn-tl329rbpc0001****-kibana.internal.elasticsearch.aliyuncs.com",
"kibanaPrivatePort" : 5601,
"haveKibana" : true,
"instanceCategory" : "IS",
"dedicateMaster" : false,
"advancedDedicateMaster" : false,
"masterConfiguration" : { },
"haveClientNode" : false,
"warmNode" : true,
"warmNodeConfiguration" : {
"spec" : "elasticsearch.d1.2xlarge",
"amount" : 3
},
"clientNodeConfiguration" : { },
"kibanaConfiguration" : {
"spec" : "elasticsearch.n4.small",
"amount" : 1,
"disk" : 0
},
"elasticDataNodeConfiguration" : { },
"haveElasticDataNode" : false,
"dictList" : [ {
"name" : "SYSTEM_MAIN.dic",
"fileSize" : 2782602,
"sourceType" : "ORIGIN",
"type" : "MAIN"
}, {
"name" : "SYSTEM_STOPWORD.dic",
"fileSize" : 132,
"sourceType" : "ORIGIN",
"type" : "STOP"
} ],
"synonymsDicts" : [ ],
"ikHotDicts" : [ ],
"aliwsDicts" : [ ],
"haveGrafana" : false,
"haveCerebro" : false,
"enableKibanaPublicNetwork" : true,
"enableKibanaPrivateNetwork" : true,
"advancedSetting" : {
"gcName" : "CMS"
},
"enableMetrics" : true,
"readWritePolicy" : {
"writeHa" : false
}
},
"RequestId" : "E815C5C9-E82D-4B10-BDE0-D25340C2ACEF"
}
Error codes
For a list of error codes, visit the API Error Center.