Configure Access Control Lists

API only: This feature is currently only available via API.

Prerequisites

• CURL
• An access token from the STACKIT Portal.
• Setting up the environmental variables to run the following CURL commands:

export AUTH_TOKEN=<your_access_token>
export PROJECT_ID=<your_project_id>
export INSTANCE_ID=<your_instance_id>

How to create a new entry in the Access Control List

To add a new range to the ACL, call the ACL endpoint with the POST method and provide a JSON body describing the IP address range that should be added.

curl -X POST -H "Authorization: Bearer $AUTH\_TOKEN" -H "Content-Type: application/json" -d '{"cidr": "127.0.0.0/24"}' https://secrets-manager.api.eu01.stackit.cloud/v1/projects/$PROJECT\_ID/instances/$INSTANCE\_ID/acls

This new entry will be assigned to an ID to be able to address it.

How to list the Access Control List

The ACL can be fetched using the ACL’s endpoint in the API.

curl -X GET -H "Authorization: Bearer $AUTH\_TOKEN" https://secrets-manager.api.eu01.stackit.cloud/v1/projects/$PROJECT\_ID/instances/$INSTANCE\_ID/acls

This will result in a JSON response looking like this:

{ "acls": [ { "id": "1e903a0c-e44a-4224-9f1f-ec849d010d01" "cidr": "127.0.0.0/24" },... ] }

How to update an entry in the Access Control List

To change an existing entry in the ACL call the ACL’s endpoint with the PUT method and ID of the ACL entry to overwrite the corresponding entry.

curl -X PUT -H "Authorization: Bearer $AUTH\_TOKEN" -H "Content-Type: application/json" -d '{"cidr": "127.0.0.0/25"}' https://secrets-manager.api.eu01.stackit.cloud/v1/projects/$PROJECT\_ID/instances/$INSTANCE\_ID/acls/

How to delete an entry from the Access Control List

To delete an entry from the ACL call the ACL’s endpoint with the DELETE method and the ID of the ACL entry in scope.

curl -X DELETE -H "Authorization: Bearer $AUTH\_TOKEN" https://secrets-manager.api.eu01.stackit.cloud/v1/projects/$PROJECT\_ID/instances/$INSTANCE\_ID/acls/