Learn how to configure the Trusted IP List, which is a list of trusted IP addresses
that are allowed to access your tenant. You can add, delete, and unlock access.
Where Can I Use This? | What Do
I Need? |
|
IAM role of
Superuser, Multitenant Superuser, Multitenant IAM Admin,
or any custom role with the "Trusted IP List" permission
set
|
Cloud-delivered applications offer the convenience of accessibility from anywhere in
the world. However, this allows for exposure to risks such as access using stolen
credentials, dictionary attacks, and other forms of brute-force attacks to gain
access to the applications.
While
Identity and Access Management mitigates
some of this risk, you can use Trusted IP Lists to further restrict access to your
applications by specifying IP addresses that are allowed on a per tenant basis.
By default, during the creation of a new tenant, access is allowed to both the web interface and
the API from any IP address. The Trusted IP List is a list of trusted IP addresses
that are allowed to access a tenant. You can use a Trusted IP List to limit access
to a single tenant, or you can use it to limit access to a parent tenant and its
children in a multitenant hierarchy. In a multitenant hierarchy, you add the Trusted
IP List on the parent tenant, the list gets inherited from the parent tenant to its
child tenants, and is enforced from the top-down.
How to Manage a Trusted IP List from Strata Cloud Manager | How to Manage a Trusted IP List from the hub |
To manage a Trusted IP List from Strata Cloud Manager,
select .
You can manage Trusted IP Lists from Strata Cloud Manager
and the Strata Cloud Manager web interface and API will
allow access to only those trusted IPs.
|
To manage a Trusted IP List from the hub,
select .
You can manage Trusted IP Lists from the hub,
but the hub is exempt from the trusted IP
enforcement, so your access to the hub is
not restricted to the trusted IPs. If your IP address gets
blocked from a tenant on Strata Cloud Manager that you
should have access to, you can go to the hub
and unlock your
access if you have the listed permissions.
|