tencent cloud

Feedback

IP Access Control

Last updated: 2023-12-22 09:59:35

    Overview

    IP access control is a security protection capability provided by API Gateway. It is mainly used to restrict the source IPs of API callers. You can allow/reject API requests from a certain source by configuring the IP allowlist/blocklist of an API.
    Note:
    The original IP access control policy data has been migrated to the IP access control plugin, which can be managed on the Plugin page.

    Directions

    Step 1. Create the plugin

    1. Log in to the API Gateway console.
    2. Click Plugin on the left sidebar to open the plugin list page.
    3. Click Create in the top-left corner to create an IP access control plugin.
    
    
    

    Step 2. Bind an API and make the plugin effective

    1. Select the just created plugin in the list and click Bind API in the Operation column.
    2. In the Bind API pop-up window, select the service, environment, and the API to which the plugin needs to be bound.
    
    
    
    3. Click OK to bind the plugin to the API. At this time, the configuration of the plugin has taken effect for the API.

    PluginData

    {
    "type":"white_list", // IP access control type. Valid values: white_list: allowlist; black_list: blocklist
    "blocks":"1.1.1.1\\n1.1.1.0/24" // IP ranges separated with `\\n`
    "descriptions":{"1.1.1.1":"desc", "1.1.1.0/24":"desc"} // IP description, which is optional
    }
    

    Notes

    The IP access control plugin supports blocklist and allowlist modes. When the allowlist is used, requests from IPs not in the allowlist will be rejected by API Gateway; when the blocklist is used, requests from IPs in the blocklist will be rejected by API Gateway.
    Multiple IPs or CIDR blocks can be entered in the IP access control plugin, which should be separated with semicolons.
    You can add descriptions to IPs in the IP access control plugin in the descriptions field, which is optional.

    Limits

    Currently, a shared instance does not support access control of client IPs on the private network.
    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support