|
| 1 | +--- |
| 2 | +meta: |
| 3 | + title: Managing allowed IP addresses for Kubernetes products |
| 4 | + description: Learn how to manage allowed IP addresses for your Kubernetes Kapsule and Kosmos clusters. Configure access restrictions with our step-by-step guide. |
| 5 | +content: |
| 6 | + h1: Managing allowed IP addresses for Kubernetes products |
| 7 | + paragraph: Learn how to manage allowed IP addresses for your Kubernetes Kapsule and Kosmos clusters. Configure access restrictions with our step-by-step guide. |
| 8 | +tags: kubernetes kapsule kosmos |
| 9 | +dates: |
| 10 | + validation: 2024-12-24 |
| 11 | + posted: 2024-12-24 |
| 12 | +categories: |
| 13 | + - containers |
| 14 | +--- |
| 15 | + |
| 16 | +Restricting IPs on Kubernetes Kapsule or Kosmos clusters enhances security by limiting access to only trusted sources. Since only IP addresses and networks specified by you can interact with your clusters, you reduce the risk of unauthorized access and potential attacks. |
| 17 | + |
| 18 | +The default entry `0.0.0.0/0` enables any host to establish a connection. |
| 19 | + |
| 20 | +<Macro id="requirements" /> |
| 21 | + |
| 22 | +- A Scaleway account logged into the [Scaleway console](https://console.scaleway.com) |
| 23 | +- [Owner](/identity-and-access-management/iam/concepts/#owner) status or [IAM permissions](/identity-and-access-management/iam/concepts/#permission) allowing actions in the intended Organization |
| 24 | +- [Created](/containers/kubernetes/how-to/create-cluster) a Kubernetes Kapsule or Kosmos cluster |
| 25 | + |
| 26 | +<Message type="note"> |
| 27 | + Allowed IP configuration is available for public networks only. |
| 28 | +</Message> |
| 29 | + |
| 30 | +## How to add an IP address |
| 31 | + |
| 32 | +1. Click **Kubernetes** in the **Containers** section of the [Scaleway console](https://console.scaleway.com). The **Kubernetes dashboard** appears. |
| 33 | +2. Select the cluster you wish to configure. The **Cluster information** page opens. |
| 34 | +3. Click the **Network** tab to display your cluster's network information. Your access control list appears in the **Allowed IPs for control plane** section. |
| 35 | +4. Click **Add allowed IP**. Enter the IP address or IP block in [CIDR notation](/network/ipam/concepts/#cidr-notation) (e.g., `198.51.100.135/32` for a single IP, `198.51.100.0/24` for an IP block), then click **Add IP(s)**. |
| 36 | + <Message type="note"> |
| 37 | + To restore default settings and allow connections from all IPs, add `0.0.0.0/0` to the list. |
| 38 | + </Message> |
| 39 | + |
| 40 | +<Message type="important"> |
| 41 | + For **Kosmos** multi-cloud clusters, allow connections from all Scaleway IP subnets to ensure proper functionality. Access from these IPs cannot be restricted. Refer to our [peering information](https://www.scaleway.com/en/peering/) for details on all Scaleway IP prefixes. |
| 42 | +</Message> |
| 43 | + |
| 44 | +## How to delete an IP address |
| 45 | + |
| 46 | +1. Click **Kubernetes** in the **Containers** section of the [Scaleway console](https://console.scaleway.com). The **Kubernetes dashboard** appears. |
| 47 | +2. Select the cluster you wish to configure. The **Cluster information** page opens. |
| 48 | +3. Click the **Network** tab to display your cluster's network information. Your access control list appears in the **Allowed IPs for control plane** section. |
| 49 | +4. Locate the IP address in your allowed list. |
| 50 | +5. Click <Icon name="delete" /> next to the IP you want to delete. Confirm by typing **DELETE** in the pop-up, then click **Delete allowed IP** to confirm deletion. |
0 commit comments