feat(k8s): add acl docs

bene2k1 · bene2k1 · commit 1c8dccc7490f · 2024-07-10T11:33:49.000+02:00
diff --git a/containers/kubernetes/how-to/manage-allowed-ips.mdx b/containers/kubernetes/how-to/manage-allowed-ips.mdx
@@ -0,0 +1,49 @@
+---
+meta:
+  title: Managing allowed IP addresses for Kubernetes products
+  description: Learn how to manage allowed IP addresses for your Kubernetes Kapsule and Kosmos clusters. Configure access restrictions efficiently with our step-by-step guide.
+content:
+  h1: Managing allowed IP addresses for Kubernetes products
+  paragraph: Learn how to manage allowed IP addresses for your Kubernetes Kapsule and Kosmos clusters. Configure access restrictions efficiently with our step-by-step guide.
+tags: kubernetes kapsule kosmos
+dates:
+  validation: 2024-07-10
+  posted: 2024-07-10
+categories:
+  - containers
+---
+
+Restricting IPs on Kubernetes Kapsule or Kosmos clusters enhances security by limiting access to only trusted sources, thereby reducing the risk of unauthorized access and potential attacks.
+This control ensures that only specific IP addresses or networks can interact with your clusters, providing an additional layer of protection.
+The default entry `0.0.0.0/0` enables any host to establish a connection.
+
+<Macro id="requirements" />
+
+- Scaleway account logged into the [Scaleway console](https://console.scaleway.com)
+- [Owner](/identity-and-access-management/iam/concepts/#owner) status or [IAM permissions](/identity-and-access-management/iam/concepts/#permission) allowing actions in the intended Organization
+- [Created](/containers/kubernetes/how-to/create-cluster) a Kubernetes Kapsule or Kosmos cluster
+
+<Message type="note">
+  Allowed IP configuration is available for public networks only.
+</Message>
+
+## How to add an IP address
+
+1. Click **Kubernetes** in the **Containers** section of the [Scaleway console](https://console.scaleway.com). The Kubernetes Kapsule dashboard appears.
+2. Select the cluster you wish to configure. The **Cluster information** page opens.
+3. Click the **Allowed IPs** tab to view your current list.
+4. Click **Add allowed IP**. Enter the IP address or IP block in CIDR format (e.g. `198.51.100.135/32` for a single IP, `198.51.100.0/24` for an IP block).
+    <Message type="note">
+      To restore default settings and allow connections from all IPs, add `0.0.0.0/0` to the list.
+    </Message>
+
+<Message type="important">
+    For **Kosmos** multi-cloud clusters, allow connections from all Scaleway IP subnets to ensure proper functionality. Access from these IPs cannot be restricted. Refer to our [peering information](https://www.scaleway.com/en/peering/) for details on all Scaleway IP prefixes.
+</Message>
+
+## How to delete an IP Address
+
+1. Locate the IP address in your allowed list.
+2. Click <Icon name="more" /> and choose **Delete**.
+3. Confirm by typing **DELETE** in the pop-up.
+4. Click **Delete allowed IP** to confirm deletion.
diff --git a/menu/navigation.json b/menu/navigation.json
@@ -1348,6 +1348,10 @@
                     "label": "Manage a Kosmos cluster",
                     "slug": "edit-kosmos-cluster"
                   },
+                  {
+                    "label": "Manage allowed IPs",
+                    "slug": "manage-allowed-ips"
+                  },
                   {
                     "label": "Connect to a cluster with kubectl",
                     "slug": "connect-cluster-kubectl"
@@ -4885,4 +4889,4 @@
     ],
     "label": "Additional Services"
   }
-]
+]
