Configure a whitelist

更新时间:
复制 MD 格式

Restrict instance access to specific IP addresses or CIDR blocks by configuring a whitelist.

Public IP address whitelist

Prerequisites

You have created an instance and enabled public access.

Procedure

  1. Go to the Instances page of Microservices Engine and select the target instance's region from the top menu bar.

  2. On the Instances page, click the ID of the target instance.

  3. On the Basic Information page, click the edit icon Edit icon next to Public Whitelist Settings.

  4. In the Public Whitelist Settings dialog box, enter the allowed IP addresses, and then click OK.

    • Use CIDR notation (X.X.X.X/X). The prefix length must be 16 or greater (for example, 192.168.0.0/16 or 192.168.100.0/24).

    • Separate multiple CIDR blocks with a comma (,).

    • Setting the whitelist to 127.0.0.1/32 denies access from all IP addresses.

    • Maximum: 1,000 entries.

    • An empty whitelist allows access from any IP address, risking data exposure.

      Important

      Without authentication enabled on the Nacos engine, this exposes sensitive data. Enable Nacos client authentication before clearing the whitelist.

Private network whitelist

Prerequisites

Procedure

  1. Go to the Instances page of Microservices Engine and select the target instance's region from the top menu bar.

  2. On the Instances page, click the ID of the target instance.

  3. On the Basic Information page, in the Whitelist settings section, click the Internal Network tab, and then click Edit the internal whitelist.

  4. In the Internal Network Whitelist Settings dialog box, enter the allowed IP addresses, and then click OK.

    • Enter IP addresses in CIDR block format (X.X.X.X/X), where /X is the prefix length.

    • Separate multiple CIDR blocks with a comma (,).

    • Setting the whitelist to 127.0.0.1/32 denies access from all IP addresses.

    • An empty whitelist allows access from any private network address.

    • Maximum: 1,000 entries.