| copyright | lastupdated | keywords | subcollection | ||
|---|---|---|---|---|---|
|
2019-01-28 |
specific IP addresses, IP addresses, restrict IP access, IP address access, allow IP access |
iam |
{:shortdesc: .shortdesc} {:codeblock: .codeblock} {:screen: .screen} {:new_window: target="_blank"} {:tip: .tip} {:note: .note} {:important: .important}
{: #ips}
By default, all IP addresses can be used to log in to the {{site.data.keyword.cloud}} console and access classic infrastructure APIs. You can specify which IP addresses have access, and only the specified addresses are allowed can be used and all others are restricted. {:shortdesc}
You cannot access classic infrastructure pages on https://cloud.ibm.com{: new_window} 
if you have restricted IP addresses. You must go to https://control.softlayer.com{: new_window} .
{: important}
If you have the following assigned access, you can update the restricted IP addresses for another user:
- An IAM policy with the Editor or higher role on the User management service.
- You are an ancestor in the classic infrastructure hierarchy for the user and you have the Manage users classic infrastructure permission assigned
You can manage this setting for yourself if you have the User-managed login setting enabled on your User details page. {: tip}
To restrict a user to using only specific IP addresses, complete the following steps:
- From the menu bar, click Manage > Access (IAM), and select Users.
- Select a user from the list.
- From the User details page, go to the IP address restrictions section.
- For Cloud platform, enter the IP addresses. The IP addresses listed are the only ones from which this user can log in to {{site.data.keyword.Bluemix}}.
- For Classic infrastructure, enter the IP addresses. The IP addresses listed are the only ones from which the user can call a classic infrastructure API.
To enter a classic infrastructure IP address, the user must already have a classic infrastructure API key created. {: note}