This topic describes how to add the IP address of your host to the whitelist when you access your Alibaba Cloud Elasticsearch cluster over the Internet or a VPC.
- Log on to the Alibaba Cloud Elasticsearch console.
- In the top navigation bar, select the region where your Alibaba Cloud Elasticsearch cluster resides.
- Find the target cluster and click its ID.
- In the left-side navigation pane of the cluster details page, click Security.
- In the Network Settings section of the page that appears, turn on the Public Network Access switch, which is turned off by default.
Note If Public Network Access is enabled or you only need to configure the VPC whitelist, skip this step.
After this feature is enabled, the Public Network Access switch is in green. By default, the switch is in gray, which indicates that Public Network Access is disabled. To access your Elasticsearch cluster over the Internet, you must enable Public Network Access.
- Click Update and enter the IP address that you want to add to the whitelist.
You can enter both IP addresses and CIDR blocks in the public IP address and VPC whitelists. For example, enter
192.168.0.0/24. Separate multiple IP addresses and CIDR blocks with commas (,). You can enter
127.0.0.1to deny requests from all IPv4 addresses or enter
0.0.0.0/0to allow requests from all IPv4 addresses. A whitelist can contain up to 300 IP addresses or CIDR blocks. The following table describes the differences between the two whitelists.
Category Description Public IP address whitelist
- If your Elasticsearch cluster is deployed in the China (Hangzhou) region, you can
add IPv6 addresses to the whitelist. For example, enter
::1to deny requests from all IPv6 addresses or
::/0to allow requests from all IPv6 addresses.
- By default, requests from all public IP addresses are denied.
VPC whitelist By default, requests from all IPv4 addresses within the VPC in which the Elasticsearch cluster resides are allowed.
- If your Elasticsearch cluster is deployed in the China (Hangzhou) region, you can add IPv6 addresses to the whitelist. For example, enter
- Click OK.